| 1 |
On Tue, 20 Jun 2006, Mike Kelly wrote: |
| 2 |
|
| 3 |
> As part of my original plans for my GLEP27 implementation, I was going to |
| 4 |
> have my scripts automatically add the users requested by a package (for |
| 5 |
> example, the cron user), to all the passwd backends listsed in |
| 6 |
> /etc/nsswitch.conf. However, in consultation with some folks, it seems |
| 7 |
> that what may be more desirable is to just add users/groups to the local |
| 8 |
> files/compat backends instead, and not make any changes to the remote |
| 9 |
> databases. |
| 10 |
> |
| 11 |
> Does anyone have any strong notion of any cases where it would be |
| 12 |
> excessively bad for the package manager to try adding to, say, the |
| 13 |
> nss_nis backend in addition to the nss_files backend, or cases where that |
| 14 |
> would be a strongly desired behavior? |
| 15 |
> |
| 16 |
> [1] http://thread.gmane.org/gmane.linux.gentoo.devel/39450/ |
| 17 |
|
| 18 |
In general, I only use central authentication/naming systems for real |
| 19 |
users, not local system users. My central authentication/naming is shared |
| 20 |
across a number of different operating systems, and just because a |
| 21 |
particular Gentoo ebuild wants to create a user named foobar doesn't mean I |
| 22 |
suddenly want that user to be visible on my Solaris systems... |
| 23 |
|
| 24 |
I suppose for flexibility you could have some configuration option, that I |
| 25 |
would prefer the option be for automatically created account to only be |
| 26 |
created locally -- it would be annoying to suddenly find ldap polluted with |
| 27 |
Gentoo specific accounts, or for emerges to fail because the Gentoo system |
| 28 |
has no privileges to create LDAP accounts. |
| 29 |
|
| 30 |
|
| 31 |
-- |
| 32 |
Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ |
| 33 |
Operating Systems and Network Analyst | henson@×××××××××.edu |
| 34 |
California State Polytechnic University | Pomona CA 91768 |
| 35 |
-- |
| 36 |
gentoo-server@g.o mailing list |
Archives