[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?
Steven Pritchard
steve at silug.org
Tue Jul 5 18:32:22 UTC 2005
On Tue, Jul 05, 2005 at 07:34:16PM +0200, Enrico Scholz wrote:
> System users should be in /etc/passwd because the requirements for
> NIS/LDAP/whatever might not be fulfilled for early services;
> e.g. openvpn will be executed before the ldap service so the 'openvpn'
> user might not be resolveable at this time.
>
> LDAP/NIS might be unwanted in certain environments also (e.g. on
> firewalls, portable machines).
And those systems don't need to share files owned by system users, so
it is a non-issue.
> rpm does not offer a way to determine whether a package creates an user
> or not. So the 'just add an ... user before installing' requires lot of
> manual work,
$ rpm -qp --requires openvpn-2.0-2.x86_64.rpm | grep useradd
/usr/sbin/useradd
$ rpm -qp --scripts openvpn-2.0-2.x86_64.rpm
preinstall scriptlet (using /bin/sh):
if ! id openvpn > /dev/null 2>&1 ; then
/usr/sbin/useradd -r -s /sbin/nologin -c OpenVPN -d /etc/openvpn openvpn
fi
[...]
In the (likely far) less than 1% of cases where that's not good
enough, I can't imagine why letting the sysadmin fix any issues that
we can't possibly anticipate is a problem.
> and automatic updates can not be applied.
Uh, I've been auto-updating every system I have openvpn, clamav, etc.
on for, what, a year and a half? I must not understand you.
Steve
--
Steven Pritchard - K&S Pritchard Enterprises, Inc.
Email: steve at kspei.com http://www.kspei.com/
Phone: (618)398-3000 Mobile: (618)567-7320
More information about the Fedora-packaging
mailing list