[Freeipa-devel] command-line arguments
Simo Sorce
ssorce at redhat.com
Fri Sep 7 14:49:45 UTC 2007
On Fri, 2007-09-07 at 10:38 -0400, Andrew C. Dingman wrote:
> On Fri, 2007-09-07 at 10:01 -0400, Simo Sorce wrote:
> > > - Can we override the uidNumber?
> > IMO, we shouldn't, is there any reason why an admin should specify an
> > uidNumber on creation ?
>
> Sometimes, usually for interoperability with other legacy systems. It's
> an option I'd miss if it weren't there, as an admin, though as a rule
> it's more useful to be able to specify a UID allocation policy than a
> specific UID.
Usually uidNumbers may have to be set for system accounts, but for user
accounts??
And this opens another debate, should we have system services accounts
in IPA?
IMO no, for v1 at least they should stay local in /etc/passwd as
unfortunately they are not at all standardized on all platforms and
linux flavors.
> >
> > > - Do we create any directories?
> > IMO, no, where would you create them? the tool may even run on a PDA
> > on
> > the other side of the world at some point, and usually it runs on the
> > admin workstation anyway.
> > Should we instead configure pam_mkhomedir by default ?
>
> I like this idea. I think it's an under-appreciated and under-used
> module.
Thanks.
Simo.
More information about the Freeipa-devel
mailing list