An idea on extending the "Package users" approach
eric at mysql.com
Wed Jan 7 01:52:31 PST 2009
Angel Tsankov wrote:
> In his hint "Package users" Matthias Benkmann recommends to name the
> primary group of a package user after the user name. But why
> duplicate information instead of extending it?! Couldn't we name the
I continue to find the simple "duplicate info" of user and group to very
Having given some thought to what I might want to do with the
opportunity (create sub-groups or whatever), I eventually decided that
there was nothing that was as useful and the simplicity of the same user
and group approach.
Of course the command line duplication when installing a new package is
irritating, so if you know that's the approach you're going to use,
modify the script to only pass in the variable once.
But, probably the most interesting extension of package users that I
feel others might benefit from is an idea I had for dealing with ldconfig.
It's quite simple really. Create a special user for ldconfig, and set
the suid bit so any member of the install group can run /sbin/ldconfig
and make sure that /etc/ld.so.cache is owned by the ldconfig user.
(ldconfig is a member of the install group)
root:/# ls -l /sbin/ldconfig
-rwsr-xr-- 1 ldconfig install 866314 Aug 4 19:44 /sbin/ldconfig
root:/# ls -l /etc/ld.so.cache
-rw-r--r-- 1 ldconfig glibc 7908 Dec 20 12:46 /etc/ld.so.cache
Oddly, because the group is recorded, we can see that glibc was the last
user to run ldconfig.
Eric Herman, Software Developer
Sun MySQL www.mysql.com
Mobile: +31 62 071 9662
More information about the lfs-chat