[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [RFC] adding system users: which is the best way??



On Sun, Nov 30, 2003 at 04:42:44AM +0100, Peter Palfrader wrote:
> > Presumable, if you purge the package, then the user is no longer needed.
> > So shouldn't the user be deleted?
> We cannot guarantee that no file on disk is owned by the user or group.
> The local admin may for instance have made a backup copy of files owned
> by the user (cp -a /etc/foo/ /etc/foo.bak;  suppose something in that
> dir is uid or gid user).  

Erm, surely everything in /etc should be owned by root? The group mightn't
be, but surely the user should be? (Otherwise you're allowing random daemons
to _modify_ your configuration, rather than just read it)

> After purging the package they are still there
> and after installing another daemon they are suddenly owned by another
> package's user.

You could fix that by having adduser generally try to avoid reusing
uids/gids in the various dynamic ranges (which would require keeping a
track of purged users). But the only time an admin should be /required/
to get rid of cruft (extraneous users, random files) is when s/he
specifically created them -- by doing cp -a /etc/foo/ /etc/foo.bak, eg.

Cheers,
aj

-- 
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG signed mail preferred.

               Linux.conf.au 2004 -- Because we can.
           http://conf.linux.org.au/ -- Jan 12-17, 2004

Attachment: pgpaBJIuglSXn.pgp
Description: PGP signature


Reply to: