> > On Dec 2, 2007 7:40 AM, UNIX admin <[EMAIL PROTECTED]> wrote: > > > > This is debatable ... Can you provide pros and cons > > > for this from your > > > point of view? > > > > For example, I have a package that delivers /.cshrc, /.login and > > /.logout. Determining root's home directory via public interfaces is > > unreliable, namely because such public interfaces aren't well defined. I > > could look directly into /etc/passwd, but as "Indiana" clearly shows now, > > there is no guarantee whatsoever, that home directory field will be at a > > fixed position. I could also use `finger`, but there's no guarantee that the > > output won't change, thereby breaking my regex parser for it. For crying out > > loud, they broke the output of `uname -a`. > > >
"getent passwd root" should be a little more reliable, this works if the user is in ldap/nis. > > > > > > > And so what if there are a few /.*rc files laying around in /? How is > > that a problem? But moving root's home account around does break customer's > > software. > > In our case, we have several public solaris 10 shell servers. We have been changing the path of root, to /root so we have a secure place to put files we don't want to give users access to (rsa keys, etc, before they are installed). It's a lot cleaner than setting the umask, and safer than remembering to check file permissions every time (not to mention cluttering "/"). In the case that you're complaining about (just a few .rc files, whats the problem?), it seems very unlikely that root's home directory would be used for any application critical scripts anyway. In the case where it is *too hard* to find root's home dir, making the bold assumption of "/" would still work, as long as they were consistent, and used absolute paths. > > > > > > The promise of SunOS is that it would remain backward and forward > > compatible; that is why environments that need to be super-stable and > > super-reliable prefer it over any other operating system. > > > getent seems to work in all cases. As long as whatever custom scripts exist on the system don't make bold assumptions about this, there shouldn't be a problem. > > > > > This message posted from opensolaris.org > > _______________________________________________ > > opensolaris-discuss mailing list > > opensolaris-discuss@opensolaris.org > > > >
_______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
