rc040203@xxxxxxxxxx (Ralf Corsepius) writes:
>> Walk me through this then, I use fedora-usermgmt to create a user for my
>> nagios package. What uid does it select, how does it select that UID,
>> and when you install it on your machine, how does it have the same UID
>> that it did when it was installed on my machine?
>
> Then Enrico also might explain how to propagate this UID to the
> NIS/LDAP server hosting a network's network-wide uids.
1. I think, it is a bad idea to manage system users in NIS/LDAP. This
adds a lot of requirements (and points of possible failures) for
starting a service:
* network must be up/working
* SSL certificates must not be expired
* NIS/LDAP server must be up
* supporting servers (DNS, firewall) must be up
I prefer /etc/passwd for system users
2. 'fedora-usermgmt' eases propagation of UIDs to NIS/LDAP servers. When
you really want it, you can write a package similarly to
'fedora-usermgmt-shadow-utils' which:
* contains /etc/fedora/usermgmt/scripts.ldap/useradd script; it will
be called with the mapped uid as the first parameter, the remaining
params are those of a plain useradd.
How you implement this 'useradd' script, is your thing. E.g. you
could parse the params there, create an ldif file and execute
'ldapadd' with a cached krb5 ticket.
* installs this script with a high 'alternatives' priority.
Enrico
Attachment:
pgpJO8wKBEwmD.pgp
Description: PGP signature
-- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
