[Freeipa-devel] [PATCH 494] install: create kdcproxy user during server install

Jan Cholasta jcholast at redhat.com
Wed Sep 23 11:37:17 UTC 2015 

On 23.9.2015 12:49, Christian Heimes wrote:
> On 2015-09-23 12:40, Jan Cholasta wrote:
>> On 23.9.2015 11:44, Christian Heimes wrote:
>>> On 2015-09-23 10:54, Jan Cholasta wrote:
>>>>> Correction, the HTTP server works, but it spits lots of errors in
>>>>> error_log about /var/lib/kdcproxy not existing.
>>>>>
>>>>> Is the KDCProxy supposed to be installked/enabled on upgrade ?
>>>>> If not, why not ?
>>>>> Even if it is not enabled, shouldn't the user be created just in case ?
>>>>
>>>> Fixed, patch attached.
>>>
>>> I haven't tested the patch yet. It looks like the kdcproxy user doesn't
>>> own its home directory. Please chown /var/lib/kdcproxy.
>>
>> I can't chown it because the user may not exist at RPM install time. It
>> doesn't matter anyway, since nothing is ever stored in the directory and
>> KDC proxy works just fine. The same thing is done for the DS user and
>> nobody complained so far, so I assumed it should be OK for KDC proxy as
>> well.
>
> I think we have a slight misunderstanding here. :) Of course you can't
> set the owner at RPM install time. I wasn't talking about chown-ing the
> directory in RPM, but chown-ing the directory after or inside the
> tasks.create_system_user() call. Sorry for the confusion!
>
> AFAIK neither mod_wsgi nor python-kdcproxy need a writeable home
> directory. It's not guaranteed for eternity, though.

OK. Updated patch attached. Added patch 496, please apply before 495.

-- 
Jan Cholasta
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-496-platform-add-option-to-create-home-directory-when-ad.patch
Type: text/x-patch
Size: 2454 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150923/a1fc19b0/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-jcholast-495.1-install-fix-kdcproxy-user-home-directory.patch
Type: text/x-patch
Size: 2446 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20150923/a1fc19b0/attachment-0001.bin>

More information about the Freeipa-devel mailing list