rpms/tinyerp/FC-3 tinyerp.spec,1.7,1.8
Dan Horák
dan at danny.cz
Fri Dec 16 09:05:41 UTC 2005
I think that I as the packager can say something too :-)
> 1. Why /bin/bash?
> /bin/bash should _never_ be used for reserved accounts - It's a security
> risk.
>
There are two thing - running a pure application as root or having an
user for it. Some real shell is needed because the startup script does
"su -l tinyerp -c /tmp/real_startup_script". And only root can login to
this account (at least on my FC4). If there is an other way how to do
it, please, let me know.
My goals were - be able to run the server from init.d during system
startup (and not from user's terminal), store the logs somewhere
in /var/log, use a config file instead of built-in defaults, ...
Yes, better variant is to improve tinyerp's own server capabilities. But
I am not a Python guru, so I have choosen this way.
> 2. You this %pre rule will have no effect if the user already exists.
> => This won't work.
>
> 3. Why fedora-useradd?
>
> * Use literal account name instead of numerical ones and a plain
> user-add probably will be sufficient.
> * IMO, fedora-usermgt is a design wart that should not be used anywhere.
Using fedora-usermgmt was suggested to me by Tom 'Spot' Callaway, the
original tinyerp packager as the way how to do it in Fedora. It would be
nice to have such method for adding application-dependent users in other
distributions too.
Dan
More information about the fedora-extras-list
mailing list