Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!uakari.primate.wisc.edu!aplcen!haven!udel!princeton!silence!jay
From: jay@silence.princeton.nj.us (Jay Plett)
Newsgroups: comp.unix.admin
Subject: Re: Software installation opinions needed
Message-ID: <650@silence.princeton.nj.us>
Date: 25 Sep 90 05:30:13 GMT
References: <25908@shamash.cdc.com> <1990Sep19.125944.6489@cs.utk.edu> <1990Sep24.171752.13221@naitc.naitc.com>
Organization: Access, Inc.
Lines: 47

In article <1990Sep24.171752.13221@naitc.naitc.com>, karl@naitc.naitc.com (Karl Denninger) writes:
> In article <649@silence.princeton.nj.us> jay@silence.princeton.nj.us (Jay Plett) writes:
> >In article <1990Sep20.160212.241@naitc.naitc.com>, karl@naitc.naitc.com (Karl Denninger) writes:
[ whether an install program should touch /etc/passwd, /etc/group, and /etc ]

> I don't understand how people are using computers eh?  Add some ad-hominen
> in there for good measure too, no?
I apologize for the ad hominem inference that can be drawn due to my
careless use of pronouns in my remark "if you ... then you ..."  This
inference was not intended.  Please substitute "one" for "you".

Providing for installation by a naive user is indeed frustrating and
difficult.  But that doesn't negate the fact that each of /etc/passwd,
/etc/group, and /etc--on the machine where a software package is being
installed--might be inaccessible to the software or otherwise have no
relevance to it when it is executed.  I believe that a software
provider must be entitled to assume that each site has at least one
user who is capable of adding users and groups to their system, whether
by hand-editting the appropriate files or by using software that was
provided with or for the OS.  Meanwhile, it's presumptuous and risky
for a software provider to assume that (s)he can predict what steps are
required to successfully add a user or group to a particular system (or
that the system the software is being installed on is the system
it will be executed on).  How the software is to "find itself" is a
stickier problem.  Looking in /etc for a config file is not the
solution.

In some cases it might be reasonable to include a program to automate
certain superuser tasks which are likely to succeed on most common
systems.  But no such program should be embedded in a more complicated
installation program, or leave the installer wondering about the
consequence of departing from the vendor's recommendations, or leave no
choices for the installer, or require that the installer spend more
time reverse-engineering the install script than (s)he should need to
spend installing the entire package.  No third-party software should
depend for its execution on discovering its essence in any particular
pathname.

It should be both possible and easy for any user to install a third-
party software package even if that user lacks either the authority or
the ability to add users, groups, or files in system directories.
Ideally, software shouldn't depend on any of these things.  If such
dependencies are truly unavoidable, then it is acceptable that a
software package require its installer to seek help for a few critical
tasks that require superuser privilege.

	...jay