[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from the release team: the plans for etch

On Mon, Oct 24, 2005 at 10:10:31AM +0200, Marc Haber wrote:

> And where do system accounts generated by packages on installations go
> to? adduser's interaction with LDAP and NIS is abysmally bad, and
> nobody seems to care.

It is a very bad idea to add system accounts to LDAP/NIS automatically
unless you can come up a way to guarantee that those accounts do not
already exist locally on any other clients using the same LDAP/NIS

If you want to include multiple OSes/distros in the same LDAP/NIS setup
then it is a very-very bad idea to add system accounts/groups to
LDAP/NIS unless you can make absolutely sure that those other
OSes/distros handle those accounts the same way as Debian. I'd really
recommend writing a detailed local account management policy before even
thinking about adding system users/groups to LDAP/NIS. It is definitely
_not_ trivial.


     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences

Reply to: