SPECS: mysqlstat.spec - with user mysqlstat (fwd)

Elan Ruusamäe glen at delfi.ee
Thu Dec 2 15:06:58 CET 2004 

hi

thx for the comments :)

On Thursday 02 December 2004 15:38, Andrzej Krzysztofowicz wrote:
> From: Andrzej Krzysztofowicz <ankry at green.mif.pg.gda.pl>
> Message-Id: <200412021322.iB2DMp0F023631 at green.mif.pg.gda.pl>
> To: pld-devel-en at pld-linux.org
> Date: Thu, 2 Dec 2004 14:22:51 +0100 (CET)
> Subject: Re: SPECS: mysqlstat.spec - with user mysqlstat
>
> glen wrote:
> > +Requires: group(http)
>
> Hmmm... daes this package require a webserver?
> If no, I suggest P: group(http) and try to add it in %pre
so it is ok that multiple packages provide group http?

ah. probably it is, now that it come to topic.

> If requires, it is not enough: R(pre,postun) might be necessary.
> Or even PreReq. ((un)installation sequence while installing many packages
> at once matters, IMO)
i wasn't certain myself too. and the current solution bothers me too

the application consists of two parts
1. data gather
2. data display

for 1) there's no need for webserver
for 2) the webserver should be able to *read* datafiles produced in 1)

i was thinking of splitting it to two packages, main package and -cgi


> > +%pre
> > +[ "`/bin/id -u mysqlstat 2>/dev/null`" ] || \
> > + /usr/sbin/useradd -u %{userid} -d /usr/share/mysqlstat \
> > +  -s /bin/false -g http -c "MySQL Statistics" mysqlstat
>
> Eg.: you cannot remove a group being primary group of a user...
>
> > -%attr(700,root,root) %dir %{_sysconfdir}
> > -%attr(600,root,root) %config(noreplace) %verify(not size mtime md5)
> > %{_sysconfdir}/* -%dir %attr(710,root,http) /var/lib/%{name}
> > +%attr(700,mysqlstat,root) %dir %{_sysconfdir}
> > +%attr(600,mysqlstat,root) %config(noreplace) %verify(not size mtime md5)
> > %{_sysconfdir}/*
>
> What is the role of this user? Why does he need write access to config
> files?
the idea was that that user owns the config files and can write to /var
because the program forces restriction that config should be 600 permission 
(so using group permission wouldn't work)

> > +%dir %attr(710,mysqlstat,http) /var/lib/%{name}

and there's one more issue, which i'm not certain how to solve, there should 
be added cron, i don't want it to be enabled by default, if the user hasn't 
configured the program yet.

and i don't want this program being run as root, so it has to be user crontab, 
not file in /etc/cron.d directory.




-- 
glen

More information about the pld-devel-en mailing list