[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?
Michael A. Peters
mpeters at mac.com
Thu Jul 7 00:40:20 UTC 2005
On Wed, 2005-07-06 at 07:31 -0400, Matthew Miller wrote:
> I often upgrade by preserving /home and a few key config files but wiping
> the system disk. Much faster than the anaconda upgrade option, with cleaner
> results. But if I do that, and the UIDs used by packages at install time
> change, there will be mis-owned files on the system.
A system service should NOT have a home directory in /home so all of the
UIG/GID in /home should be above 500.
> > For machines that share data, IMHO the proper way is to put all accounts
> > with distributed files in a UID management thing like LDAP or NIS. It
> As previously mentioned, that's not the right thing for system accounts. For
> example, it doesn't help the above situation.
system accounts should not have home directories in /home anyway.
If someone packages a fedora or extras package that uses a system
account and has a directory in /home that is a packaging bug.
But really - just like you need to preserve your ssl keys, a sysadmin
should preserve /etc/passwd and /etc/group. I never personally
save /etc/shadow - I just use the saved /etc/passwd to recreate users
keeping uid/gid the same.
More information about the Fedora-packaging