On Tue, Nov 01, 2005 at 11:14:59AM +0200, Lars Wirzenius wrote: > ma, 2005-10-31 kello 22:03 +0100, Javier Fernández-Sanguino Peña > kirjoitti: > > After the feedback of the recent d-d thread, I've adapted the section I wrote > > on the best practices related to system users and groups, it is currently > > available at: > > http://www.debian.org/doc/manuals/developers-reference/ch-best-pkging-practices.en.html#s-bpp-lower-privs > > > > I would like developers to review and provide feedback for that section, > > specially in form of patches. I'm considering doing a bug hunt for: > > DON'T do this: > > addgroup --quiet --system $SERVER_GROUP 2>/dev/null ||true > > When (not if!) addgroup fails, the poor system administrator gets no > indication of it. This is a bug, and a pretty bad one. FWIW, that's partially based on what some package's postinst do (exim4-base, fetchmail, ntp-simple, and proftp, for example). I've fixed the sample code to not redirect error messages (that probably should have been a '>/dev/null' and removed the '|| true' too. > If adduser isn't quiet enough with --quiet, then fix that, don't hide > real errors. Remove both the redirect and the "|| true". Done in CVS. Javier
Attachment:
signature.asc
Description: Digital signature