[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from the release team: the plans for etch

* Thomas Bushnell BSG (tb@becket.net) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > I disagree with the idea that removing a user is a bug.  If the user was
> > added by the package, and the package is being purged, and there's a
> > reasonable expectation that it wasn't used outside of the package's use
> > of it then I think it's probably safe to remove it.  
> How do you acquire that expectation? 

By knowing what the package uses the user for.  This is somewhat akin to
the PostgreSQL package's question "do you want your data files to be
purged upon package removal", or the fact that the default Postgres
installation uses ident and the 'postgres' user is the superuser for the
database (meaning you're going to be su'ing to postgres probably a fair

In this example, if the user said to remove the data files when the
package is removed I'd expect the user to be removed as well.  If the
user said to *not* remove the data files (the default, I believe), then
the postgres user should also remain.

Another good example is the 'sshd' user, who owns nothing and is nothing
more than a distinct unprivileged user for the purpose of communicating
with the network in privsep mode (iirc).



Attachment: signature.asc
Description: Digital signature

Reply to: