Bug#988499: systemd: New sgx group looks overly generic and prone to collision

Guillem Jover guillem at debian.org
Fri May 14 11:17:42 BST 2021 

Control: forwarded -1 https://github.com/systemd/systemd/issues/19610

On Fri, 2021-05-14 at 11:34:37 +0200, Michael Biebl wrote:
> Am 14.05.21 um 11:17 schrieb Guillem Jover:
> > The version in experimental introduced a new system group called sgx
> > which has an overly generic name with the potential to collide with
> > user and group names, say their initials. Could it be rename to use
> > the system name convention of prefixing it with «_»?
> 
> I fear, that unfortunately this ship has sailed when it comes to naming
> conventions. While I like the "_" prefix (e.g. much better then Debian-),
> it's unfortunately not commonly used.
> None of the groups defined in /usr/lib/sysusers.d/basic.conf use it.
> "sgx" is supposed to be used in the same way as "audio", "video", "kmem",
> "render" afaiu, none of those use the "_" prefix.

Right, I checked the other instances and they seemed somewhat more scoped
than sgx. Even thought it would indeed be nice to use a consistent
namespacing there, but…

> That said, you might try to raise this upstream.
> I won't, I already had my share of confrontation on this issue, see
> https://github.com/systemd/systemd/pull/18944
> So I'm probably not the best person to bring this up again.

Hmm, ok, I've submitted a report upstream, but have no high hopes of
that being accepted.

On Fri, 2021-05-14 at 11:40:12 +0200, Michael Biebl wrote:
> Am 14.05.21 um 11:34 schrieb Michael Biebl:
> > "sgx" is supposed to be used in the same way as "audio", "video",
> > "kmem", "render" afaiu, none of those use the "_" prefix.
> 
> Personally, I don't see the nee for this "sgx" group, tbh, as it looks to be
> very use case specific and will require explicit configuration anyway.
> But if the point is, to provide a "well known" group that other, 3rd party
> software can use, then renaming it kinda defeats the point and I'd rather
> revert this upstream change then renaming the group.

In the Debian context either a renamed group or a removed group would
do for me. But this would still be a problem with upstream, and might
mean projects start to rely on this name given that systemd upstream
defines it, and might end up hardcoding it anyway in their code. :/

Thanks,
Guillem

More information about the Pkg-systemd-maintainers mailing list