1 |
On Tue, 20 Jun 2006, Mike Kelly wrote: |
2 |
|
3 |
> As part of my original plans for my GLEP27 implementation, I was going to |
4 |
> have my scripts automatically add the users requested by a package (for |
5 |
> example, the cron user), to all the passwd backends listsed in |
6 |
> /etc/nsswitch.conf. However, in consultation with some folks, it seems |
7 |
> that what may be more desirable is to just add users/groups to the local |
8 |
> files/compat backends instead, and not make any changes to the remote |
9 |
> databases. |
10 |
> |
11 |
> Does anyone have any strong notion of any cases where it would be |
12 |
> excessively bad for the package manager to try adding to, say, the |
13 |
> nss_nis backend in addition to the nss_files backend, or cases where that |
14 |
> would be a strongly desired behavior? |
15 |
> |
16 |
> [1] http://thread.gmane.org/gmane.linux.gentoo.devel/39450/ |
17 |
|
18 |
In general, I only use central authentication/naming systems for real |
19 |
users, not local system users. My central authentication/naming is shared |
20 |
across a number of different operating systems, and just because a |
21 |
particular Gentoo ebuild wants to create a user named foobar doesn't mean I |
22 |
suddenly want that user to be visible on my Solaris systems... |
23 |
|
24 |
I suppose for flexibility you could have some configuration option, that I |
25 |
would prefer the option be for automatically created account to only be |
26 |
created locally -- it would be annoying to suddenly find ldap polluted with |
27 |
Gentoo specific accounts, or for emerges to fail because the Gentoo system |
28 |
has no privileges to create LDAP accounts. |
29 |
|
30 |
|
31 |
-- |
32 |
Paul B. Henson | (909) 979-6361 | http://www.csupomona.edu/~henson/ |
33 |
Operating Systems and Network Analyst | henson@×××××××××.edu |
34 |
California State Polytechnic University | Pomona CA 91768 |
35 |
-- |
36 |
gentoo-server@g.o mailing list |