[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?

Steven Pritchard steve at silug.org
Tue Jul 5 18:32:22 UTC 2005

On Tue, Jul 05, 2005 at 07:34:16PM +0200, Enrico Scholz wrote:
> System users should be in /etc/passwd because the requirements for
> NIS/LDAP/whatever might not be fulfilled for early services;
> e.g. openvpn will be executed before the ldap service so the 'openvpn'
> user might not be resolveable at this time.
> LDAP/NIS might be unwanted in certain environments also (e.g. on
> firewalls, portable machines).

And those systems don't need to share files owned by system users, so
it is a non-issue.

> rpm does not offer a way to determine whether a package creates an user
> or not. So the 'just add an ... user before installing' requires lot of
> manual work,

$ rpm -qp --requires openvpn-2.0-2.x86_64.rpm | grep useradd
$ rpm -qp --scripts openvpn-2.0-2.x86_64.rpm 
preinstall scriptlet (using /bin/sh):
if ! id openvpn > /dev/null 2>&1 ; then
    /usr/sbin/useradd -r -s /sbin/nologin -c OpenVPN -d /etc/openvpn openvpn

In the (likely far) less than 1% of cases where that's not good
enough, I can't imagine why letting the sysadmin fix any issues that
we can't possibly anticipate is a problem.

> and automatic updates can not be applied.

Uh, I've been auto-updating every system I have openvpn, clamav, etc.
on for, what, a year and a half?  I must not understand you.

Steven Pritchard - K&S Pritchard Enterprises, Inc.
Email: steve at kspei.com             http://www.kspei.com/
Phone: (618)398-3000               Mobile: (618)567-7320

More information about the Fedora-packaging mailing list