[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?
Tom 'spot' Callaway
tcallawa at redhat.com
Tue Sep 6 22:03:44 UTC 2005
On Tue, 2005-09-06 at 16:52 -0500, Steven Pritchard wrote:
> On Tue, Sep 06, 2005 at 04:39:26PM -0500, Tom 'spot' Callaway wrote:
> > Someone recently pointed out to me the existence of useradd -r and
> > groupadd -r (they're Red Hat added functionality). When used, these
> > commands create the first available UID and GID below UID_MAX and
> > GID_MAX, as defined in /etc/login.defs.
> > This seems to be doing roughly the same thing as fedora-usermgt. Does
> > this seem like an acceptable way to create system user/groups in %post?
> My personal feeling (as a sysadmin and a packager) is that doing
> something like this in %pre (not %post, if you want files owned by the
> new user) is the Right Thing:
> if ! id foo > /dev/null 2>&1 ; then
> /usr/sbin/useradd -r -s /sbin/nologin -c 'BAR' [...] foo
> And then just *don't touch the account* on removal. If this is the
> stated policy, then no sysadmin can be surprised by it. If unused
> accounts bother them, they can do "userdel foo" manually.
> If for some reason useradd will not work, doing this in %pre should
> make package installation fail, right? Then the sysadmin can go add
> the user in LDAP/NIS/whatever and reinstall the package.
> IMHO trying to support anything more elaborate than this is going to
> cause more problems than it solves...
This all seems to make sense to me. Agree or disagree?
Tom "spot" Callaway: Red Hat Senior Sales Engineer || GPG ID: 93054260
Fedora Extras Steering Committee Member (RPM Standards and Practices)
Aurora Linux Project Leader: http://auroralinux.org
Lemurs, llamas, and sparcs, oh my!
More information about the Fedora-packaging