- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- Re: Application Install as root
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-16-2014 07:18 AM
04-16-2014 07:18 AM
Application Install as root
We have lot of application requests to install their rpm (mysql) etc as root on Redhat Linux (6). How are these requests handled typically across different companies? We install those rpm's for them, but wanted to know how other companies handle
Simon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-17-2014 04:43 AM
04-17-2014 04:43 AM
Re: Application Install as root
A RPM package installation needs to update the RPM database of installed software, which is normally writeable by root only, so having root access is a requirement for installing RPM packages.
A RPM package can really do anything (e.g. using pre/post-install scripts embedded inside the RPMs), so in an environment where someone is responsible for the applications and someone else of the overall OS, it is very important that the OS-responsible person knows what is going to be installed and can verify that the packages are OK (i.e. the packages have not been maliciously tampered with and that they are appropriate for the Linux distribution).
For packages like MySQL, the provider of the software usually signs the RPMs with their GPG key; you can use this to easily validate the authenticity of the RPMs. A careful checking of RPM version and other package metadata may be needed to verify that the package is appropriate for the Linux distribution (e.g. that someone is not trying to install a SuSE-specific package to a RedHat system, which might cause problems with library dependencies).
If you give the application people an unrestricted access to install any RPMs they want, that is essentially the same as giving them full root access to the system. If you are legally or contractually responsible for the overall system, you may not be allowed to give them that. In that case, a part of your work will be to review and implement the installation requests from the application people.