Software installation opinions needed

Frank P. Bresz fpb at ittc.wec.com
Fri Sep 21 10:59:53 AEST 1990


In article <1990Sep20.160212.241 at naitc.naitc.com> karl at naitc.naitc.com (Karl Denninger) writes:

>In article <EMERY.90Sep19131715 at aries.linus.mitre.org> emery at linus.mitre.org (David Emery) writes:

>Well, you're being not only unrealistic in some cases, but paranoid as well.

>For commercial software (I publish a package under my own name, not AC
>Nielsen) there is a good reason to run as root.  Namely, you have to do a
>LOT of things as root to get the package installed.

>For example, our package requires:

>o)	Installation of two user id's in /etc/passwd under some
>	circumstances (ie: if you select one of the options).

>o)	SUID of the package if you select one of the options; it has
>	to be able to write /etc/utmp if that option is chosen.  The package
>	DOES relinquish SUID privs immediately after it does that operation
>	on the /etc/utmp file, which is done prior to allowing the user any
>	input beyond his/her password and login id.

>o)	Installation of a group in /etc/group if it's not already there.

>o)	Creation of a parameter file in /etc (so the rest of the package
>	can "find itself" when it runs).

>On the plus side, it does tell you exactly what it's doing during
>installation, and DOES ask you where you want things installed -- including
>the libraries it uses and the binaries.  There's an option for "fast
>install" which chooses all defaults, but those are also displayed before
>they're executed.

>So yes, there are reasons to install as root.  For packages which don't do
>system things, I don't like the idea, but for those which do (and lots do
>either that kind of thing or install drivers, etc) you've got precious
>little chance of getting people to break the scripts up.

>Why?  Because I'll give you one guess at how many people will forget to run
>the second script (to do the "root required" things) and then call tech
>support asking why the product doesn't work.

	Just to add my $.02.  I have now installed several packages from
the NET.  NNTP, TRRN, BNEWS ...  All of those had nice configuration files
which did 98% of the job then as a final step.  I su'ed said 'make install'
and a few symlinks were made or files copied into properly root protected
areas.  

	I too find FRAME obtrusive.  I hate having that stupid FMHOME env
lying around but it just won't work without it, and I can't create a
symlink to it because it checks how it was called (what a crock).  I had to
take the extra step of informing every single user on the system that if
they want FRAME they must use 'fmusersetup' first (Something left untaught
in FRAME class).  New accounts that are created I handle by throwing this
into their .cshrc.  Anyway all of the packages I have received from the
NET.  Have better installation procedures than do the 3rd party stuff.
UNIFY is another one that requires environment variables.  It also requires
a login name (or used to anyway).  Come on I bet you can get by without a
login name this is really obscure.  Sure I use login names for a few of my
big packages but that's just because it is convenient, it allows me to
reinstall easily.   I don't have to use root I can just log in as the
desgnated user, I'm already in the right directory, and tar off or rebuild
the new version.

	All in all I'd say the FREEWARE does a better job than the 3rd
party stuff plus you get source code.

	I guess you get what you pay for, no wait that's backwards here
isn't it. :-)

--
| ()  ()  () | Frank P. Bresz   | Westinghouse Electric Corporation
|  \  /\  /  | fpb at ittc.wec.com | ITTC Simulators Department
|   \/  \/   | uunet!ittc!fpb   | Those who can, do. Those who can't, simulate.
| ---------- | (412)733-6749    | My opinions are mine, WEC don't want 'em.



More information about the Comp.unix.admin mailing list