Re: Creating a new user for Hashicorp Vault and its fork OpenBao?
Hi Callum, On 06.02.24 12:32 Callum Farmer wrote:
No such split is needed if the user/group is only needed by that package, keep it in the main package.
As the user would be shared by the vault and OpenBao packages, I think it makes sense to put it into a separate package.
For more information: https://en.opensuse.org/openSUSE:Packaging_guidelines#Users_and_Groups
Thanks, I'll have a look, now that the certificate is valid again... FYI, this is what I put together this morning, but will check again now:
https://build.opensuse.org/package/show/home:ojkastl_buildservice:Branch_sec...
Kind Regards, Johannes P.S.: No need for CC, I am subscribed...
On Tue, 6 Feb 2024 at 17:18, Johannes Kastl <mail@ojkastl.de> wrote:
Hi Callum,
On 06.02.24 12:32 Callum Farmer wrote:
No such split is needed if the user/group is only needed by that package, keep it in the main package.
As the user would be shared by the vault and OpenBao packages, I think it makes sense to put it into a separate package.
If vault is the main 'provider' (I'm guessing based on the name) then you can put it there in a subpackage and require it from openbao (Requires(pre)/Requires) You'll need to BuildIgnore to prevent build errors and self build cycles. See the system-user-pulse from https://build.opensuse.org/package/view_file/multimedia:libs/pulseaudio/puls... as an example It prevents pointless source packages in Tumbleweed
For more information: https://en.opensuse.org/openSUSE:Packaging_guidelines#Users_and_Groups
Thanks, I'll have a look, now that the certificate is valid again...
FYI, this is what I put together this morning, but will check again now:
https://build.opensuse.org/package/show/home:ojkastl_buildservice:Branch_sec...
Kind Regards, Johannes
P.S.: No need for CC, I am subscribed
Reply all default - message id should be same so it should only show once -- Callum Farmer gmbr3@opensuse.org openSUSE - gmbr3
Hi Callum, On 07.02.24 16:10 Callum Farmer wrote:
On Tue, 6 Feb 2024 at 17:18, Johannes Kastl <mail@ojkastl.de> wrote:
As the user would be shared by the vault and OpenBao packages, I think it makes sense to put it into a separate package.
If vault is the main 'provider' (I'm guessing based on the name) then you can put it there in a subpackage and require it from openbao (Requires(pre)/Requires)
Thanks for your insights. In this case the Vault package might never make it into Tumbleweed due to the license. So I have created a separate package, that I can use with Vault for testing, until OpenBao is stable enough to package it and submit it to Factory. Kind Regards Johannes
participants (3)
-
Callum Farmer -
Johannes Kastl -
Johannes Kastl