Subject: Re: pkg added accounts and YP/NIS
To: grant beattie <>
From: Johnny C. Lam <>
List: tech-pkg
Date: 02/24/2005 10:20:29
grant beattie wrote:
> On Wed, Feb 23, 2005 at 03:00:14PM -0500, Johnny Lam wrote:
>>J.T. Conklin wrote:
>>>I'm using YP/NIS for centralized account management, and just noticed
>>>various packages have added new accounts that just happen to have the
>>>same uid/gid as "real" accounts.  (Actually, it appears that packages
>>>are picking the next free uid; the conflict occurs when the NIS admin
>>>adds a new user, having no idea that a uid has been assigned).
>>>Is there a way to restrict the package infrastructure to select uid's
>>>from a "local" range?
>>The package install scripts use user(8) to create the new users, and I 
>>think you can create an /etc/usermgmt.conf file to specify the range of 
>>uids from which you'd like for user(8) to allocate.  See 
>>usermgmt.conf(5) for more information.
> that helps on NetBSD, but we should probably come up with a more
> general solution...

There are no cross-platform useradd tools that we can use, and there is 
no deep yearning within me to write wrappers around each platform's 
native user management tools, so if a NetBSD-compatible user(8) and 
group(8) don't exist, then that platform should default to 
PKG_CREATE_USERGROUP=no so that the admin is prompted at pre-install 
time to create the users/groups manually.  On my own NetBSD systems, I 
default to PKG_CREATE_USERGROUP=no anyway just so I can more precisely 
control the uids and gids allocated on my systems.


	-- Johnny Lam <>