[2016-10-25 10:04] Simon McVittie <smcv@debian.org> > > part text/plain 2369 > On Tue, 25 Oct 2016 at 10:31:00 +0300, Dmitry Bogatov wrote: > > It may be worth to mention my dh-sysuser debhelper here: > ... > > * unless another package requires same users, they are > > removed on package purge > > * if possible, ensures, that install-purge-install cycle saves > > numeric identifier of users > > The Policy bug report about deletion of users > <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621833> > seems to show consensus that packages should lock the accounts of system > users corresponding to removed packages, but should never delete them. > Is there a reason why the same rationale doesn't apply to dh-sysuser? > If not, please change dh-sysuser to lock accounts on removal, and > unlock on installation. Thanks for the hint. It is really nice idea. > dh-sysuser does have the typical disadvantage of debhelper-generated > maintainer scripts: whenever a bug is fixed in dh-sysuser, packages that > use it don't get that bug fixed until they are rebuilt (effectively the > same issue as static linking). Minimizing the amount of logic in the > actual maintainer script (ideally reduced to just running one helper > tool with appropriate arguments), and adding a dependency on the > helper tool that has the actual logic, would mitigate this: perhaps > that tool could live in the adduser package? Problem: you can't have asume any tool in post-rm script. -- X-Web-Site: https://sinsekvu.github.io | Note that I process my email in batch, Accept-Languages: eo,ru,en | at most once every 24 hours. If matter Accept: text/plain, text/x-diff | is urgent, you have my phone number.
Attachment:
pgpa07SeqZXrX.pgp
Description: PGP signature