[Pkg-openldap-devel] Upload to fix the slurpd spool directory or ?

Torsten Landschoff torsten at debian.org
Thu May 25 22:11:43 UTC 2006


Hi Matthijs, 

On Thu, May 25, 2006 at 10:37:00PM +0200, Matthijs Mohlmann wrote:

[Creating an OpenLDAP user]
> Postpone it to after the release ? We have until 7 August 2006
> (according to the mail from Steve Langasek on 14 Oct 2005) so I think
> it's perfectly time to do it. After that date, we need to stabilize and
> see that we fix every bug we can. (I hope this is a right understanding ;))

I think it is not, but he is reading this list so it's up to him to
correct our understandings. I'd say that our goal will be to stabilize
OpenLDAP well before August 7. But still, this should be enough time
for integrating that non-root feature... Sorry for not reading your
email before, Steve ;-)

> AFAIK, a lot of people are doing that in the postinst / preinst scripts.
> For example postfix, amavisd-new, cyrus-imapd, clamav-base, etc are
> creating a user in the postinst.
> 
> Proposed implementation:
> if [ -z "`getent group openldap`" ]; then
>   addgroup --quiet --system openldap
> fi
> if [ -z "`getent passwd openldap`" ]; then
>   adduser --quiet --system --home /var/lib/ldap --shell /bin/false
> - --ingroup openldap --disabled-password --disabled-login --gecos
> "OpenLDAP" openldap
> fi

Yes, I know. I have already stumbled across this "feature" in a number
of packages. Basically it can break stuff if you run a server and a
number of clients as I did. My memory being as it is I can't name a good
example how I have been bitten by this so I just can suggest we are 
careful about this ;)

> On removal of the user:
> deluser --system openldap > /dev/null || true

I don't like the "|| true" part.

> I think this is the right way to add/remove a user from the system.
 
I think you are right for a standalone system ;-) But, hell, let's put
it in, if that is how others are doing it...

Greetings

	Torsten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20060526/59987bef/attachment.pgp


More information about the Pkg-openldap-devel mailing list