Announcement

Collapse
No announcement yet.

Fedora 32 Planning To Make Use Of systemd's sysusers.d For Declaring New Users

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by starshipeleven View Post
    systemd-sysusers isn't "handling" users.

    This application is a tool that adds or removes users or groups from /etc/passwd and /etc/group automatically, reducing the need to do that with custom scripting in pre- post- and whatever script run by the package.

    It provides a /etc/password.d and /etc/group.d -like functionality, which is commonplace for most other stuff (just look in your /etc folder to see other folders ending with .d) so the package installation script does not need to parse and edit system files and just drops his own config file in a folder.
    Ugh! Can't stand systems that do that (use conf.d-style configuration directories). Yes, it makes some things easier (creating GUIs) but makes other things much more difficult (CLI-based management). Pure-FTPd (or ProFTPd?) took that to the extreme and converted their single, simple, easy-to-read text config file into a conf.d/ directory full of individual files. 1 file per config option. The file name was the config option name; the file contents were the config option value. Made it easy to create GUI-based config tools, but made it absolutely impossible to manage remotely via an SSH connection.

    Everything-is-a-file is not the end-all, be-all goal of a Linux system, and can actually make things worse!
    Last edited by phoenix_rizzen; 03 January 2020, 01:03 PM.

    Comment


    • #22
      Originally posted by jason.oliveira View Post

      So, like every other Red Hat-funded application since https://www.linux.co.cr/distribution...linuxconf.html, it's a complicated widget to control or modify text files that are better-off hand-edited. I'll stick with useradd, thanks.
      No, clearly you should only be hand editing /etc/passwd /etc/group and /etc/shadow like you suggested because thats saner since useradd is just some complicated widget too /s

      Comment


      • #23
        Originally posted by phoenix_rizzen View Post

        Ugh! Can't stand systems that do that (use conf.d-style configuration directories). Yes, it makes some things easier (creating GUIs) but makes other things much more difficult (CLI-based management). Pure-FTPd (or ProFTPd?) took that to the extreme and converted their single, simple, easy-to-read text config file into a conf.d/ directory full of individual files. 1 file per config option. The file name was the config option name; the file contents were the config option value. Made it easy to create GUI-based config tools, but made it absolutely impossible to manage remotely via an SSH connection.

        Everything-is-a-file is not the end-all, be-all goal of a Linux system, and can actually make things worse!
        Thats an insane config schema but not at all representative of dot d style config directories. You are also making it sound like reading a directory of files that are supposed to be combined is hard to script for which just wrong. I don't even really understand how to respond except to point out that clearly plenty of cli based programs do not have any issue with dot d config directories. Its pretty much always just the devs being bad at organizing concepts in a way that makes sense for an end user from what I've seen.

        Comment


        • #24
          Originally posted by phoenix_rizzen View Post
          Ugh! Can't stand systems that do that (use conf.d-style configuration directories). Yes, it makes some things easier (creating GUIs) but makes other things much more difficult (CLI-based management).
          GUIs use high-level languages that have powerful text-parsing functions, and don't need this.
          This interface is specifically for packages to drop their own special config without need to parse config files in shitty shell script written by distro maintainers.

          Pure-FTPd (or ProFTPd?) took that to the extreme
          Pure-FTPd does not seem to support config.d style at all https://download.pureftpd.org/pub/pu...iguration-File
          Same for ProFTPd http://www.proftpd.org/docs/howto/ConfigFile.html

          Maybe your distro did some shenanigans? ProFTPD says it does not need a default config file to know its defaults and that it can run without it too, maybe the distro didn't ship it and assumed you would create it if needed? This isn't uncommon as people using the CLI are usually assumed to have RTFM and be able to create a config if there is none.

          In any case that's not how a config.d style folder is supposed to be used. It's an API for adding or removing specific config when installing or removing packages not "the only interface".

          Comment


          • #25
            Originally posted by starshipeleven View Post
            GUIs use high-level languages that have powerful text-parsing functions, and don't need this.
            This interface is specifically for packages to drop their own special config without need to parse config files in shitty shell script written by distro maintainers.
            More to the point, it's so packages can just drop in a file when installed and remove it when uninstalled... no need to _edit_ a single file that's also being modified by hand and by other packages.

            Comment


            • #26
              Originally posted by Neraxa View Post
              This is going to be a big improvement and should help make system administration easier and more reliable and much easier to manage. I hope we see many big improvement and additional capabilities and expansions of the systemd ecosystem into new areas to come in the next year that will make systemd even more of a powerful, rich and extensive suite of tools.
              real system administration uses LDAP for managing accounts

              Comment


              • #27
                Originally posted by yturmisil View Post
                real system administration uses LDAP for managing accounts
                users for system services aren't using LDAP

                Comment


                • #28
                  Originally posted by starshipeleven View Post
                  GUIs use high-level languages that have powerful text-parsing functions, and don't need this.
                  This interface is specifically for packages to drop their own special config without need to parse config files in shitty shell script written by distro maintainers.

                  Pure-FTPd does not seem to support config.d style at all https://download.pureftpd.org/pub/pu...iguration-File
                  Same for ProFTPd http://www.proftpd.org/docs/howto/ConfigFile.html

                  Maybe your distro did some shenanigans? ProFTPD says it does not need a default config file to know its defaults and that it can run without it too, maybe the distro didn't ship it and assumed you would create it if needed? This isn't uncommon as people using the CLI are usually assumed to have RTFM and be able to create a config if there is none.

                  In any case that's not how a config.d style folder is supposed to be used. It's an API for adding or removing specific config when installing or removing packages not "the only interface".
                  Pure-FTPd does not use config files but command line arguments. However, Debian wrote /usr/sbin/pure-ftpd-wrapper that reads a conf.d style directory and translates that into the command line arguments for pure-ftpd. So that is where/why phoenix_rizzen saw this.

                  That said, there is a world apart between a single application using conf.d style for it's configuration and something like sysusers.d that is for multiple applications/packages to cleanly insert/delete their own files.

                  Imagine just how unmaintainable it would be if every 3d party repository would edit /etc/apt/sources.list or /etc/yum.repos directly.
                  Last edited by F.Ultra; 04 January 2020, 06:02 PM.

                  Comment


                  • #29
                    Originally posted by Delgarde View Post

                    More to the point, it's so packages can just drop in a file when installed and remove it when uninstalled... no need to _edit_ a single file that's also being modified by hand and by other packages.
                    Exactly! Not to mention gracefully being able to handle the case when two or more packages adds the same user and then you remove on of them and the other packages no longer works since the shared user was removed...

                    Comment


                    • #30
                      Originally posted by starshipeleven View Post
                      They seem to imply that they want to eventually move to use it (or at least experiment with it) after they migrated packages to use this current method
                      not in f32. and nobody knows how many users can manage future fedora's solution, because doesn't exist yet
                      Last edited by pal666; 04 January 2020, 09:17 PM.

                      Comment

                      Working...
                      X