[oi-dev] Barman packaging
Adam Števko
adam.stevko at gmail.com
Thu Nov 7 08:38:50 UTC 2013
We don't have root account, either. Root is created as a role if you create a regular user during the installation. If you don't that root is an account as obviously you need a way to log into the system.
> On 7 Nov 2013, at 09:03, "Nikola M." <minikola at gmail.com> wrote:
>
>> On 11/ 7/13 08:39 AM, Alexander Pyhalov wrote:
>>
>> The most interesting part is that barman has to run rsync with postgres euid on remote site (to access DB files ) and with barman euid on local (to access backup files). I think that converting postgres from role to user is more straightforward than trying to create necessary RBAC policy.
>
> I think that local implementations and needs should not dictate what will be changed in OS distribution itself.
> If people don't know how to use RBAC they should learn it (me included)
> if programs needed to run on OI don't support platform, they shoud be patched to work right.
>
> I don't understand why I should loose PostgreSQL role on all systems I would probably install in the future, because someone personally had a problem with one program not made for the platform.
> And what it has to do with that particular implementation of external program
> and what rsync have to do with Solaris roles.
>
> It could be written on wiki how to do that, it could be written on package description, it could be written on the program manual how to make it work
> but the OS should not be slave of the application and kill existing functionality that people rely upon, just to be able to run one additional program without patching it for the platform.
>
> Large installations usually have their own mirrors and changes that for some reason some local admin thinks theya re needed for them, and not for the rest of the world,
> can land on their internal mirror.
>
> Besides, we have 'zfs send' and using rsync for that is sort of stupid to me.
> Why that app should not be patched to use zfs snapshots?
>
> You could think this way: everything could be on roles in the future, like it is in Solaris11.
> They killed root account completely. And we still have root account, and that is maybe good thing,
> but that does not mean we should start killing roles because we find it interesting at the moment to run some additional app.
> Let's think our way and not turn everything in Linux.
>
> So I think it is not such good idea to kill one large-known functionality, just to satisfy random App without patching it.
> Are we actually suffering for not having established review and discussion process before implementing changes?
>
>
> _______________________________________________
> oi-dev mailing list
> oi-dev at openindiana.org
> http://openindiana.org/mailman/listinfo/oi-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2328 bytes
Desc: not available
URL: <http://openindiana.org/pipermail/oi-dev/attachments/20131107/e7d23926/attachment-0005.bin>
More information about the oi-dev
mailing list