[Pkg-giraffe-discuss] preparations for kopanocore 8.3.x (or 8.4.x)

Simon Eisenmann s.eisenmann at kopano.com
Thu Jul 27 13:00:56 UTC 2017



-----Original message-----
> From:Jan Engelhardt <jengelh at inai.de>
> Sent: Thursday 27th July 2017 14:46
> To: Simon Eisenmann <s.eisenmann at kopano.com>
> Cc: pkg-giraffe-discuss at lists.alioth.debian.org; Mark Dufour <m.dufour at kopano.com>; c.schoenert at t-online.de
> Subject: Re: [Pkg-giraffe-discuss] preparations for kopanocore 8.3.x (or 8.4.x)
> 
> 
> On Thursday 2017-07-27 14:28, Simon Eisenmann wrote:
> >
> >I do not agree - the installer gear should have the final say on this case. After all it creates the u
> >ser and should pin to the user it created on installation IMHO. 
> >Also the default user kopano in the software is always only going to work if that user actually exists
> >. I think it should run as the user it is started with unless configured otherwise.
> 
> kopano-server has the same behavior as postfix, and I see no reason to change
> that. Especially as it would then create root-owned attachments that cannot
> be read later when "normally" running k-s under unprivileged user.

Well root is just another user. If the user is changed ownerships of existing files/folders need to be changed too sure. But this is not my point. It should be possible to run kopano-server as a normal user even if that happens to have the user id 0. This is quite common behavior in sandboxes based on capabilities - so there are some use cases to change the behavior in the future, eg. when we might want to ship kopano as a snap or within another container where everything happily runs root / secured by other means than users.

Back to topic, i still think the user configuration should be pinned in the configuration file by the same system which also created the corresponding user, no matter what the default behavior is, will be or has been.

Cheers
Simon



More information about the Pkg-giraffe-discuss mailing list