On Tue, Nov 24, 2009 at 04:28:05PM -0800, Keith Rarick wrote: > Serafeim Zanikolas is packaging beanstalkd for Debian, and he's > suggested that beanstalkd should go in sbin, because it's a system > program rather than an end-user program. I tend to think of beanstalkd > as an end-user program. > > With his permission, I'm forwarding our conversation here. > > Sreafeim Zanikolas wrote: > > > > binary in /usr/sbin (not /usr/bin) as it's a system program. > > > > > > That's an interesting point. I've never thought of beanstalkd as a > > > system program. Although it's a daemon, it isn't part of the OS. It is > > > a tool that people use to help them build applications. > > > > > > It would be essentially impossible to run beanstalkd as a system > > > service shared between all users -- they would wind up stepping all > > > over each other. Usually, each user runs her own instance of > > > beanstalkd. > > > > > > But I haven't actually thought about this very much. With a good > > > argument I could be persuaded otherwise. > > > > According to the FHS, /usr/bin is for user commands whereas /usr/sbin for > > system commands. IMHO any deamon (that's not related to desktop or end user > > stuff) is clearly a system command. But maybe that's just me :) > > What is the right thing to do?
http://www.pathname.com/fhs/pub/fhs-2.3.html#SBINSYSTEMBINARIES Utilities used for system administration (and other root-only commands) are stored in /sbin, /usr/sbin, and /usr/local/sbin. /sbin contains binaries essential for booting, restoring, recovering, and/or repairing the system in addition to the binaries in /bin. Programs executed after /usr is known to be mounted (when there are no problems) are generally placed into /usr/sbin. Locally-installed system administration programs should be placed into /usr/local/sbin. http://www.pathname.com/fhs/pub/fhs-2.3.html#FTN.AEN1058 [19] Deciding what things go into "sbin" directories is simple: if a normal (not a system administrator) user will ever run it directly, then it must be placed in one of the "bin" directories. Ordinary users should not have to place any of the sbin directories in their path. For example, files such as chfn which users only occasionally use must still be placed in /usr/bin. ping, although it is absolutely necessary for root (network recovery and diagnosis) is often used by users and must live in /bin for that reason. We recommend that users have read and execute permission for everything in /sbin except, perhaps, certain setuid and setgid programs. The division between /bin and /sbin was not created for security reasons or to prevent users from seeing the operating system, but to provide a good partition between binaries that everyone uses and ones that are primarily used for administration tasks. There is no inherent security advantage in making /sbin off-limits for users. To me this does not apply to beanstalkd since it is not used for system administration and will often be executed by users, it is NOT root-only. That is I used for deciding that beanstalkd should go in /usr/bin for Fedora and EPEL. enjoy, -jeremy -- ======================================================================== Jeremy Hinegardner [email protected] -- You received this message because you are subscribed to the Google Groups "beanstalk-talk" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/beanstalk-talk?hl=en.
