[Kolab-devel] Suse kolabd patch
radoeka
radoeka at xs4all.nl
Wed Jan 4 12:08:05 CET 2006
On Wed, Jan 04, 2006 at 11:47:56AM +0100, Bernhard Reiter wrote:
> > I just discovered that perl-kolab does
> > checks on the existance of kolab(-r/-n) users... The thing is that I don't
> > whether these are needed at all. Perhaps they can all be replaced by users
> > that already exist on the target platform (suse in my case), like www,
> > ldap, etc?
>
> In my conception it would be cool to keep the same users
> on all Kolab Server installations, best would be with the same uids and gids.
> This way somebody that understands the Kolab security mechanism
> can deal with all installations. Otherwise support will be even more
> distribution specific, which we all want to avoid.
>
> The kolab(-r/-n) are used to give certain rights to various processes
> so that we only give out the needed priviledges. In my conception they
> probably are good idea to keep even with other users for services around,
> like www,ldap. Now thinking about it:
> There probably has a way to integrate them somehow.
>
> > It is very interesting to know, which files/apps should be owned by
> > kolab(-r/-n). Can you say something about that??
>
> This is an implementation part that I (personally) did not look into very
> much, but Martin and Steffen (should) know.
> My attempt to find out would be to look at a running Kolab Server (based
> on OpenPKG) and see about processes and their permissions.
That's what we did almost a year ago...., see:
http://wiki.kolab.org/index.php?title=Kolab-app-user&action=history
http://wiki.kolab.org/index.php/Kolab-app-user
http://wiki.kolab.org/index.php/Suse-app-user
--
Richard
More information about the devel
mailing list