So more on trying to clean up my acme-dns module… Right now, I have the service running as root. Best practice for security would be to run as a non-privileged user, which is what the acme-dns docs recommend. It seems the simplest way to accomplish this is to simply run the adduser command in the %pre section of the .spec file–is there something I’m missing, either with CentOS/RHEL in general, or with Neth in particular, that would make this a bad idea?
The Fedora Wiki, at least, appears to endorse this, which may narrow the question to Neth.