Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)

[Javier Fernández-Sanguino Peña <jfs@computer.org>]

On Thu, Sep 12, 2002 at 01:07:29PM -0400, Andres Salomon wrote:
> Eh?  Check postinst.in.  It does the user addition, checks to see
> whether it should change permissions, etc.  postinst is created at 
> build time.

What do you do that for (automatically creating a user) ? You say that the
maintainer does not read the BTS, but neither do you read Bug #157245 [0]
too? 

I do not see the merit of adding a user without talking with base-passwd
first and applying a patch that will (probably) not be more than a
quick-fix and not a long-time patch. Automatic creation of a user for
named is *not* the way to go.

Obviously IMHO

Javier 

PS: For there record, I also wrote about this in the "Securing Debian
Manual" [1] but it seems nobody has read it :(


[0] For the lazy:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=157245&repeatmerged=yes
[1]
http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html#s-sec-bind