[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?
Steven Pritchard
steve at silug.org
Tue Sep 6 21:52:21 UTC 2005
On Tue, Sep 06, 2005 at 04:39:26PM -0500, Tom 'spot' Callaway wrote:
> Someone recently pointed out to me the existence of useradd -r and
> groupadd -r (they're Red Hat added functionality). When used, these
> commands create the first available UID and GID below UID_MAX and
> GID_MAX, as defined in /etc/login.defs.
>
> This seems to be doing roughly the same thing as fedora-usermgt. Does
> this seem like an acceptable way to create system user/groups in %post?
My personal feeling (as a sysadmin and a packager) is that doing
something like this in %pre (not %post, if you want files owned by the
new user) is the Right Thing:
%pre
if ! id foo > /dev/null 2>&1 ; then
/usr/sbin/useradd -r -s /sbin/nologin -c 'BAR' [...] foo
fi
And then just *don't touch the account* on removal. If this is the
stated policy, then no sysadmin can be surprised by it. If unused
accounts bother them, they can do "userdel foo" manually.
If for some reason useradd will not work, doing this in %pre should
make package installation fail, right? Then the sysadmin can go add
the user in LDAP/NIS/whatever and reinstall the package.
IMHO trying to support anything more elaborate than this is going to
cause more problems than it solves...
Steve
--
Steven Pritchard - K&S Pritchard Enterprises, Inc.
Email: steve at kspei.com http://www.kspei.com/
Phone: (618)398-3000 Mobile: (618)567-7320
More information about the Fedora-packaging
mailing list