[Fedora-packaging] packages which add user accounts: is fedora-usermgmt the way?

Matthias Saou thias at spam.spam.spam.spam.spam.spam.spam.egg.and.spam.freshrpms.net
Tue Sep 6 22:12:42 UTC 2005


Tom 'spot' Callaway wrote :

> On Tue, 2005-09-06 at 16:52 -0500, Steven Pritchard wrote:
> > On Tue, Sep 06, 2005 at 04:39:26PM -0500, Tom 'spot' Callaway wrote:
> > > Someone recently pointed out to me the existence of useradd -r and
> > > groupadd -r (they're Red Hat added functionality). When used, these
> > > commands create the first available UID and GID below UID_MAX and
> > > GID_MAX, as defined in /etc/login.defs.
> > > 
> > > This seems to be doing roughly the same thing as fedora-usermgt. Does
> > > this seem like an acceptable way to create system user/groups in %post?
> > 
> > My personal feeling (as a sysadmin and a packager) is that doing
> > something like this in %pre (not %post, if you want files owned by the
> > new user) is the Right Thing:
> > 
> >   %pre
> >   if ! id foo > /dev/null 2>&1 ; then
> >       /usr/sbin/useradd -r -s /sbin/nologin -c 'BAR' [...] foo
> >   fi
> > 
> > And then just *don't touch the account* on removal.  If this is the
> > stated policy, then no sysadmin can be surprised by it.  If unused
> > accounts bother them, they can do "userdel foo" manually.
> > 
> > If for some reason useradd will not work, doing this in %pre should
> > make package installation fail, right?  Then the sysadmin can go add
> > the user in LDAP/NIS/whatever and reinstall the package.
> > 
> > IMHO trying to support anything more elaborate than this is going to
> > cause more problems than it solves...
> 
> This all seems to make sense to me. Agree or disagree?

I tend to agree, and personally dislike the added complexity of this
fedora-usermgmt that got imported from the fedora.us days. But I also
think that in some cases, fixed uid/gids are best, most importantly when
chances of having files shared across machines are high, like with apache
(uid/gid 48) owned files for instance.

Matthias

-- 
Clean custom Red Hat Linux rpm packages : http://freshrpms.net/
Fedora Core release 4 (Stentz) - Linux kernel 2.6.12-1.1447_FC4
Load : 0.14 0.39 0.21




More information about the Fedora-packaging mailing list