[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from the release team: the plans for etch

On Wed, Oct 26, 2005 at 11:11:00AM +0200, Javier Fernández-Sanguino Peńa wrote:

> That really depends on the daemon itself don't you think? There's a number of
> daemons that don't create any file at all or, if they do, are created
> only on a given directory which is removed on purge. In these cases, removing
> the user on postrm's purge might make sense. As I said, that would be an
> option. 

It is still possible that those daemons _read_ some files (e.g. config
files), and the admin did a chown/chgrp to the daemon's user. Removing
the user and reusing the UID/GID will suddenly make those files
accessible for a random new package which may not be intended at all.

IMHO you can safely remove an user/group _only_ if you have made sure
there are no files owned by that uid/group left on any filesystems (and
checking that may be tricky if the system uses ACLs, for example).

And there is also the problem of files restored from a backup being
suddenly owned by some random new user/group...

At the very least you should ask the admin if he wants to remove the
user/group on package purge (with the default being 'no').


     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences

Reply to: