[Yum] RFE discussion.... Scan for missing users and group prior to install
Alexander Todorov
atodorov at redhat.com
Mon Jul 28 06:21:24 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Nifty nifty.hat Mitch wrote:
| Is yum a good place to look for and optionally add users and groups that are
expected
| by packages. Or is this something that rpm should address.
|
This should be handled by the package pre or post install scripts.
| I commonly see a package install message that foo.package is installing
| files as "root" because user "fooadministrator" is missing. In some
This is because the spec file for this package is faulty. Always report a bug
against the package so it can be fixed.
| cases there is a risk of loss of security and containment of a hacker should
| a flaw be exploited in the package.
|
| In an ideal world I would like the opportunity to add the user/group
| (or not) then install the package.
|
In the ideal world all packages will be sane and no such thing needs to be added
to yum. This is not a good idea at all.
| Thanks,
| mitch
|
|
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org
iD8DBQFIjWVjhmd3WOiFct4RCqnYAKCa3R/qKyeaDH2VX0W9W1aGLUTXDACghFFt
jxzym3DqRReeFXNKpYfoFPY=
=Rlr2
-----END PGP SIGNATURE-----
More information about the Yum
mailing list