non fedora-usermgmt user creation
Enrico Scholz
enrico.scholz at informatik.tu-chemnitz.de
Tue Mar 7 16:35:05 UTC 2006
rc040203 at freenet.de (Ralf Corsepius) writes:
>> Walk me through this then, I use fedora-usermgmt to create a user for my
>> nagios package. What uid does it select, how does it select that UID,
>> and when you install it on your machine, how does it have the same UID
>> that it did when it was installed on my machine?
>
> Then Enrico also might explain how to propagate this UID to the
> NIS/LDAP server hosting a network's network-wide uids.
1. I think, it is a bad idea to manage system users in NIS/LDAP. This
adds a lot of requirements (and points of possible failures) for
starting a service:
* network must be up/working
* SSL certificates must not be expired
* NIS/LDAP server must be up
* supporting servers (DNS, firewall) must be up
I prefer /etc/passwd for system users
2. 'fedora-usermgmt' eases propagation of UIDs to NIS/LDAP servers. When
you really want it, you can write a package similarly to
'fedora-usermgmt-shadow-utils' which:
* contains /etc/fedora/usermgmt/scripts.ldap/useradd script; it will
be called with the mapped uid as the first parameter, the remaining
params are those of a plain useradd.
How you implement this 'useradd' script, is your thing. E.g. you
could parse the params there, create an ldif file and execute
'ldapadd' with a cached krb5 ticket.
* installs this script with a high 'alternatives' priority.
Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20060307/63176249/attachment.sig>
More information about the fedora-extras-list
mailing list