[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: System users: removing them

Adding a copy to the bug report.

Everyone please Cc 621833@bugs.debian.org if replying to this subhtread.
Thanks.

On la, 2011-04-09 at 10:14 +0100, Roger Leigh wrote:
> On Sat, Apr 09, 2011 at 09:44:28AM +0100, Lars Wirzenius wrote:
> > Package: debian-policy
> > Version: 3.9.2.0
> > 
> > thanks
> > 
> > Background for the policy list: see thread starting at
> > http://lists.debian.org/debian-devel/2011/03/msg01174.html
> > and continuing in April at
> > http://lists.debian.org/debian-devel/2011/04/msg00210.html
> > 
> > On ma, 2011-04-04 at 21:09 +0100, Lars Wirzenius wrote:
> > > > The current default is not to delete the user because packages don't
> > > > generally do so, surely ?
> > > 
> > > I ran the attached script (same as the one I attached to my previous
> > > mail, to the bash thread) to unpack all amd64 sid/main binary packages,
> > > and then grepped for use of adduser or deluser in maintainer scripts:
> > > 
> > >         find pool -name postinst -o -name preinst -o -name postrm -o
> > >         -name prerm | xargs grep adduser > adduser.list
> > >         
> > > And the same, replacing adduser with deluser. The lists are a few tens
> > > of kilobytes in total, so I won't attach them to the mailing list, but
> > > I've put them on the web:
> > > 
> > > http://files.liw.fi/temp/adduser.list
> > > http://files.liw.fi/temp/deluser.list
> > > 
> > > There seem to be 106 maintainer scripts that mention deluser, in 103
> > > packages. (I did not manually verify that they're all actually calling
> > > deluser.)
> > > 
> > > I think this would be a good point to have a discussion and set policy
> > > on how to deal with this. The policy manual seems to currently be silent
> > > about removing users created by the package at installation time.
> > > 
> > >       * We can decide that packages may not remove the accounts they
> > >         create, ever. In that case, we should amend Policy to say this
> > >         explicitly, do an MBF on the packages in the deluser.list above,
> > >         and add a lintian warning against calling deluser in maintainer
> > >         scripts.
> > 
> > Ian and Tollef and Scott Kitterman are against removal of system users,
> > and nobody (except, very mildly, me) is for their removal, so I guess
> > the consensus on -devel is clear: we should not remove system users,
> > ever, in maintainer scripts. If an admin wants to do it manually, that
> > is, of course, OK.
> > 
> > Thus, I propose to change 9.2.2 "UID and GID classes", the paragraph on
> > uids in the range 100-999, to add the following sentence to the end of
> > the paragraph:
> > 
> >         Packages must not remove system users and groups they have
> >         created.
> 
> This does sound like a sensible addition.  Will the packages be
> responsible for locking the accounts?
> 
> I've always found the addition and removal of user accounts in
> maintainer scripts difficult, due to the huge difference in
> practice between packages, and the lack of detailed guidance on
> best practice.  Would it be worth adding explicit examples of
> how to add system users and groups in Policy.  Also, would it
> be worth adding support to debhelper or dpkg-maintscript-helper
> to do the user addition--it would unify the process so that
> packages won't have to reinvent the wheel, and make things
> much more simple and reliable.
> 
> 
> Regards,
> Roger
> 

-- 
Blog/wiki/website hosting with ikiwiki (free for free software):
http://www.branchable.com/
Reply to: