#48285 The dirsrv user/group should be created in rpm %pre, and ideally with fixed uid/gid
Closed: Fixed None Opened 4 years ago by nhosoi.

Description of problem:

The dirsrv user/group is only created when ipa-server-install is run. That
makes it hard to move IPA's data from container to a data volume as in vanilla
container the records won't be there and the directory server will refuse to
start: Unknown user 'dirsrv'.

And if we do this, we could just as well hardcode some reasonable uid. For
example, httpd does

/usr/sbin/useradd -c "Apache" -u 48 \
        -s /sbin/nologin -r -d /usr/share/httpd apache 2> /dev/null || :

For dirsrv user, uid 389 could be used (but we'd need to verify if it's not
used by someone else).

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Install 389-ds-base.
2. Check /etc/group and /etc/passwd for dirsrv.

Actual results:

It's not there.

Expected results:

It should be there.

Additional info:

rpm -i 389-ds-base...

egrep dirsrv /etc/passwd /etc/group


setup-ds.pl ...

ps -ef | egrep ns-slapd

dirsrv 14379 1 2 17:00 ? 00:00:00 /usr/sbin/ns-slapd -D /etc/dirsrv/slapd-test -i /var/run/dirsrv/slapd-test.pid -w /var/run/dirsrv/slapd-test.startpid

Tested on my system, looks good.

Thanks, William. But I found an error case... :(
If the passwd/group has a string which contains "dirsrv" as a part, it does not work as expected...

git patch file (master) -- revised (generated files are not included.)

If these users and groups exist on the system:
This pair is supposed to be generated:

Tested again with dirsrv, dirsrvx and xdirsrv already exsting.

Reviewed by William (Thank you!!)

Pushed to master:
6f8c555..79aa178 master -> master
commit 44d47d5
commit 79aa178

Metadata Update from @nhosoi:
- Issue assigned to nhosoi
- Issue set to the milestone:

2 years ago

Login to comment on this ticket.