https://bugzilla.redhat.com/show_bug.cgi?id=1457929 --- Comment #4 from Honza Horak <hhorak@xxxxxxxxxx> --- (In reply to Pavel Raiskup from comment #3) > > 1. There is the question regarding the user/group. > > I would prefer to discuss this with mysql/mariadb maintainers, so I'm CCing > Michal/Honza. My personal preference is somewhere between 1.3 or 1.4, though > that's my POV; reasoning is that it is pretty ugly to create the same users > and UIDs in several spec files. I'm still thinking about whether running ProxySQL as `mysql` user has even some security issues (where a hacked proxysql daemon might potentially be able to read the MySQL database data on the same machine). I think this won't happen much in practice anyway, since proxysql won't probably run on the same machine as MySQL/MariaDB server, but still, the more I think about it, the more I like 1.3 as the solution.. On the other hand I'm also thinking whether there is some use case for having the same user for ProxySQL, as for mysql/mariadb server -- I think this is another thing that might be consulted with the upstream author. If there is no reason for that, we might be fine with creating proxysql user and even dynamic UID. That would probably make better sense given the ProxySQL uses a directory /var/lib/proxysql, which might be the home for the proxysql user as well. Anyway, as for the user creation, if we would go with the mysql user -- I've talked to ovasik about what other packages do about this issue (when more package require the same user to be existing) and usually the packages just duplicate the user creation. The scriptlet should just properly check, whether the user is already installed or not: https://fedoraproject.org/wiki/Packaging:UsersAndGroups#Soft_static_allocation -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
