Re: Namespace for system users
- Date: Sat, 9 Feb 2019 12:44:39 +0000
- From: Simon McVittie <smcv@xxxxxxxxxx>
- Subject: Re: Namespace for system users
On Sat, 09 Feb 2019 at 13:10:27 +0100, Philipp Kern wrote:
> Obviously an increasing number of accounts leads to a much increased risk of
> collisions with system users as created by Debian packages.
This topic comes up every so often and doesn't ever seem to come to a
One complicating factor is that after a package has created its system
user, renaming that system user is difficult and has a high regression
risk, so most packages that already have a system user will need a
permanent exception from whatever naming policy we choose.
> I think FreeBSD (among others?) picked
> the underscore at the front of the username. Intuitively that feels like a
> somewhat clean proposal that is also friendly to derivatives.
This seems a good idea to me, and if I remember correctly, it is the
closest there has been to a consensus. _apt is a prominent example.
Names that contain a dash and are namespaced by the name of an upstream
project (systemd-network, libvirt-qemu, quake2-server) or are namespaced
by Debian (Debian-gdm, debian-tor) also seem reasonably unlikely to
I think it would be a good idea to deprecate system user names that don't have
any particular punctuation (avahi, clamav, messagebus, uuidd), although again,
fixing existing instances of this anti-pattern is problematic.