On Tue, Jul 05, 2005 at 07:34:16PM +0200, Enrico Scholz wrote:
System users should be in /etc/passwd because the requirements for
NIS/LDAP/whatever might not be fulfilled for early services;
e.g. openvpn will be executed before the ldap service so the 'openvpn'
user might not be resolveable at this time.
LDAP/NIS might be unwanted in certain environments also (e.g. on
firewalls, portable machines).
And those systems don't need to share files owned by system users, so
it is a non-issue.
rpm does not offer a way to determine whether a package creates an
or not. So the 'just add an ... user before installing' requires lot of
$ rpm -qp --requires openvpn-2.0-2.x86_64.rpm | grep useradd
$ rpm -qp --scripts openvpn-2.0-2.x86_64.rpm
preinstall scriptlet (using /bin/sh):
if ! id openvpn > /dev/null 2>&1 ; then
/usr/sbin/useradd -r -s /sbin/nologin -c OpenVPN -d /etc/openvpn openvpn
In the (likely far) less than 1% of cases where that's not good
enough, I can't imagine why letting the sysadmin fix any issues that
we can't possibly anticipate is a problem.
and automatic updates can not be applied.
Uh, I've been auto-updating every system I have openvpn, clamav, etc.
on for, what, a year and a half? I must not understand you.
Steven Pritchard - K&S Pritchard Enterprises, Inc.
Email: steve(a)kspei.com http://www.kspei.com/
Phone: (618)398-3000 Mobile: (618)567-7320