[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?

Jeff Spaleta jspaleta at gmail.com
Wed Sep 7 15:43:39 UTC 2005


On 9/7/05, Christian.Iseli at licr.org <Christian.Iseli at licr.org> wrote:
> And then the admin who wants to customize package foo can run:
> $ foo_UID=1012 rpm -ivh foo-1.0-1.blah.rpm
> or
> $ foo_UID=1012 yum install foo

this very much assumes that you know exactly what packages by name you
want to install. When using rpm on the cmdline that might very well be
the case, since you are forced to explictly add deps to the calling
command. Using yum groupinstall or yum install which pulls in deps is
going to quickly lead to problems unless you do a lot of work
reviewing exactly which packages are going to be installed so you can
setup the environment variables for each package that might be pulled
in via an install request. Fragile very very fragile. And as soon as
we start seeing gui yum-aware tools mature, having to manipulate
environment variables is going to seem a bit more arcane. I can only
imagine how much fun playing with all those per package environment
variables would be in a kickstarted yum-aware install. Ideally a
solution that will work equally well for whatever rpm-aware/yum-aware
tool that local admin wants to use. Packages that use the
fedora-usermgmt approach should work equally well for whatever package
mangement tool you choose to use.

Assuming there is no perfect solution here..exactly what is the
drawback with the fedora-usermgmt approach compared to other
approaches. Is complexity the only percieved problem? Its going to be
a much bigger maintainence problem over time trying to have each
packager write and maintain their own scriplet logic.... especially
when there is no clear policy on the specifics on uid/gid creation to
follow moving forward. The more logic you can shove off into an
on-system script the more freedom you have to adjust the default
policy on down the road without having to rebuild the world to adjust
each specfile.  Having individual packagers implement the full script
in individual specfiles is asking for the approach to be
cast-in-stone.

Considering the lack of consensous so far among the informed people in
this discussion, I would strongly encourage avoiding hardwiring this
policy into individual specfiles to avoid more "historical" problems
in the future. Pick a wrapper solution, adjust the wrapper as needed
as thoughts on the specifics evolve.

-jef




More information about the Fedora-packaging mailing list