[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?

Michael A. Peters mpeters at mac.com
Thu Jul 7 00:40:20 UTC 2005

On Wed, 2005-07-06 at 07:31 -0400, Matthew Miller wrote:

> I often upgrade by preserving /home and a few key config files but wiping
> the system disk. Much faster than the anaconda upgrade option, with cleaner
> results. But if I do that, and the UIDs used by packages at install time
> change, there will be mis-owned files on the system.

A system service should NOT have a home directory in /home so all of the
UIG/GID in /home should be above 500.

> > For machines that share data, IMHO the proper way is to put all accounts
> > with distributed files in a UID management thing like LDAP or NIS. It
> As previously mentioned, that's not the right thing for system accounts. For
> example, it doesn't help the above situation.

system accounts should not have home directories in /home anyway.
If someone packages a fedora or extras package that uses a system
account and has a directory in /home that is a packaging bug.

But really - just like you need to preserve your ssl keys, a sysadmin
should preserve /etc/passwd and /etc/group. I never personally
save /etc/shadow - I just use the saved /etc/passwd to recreate users
keeping uid/gid the same.

More information about the Fedora-packaging mailing list