On 5/3/07, Laszlo (Laca) Peter <laca at sun.com> wrote: > Hi Thomas, > > This is a difficult question... > > On Wed, 2007-05-02 at 22:12 +0200, Thomas Wagner wrote: > > as an example, if I want to create a SMF entry for a daemon. > > > > To run the daemon with a specific, non-provileged userid, a > > separate user has to be created and the name will be stored > > in a SMF-propery. > > > > How should a SFE package behave at pkgadd: > > > > 1) if the userid is missing, just create it with useradd > > and let solaris choose the next free numeric ID > > I'm sure that many sysadmins won't like this. Like you say > below, they can create it before installing the package, > but how do they find out that they are supposed to do that?
What I don't like is having to do something outside the package installation process. Packages already choose usernames and userids, so we're already used to it. > > 2) ask the user about the username / userid > > No, interactive package installation is not a good idea. Well, for standalone installation, I usually run it interactively the first time anyway. And then I could use pkgask to create a response file. So I'm quite happy with this approach. > > 3) provide a script, to be edited by the user after > > pkginstall and run manually > > no SMF property would be created, user has to read > > SFE<package>-README/INSTALL files > > Hmm... too much manual work... Way too much work. It should all be done by installation in one go. > > 4) choose e.g. nobody and let the user change this > > in SMF, chown files if already created by the daemon > > (logs, databases, ...) Users won't, so there would be no point to having a separate user. > > I would like to do 1) as many (all?) distros do. If an > > Administrator does not want the generated userid, he can > > create it before pkgadd. > > Perhaps another option is a preinstall script that checks > if the user id exists and if not, if stops with a message > explaining what to do and exit 1. I don't like that - I would much rather have it just create it or let me supply a response file. -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/
