[csw-maintainers] Creation of users and groups added to cswclassutils

Philip Brown phil at bolthole.com
Mon Feb 9 23:29:01 CET 2009


On Mon, Feb 09, 2009 at 11:00:59PM +0100, Peter Bonivart wrote:
> ...
> Like the script would look for /opt/csw/etc/cswusrgrp and always
> "source" it when called by any package using the script? I guess it
> wouldn't hurt since it would skip already existing users and groups.
> 
> Or how would you use it?

Yes something like that.

To spell out the steps explicitly, i was envisioning something like the
following: [please read all the way through, for ZONES notes, and
 other complications...]

1. site admins install "some program" (it might not even be a demon, but
    something requiring a group) to nfs:/opt/csw

  This installs a local account on the server, "ftpgroup".


2. site admins want to also run the software on client1.

 So, they go to client1, and run
  (NFS-mounted) /opt/csw/sbin/??cswusrgrp ftpsoftwarename

 This script then looks under /opt/csw/[??] and looks up users&groups that
   "ftpsoftwarename" needs. finds that they do not exist on client1,
  so attempts to add it locally.

 The tricky bit is how /opt/csw/sbin/cswusrgrp figures out
   which users and groups to update, based on  a piece of software
   that may not actually be "installed" (pkgwise) on client1, but may
   only be living on the NFS mountpoint under /opt/csw


I should remind folks that this is not limited to "NFS" applications:
This potentially also applies to USE IN ZONES!
which could be triggered in multiple ways.
One would be if /opt/csw was a simple read-only lofs mount.

However, there is the more complex situation, where /opt/csw is a
pkg-inherit-dir installation. in which case, I *think*, that 
while the regular files dont need to be "installed" to the zone...
I believe the class action scripts will get called on a zone-by-zone basis.

So in that case, it is then very important that user definitions be present
under /opt/csw, since it is that path that will be pkg-inherit-dir shared,
and NOT /etc/opt/csw most likely.

This points out a separate issue... we should potentially have a rule, that
while packages can *reference* files in /etc/opt/etc, they may possibly be
barred from SHIPPING anything in the prototype file, that lives in
/etc/opt/csw. 
Examples it should be coped from /opt/csw/etc or elsewhere, to
/etc/opt/csw,  as required.
 

 (which would mean I'd have to rewrite cswcpsampleconf, dangit....)



More information about the maintainers mailing list