On Tue, 6 Mar 2018 14:24:27 +0000
Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> wrote:
> On Tue, Mar 06, 2018 at 01:03:30PM +0100, Steve Grubb wrote:
> > On Mon, 5 Mar 2018 23:11:12 +0000
> > Zbigniew Jędrzejewski-Szmek <zbyszek@xxxxxxxxx> wrote:
> >
> > > - somewhat independently, systemd-sysusers has been beefed up so
> > > it is possible to use it to create system users before any files
> > > are installed on disk, but honouring admin overrides. In short,
> > > we now recommend the following invocation to create users for an
> > > rpm which contains files owned by those users:
> > >
> > > %sysusers_create_package %{name} %SOURCEN
> > >
> > > where %SOURCEN is the tmpfiles.d config file which will be
> > > installed by package. This expands to
> > >
> > > echo "u NAME - -" | systemd-sysusers
> > > --replace=/usr/lib/sysusers.d/NAME.conf - >/dev/null 2>&1 || :
> > >
> > > and the "u NAME - -" configuration is applied with a priority
> > > that /usr/lib/sysusers.d/NAME.conf normally has (so e.g.
> > > /etc/sysusers.d/NAME.conf will override this).
> > >
> > > [1]
> > > https://raw.githubusercontent.com/systemd/systemd/master/NEWS
> >
> > How does this interact with useradd and groupadd? Does this replace
> > them? And if so, does this send the required audit events?
>
> It's a very simple tool to create system users and group
> in /etc/passwd. It just creates entries
> in /etc/{passwd,group,shadow}, and does not interact with audit in
> any way afaik.
OK. We need it to. I can help you with the events if you can point me
to the code that creates the account/group.
Thanks,
-Steve
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
