[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: Removal of user/groups

On Sat, Jul 12, 2008 at 06:35:37PM +0100, Colin Watson wrote:

> Isn't this a standard reference counting problem? When adduser --system
> is called, have adduser add the calling package to a list of packages
> that own that system user; when deluser is called on a system user,
> remove the calling package from the list, and only delete the user if
> the list becomes empty.
> 
> The difficulty, of course, is how to get there from here ...

Maybe the first step would be to store system user creation/deletion
events at some permanent location. Currently they are logged to syslog;
simply writing the same information to a separate file that is never
rotated would be a start.

We'd also need a "--package" argument to adduser/deluser to also record
the "ownership" of the request.

Once we have such logs small tools could be written that can process
these logs and display orphan users etc. Once there is a common set of
scripts people find useful, they can be integrated back into the adduser
package.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------
Reply to: