Package User package management

Mike McCarty Mike.McCarty at
Thu Apr 2 21:48:55 PDT 2009

Support wrote:
> Mike McCarty wrote:
>> I've been at the end of Chapter 5 pondering package management,
>> and have finally decided to give the package user method a try.
>> I don't like overburdening /etc/passwd with a lot of junk entries,
>> but then the benefits look pretty good. In fact, it looks like
>> a good idea even if another package manager is used to manage
>> the installs and database entry.
>> One slightly confusing point, though, is why the package management
>> tools don't get installed using the package user philosophy. Why
>> aren't the tools themselves installed into the chroot environment
>> using the temporary tools in /tools? ISTM that the first package
>> to get installed should be package-user, not linux-libc-headers.
>> Is there some reason that isn't done, that I've overlooked?
>> Mike
> Chapter was just the temporary system, you begin packaging everything in 
> chapter 6 if you want package management.  Only thing I don't like about 

That's what I'm asking about. I guess I wasn't clear. I don't understand
why the first package installed in Chapter 6, per the Hint, is
libc-headers instead of the package manager. ISTM that the first
package installed in the "real" system, that is the chroot environment,
should be whatever package manager is being used, and it should be
installed using itself.

> the create user accounts method is exactly what you state, if 
> /etc/passwd gets too full, running your eye over it to ensure nothing 
> new and suspicious has cropped up becomes much harder.  Just my 2 cents :)

I guess there is no perfect system. I've used several, and each has
advantages and disadvantages. Many of the better ones are not so
suited for LFS because they are heavily optimized toward the
"build one, install many" world, which is suboptimal for most
LFS systems, I trow.

I like to use tripwire, which catches changes to /etc/passwd
and /etc/shadow, and one can also write a simple special tool
to watch for changes to those files, which ignore entries in
some file maintained by the package manager. That might be
a reasonable solution. It could run as a cron job, and e-mail
root when it finds "unusual" changes that is, changes not
already white listed by the package manager.

Oppose globalization and One World Governments like the UN.
This message made from 100% recycled bits.
You have found the bank of Larn.
I speak only for myself, and I am unanimous in that!

More information about the lfs-support mailing list