Re: Bits from the release team: the plans for etch

To: Gabor Gombas <gombasg@sztaki.hu>
Cc: sean finney <seanius@debian.org>, Olaf van der Spek <olafvdspek@gmail.com>, debian-devel@lists.debian.org
Subject: Re: Bits from the release team: the plans for etch
From: Andreas Barth <aba@not.so.argh.org>
Date: Wed, 26 Oct 2005 18:07:21 +0200
Message-id: <[🔎] 20051026160721.GB31042@mails.so.argh.org>
Mail-followup-to: Andreas Barth <aba@not.so.argh.org>, Gabor Gombas <gombasg@sztaki.hu>, sean finney <seanius@debian.org>, Olaf van der Spek <olafvdspek@gmail.com>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 20051026160221.GW15626@boogie.lpds.sztaki.hu>
References: <[🔎] E1EUOsY-0000Jv-F3@scyw00225.scy001.de> <[🔎] 20051025202118.GA10290@javifsp.no-ip.org> <[🔎] E1EUecU-0004QS-NV@scyw00225.scy001.de> <[🔎] 20051026091100.GA3940@javifsp.no-ip.org> <[🔎] 20051026115319.GE15626@boogie.lpds.sztaki.hu> <[🔎] b2cc26e40510260500g3194ff7bx2eb80d58834fe0ea@mail.gmail.com> <[🔎] 20051026121541.GG15626@boogie.lpds.sztaki.hu> <20051026122002.GA26379@seanius.net> <[🔎] 20051026153945.GA31042@mails.so.argh.org> <[🔎] 20051026160221.GW15626@boogie.lpds.sztaki.hu>

* Gabor Gombas (gombasg@sztaki.hu) [051026 18:03]:
> On Wed, Oct 26, 2005 at 05:39:45PM +0200, Andreas Barth wrote:
> 
> > > i don't think removing and reusing users is a good idea in practice.
> > > what harm would there be in simply leaving the user account on the
> > > system permenantly, with maybe locking the account and setting the
> > > shell to /bin/false?
> > 
> > Yep, that's probably best practice.
> 
> Note that most system groups are already locked and have the shell set
> to /bin/false by default, anything else is likely a change made by the
> admin manually. Forcibly locking the account is thus overriding the
> admin's decision, so it must be at least clearly documented somewhere.

Well, locking of course only if the application needed something else
than /bin/false in the first place. :)


> Another thing would be to change the GECOS indicating that the account
> is now stale, and have some small utility to list/remove all such
> accounts. So whoever wants to automatically remove unused accounts can
> configure apt to do so by calling this utility from DPkg::Post-Invoke.

That might be possible, yes.


Cheers,
Andi

Reply to:

References:
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bits from the release team: the plans for etch
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Bits from the release team: the plans for etch
  - From: Gabor Gombas <gombasg@sztaki.hu>
- Re: Bits from the release team: the plans for etch
  - From: Olaf van der Spek <olafvdspek@gmail.com>
- Re: Bits from the release team: the plans for etch
  - From: Gabor Gombas <gombasg@sztaki.hu>
- Re: Bits from the release team: the plans for etch
  - From: Andreas Barth <aba@not.so.argh.org>
- Re: Bits from the release team: the plans for etch
  - From: Gabor Gombas <gombasg@sztaki.hu>

Prev by Date: Re: Bits from the release team: the plans for etch
Next by Date: Re: Bits from the release team: the plans for etch
Previous by thread: Re: Bits from the release team: the plans for etch
Next by thread: Re: Bits from the release team: the plans for etch
Index(es):
- Date
- Thread