Dax Kelson wrote: > Bob Proulx wrote: > > if ! grep -q '^myuser:' /etc/group; then > > groupadd -g 26 myuser 2>/dev/null || true > > fi > > if ! grep -q '^myuser:' /etc/passwd; then > > useradd -u 26 -o -g 26 -c Myuser -d /var/myuser -s /bin/false myuser 2>/dev/null || true > > fi > > A better check that takes into account LDAP/NIS, etc is to use the > "gentent" command. I am thinking that the most portable way would be to actually chgrp and chown something and create the group and user if it fails. On at least one of my systems the useradd command fails if the user exists in NIS/YP regardless of it not existing in /etc/passwd. Which I think is not good IMNHO because later if you disable NIS you are left without a user for the daemon. Arguably this is a problem with the useradd implementation and not something your package script can do anything about though. [But it leads me to want to stop nis before running the test and then enabling it afterward. Not a good idea for other reasons but I have desired to do it to get the entry in the /etc/passwd file.] Looking at other packages it looks like they unconditionally run useradd without looking to see if the user existed first and ignore any failure from the command. And since the current suggestions are to ignore all errors I guess it is not necessary to look first. So I suppose just doing it unconditionally is appropriate. > Also, best practice is to use the "-r" switch to user/groupadd to create > system accounts with low ids. Good call. The man page I was looking at for useradd was an older one and did not have the -r option listed. But I see that newer versions do have that option documented. Bob
