Re: Bug#621833: System users: removing them

[Andreas Barth <aba@not.so.argh.org>]

* Ian Jackson (ijackson@chiark.greenend.org.uk) [110501 16:39]:
> Steve Langasek writes ("Re: Bug#621833: System users: removing them"):
> > On Tue, Apr 12, 2011 at 09:31:47PM +0200, sean finney wrote:
> > > I second your original proposal though, that packages must not delete
> > > system users that they have created.  I don't think anyone had objections
> > > to that, and the question is whether things should be taken further.
> > 
> > I do object to telling maintainers they must not delete system users,
> > without also giving guidance on how and when to lock the accounts.
> 
> Yes, I agree with this.
> 
> > Sorry, no time at the moment to propose verbiage to reconcile this with your
> > concerns.
> 
> I think the right thing to do would be to have deluser lock (rather
> than delete) system users when invoked in the way currently used by
> maintainer scripts.  Provided that doesn't make interactive use of
> deluser break somehow.

Good idea.


I agree that system users should never be removed by maintainer
scripts, but as said: Someone would need to write that down before
starting to behave so.


Andi