Re: RFS: soju

To: debian-go@lists.debian.org
Subject: Re: RFS: soju
From: Nilesh Patra <nilesh@debian.org>
Date: Mon, 23 Oct 2023 02:47:57 +0530
Message-id: <[🔎] 20231022211757.iclccrc3vsbwnolz@office.mailbox.org>
In-reply-to: <[🔎] 20231022211332.rxi3bxrqia5ojzdw@office.mailbox.org>
References: <[🔎] f8cfb3d4-5e0b-4bbc-8ff2-2402d4c94b6b@taavi.wtf> <[🔎] 20231018200151.4nq2y4pc2edmwqvq@office.mailbox.org> <[🔎] 8c9f9830-6a33-41a6-9519-03db565cec57@taavi.wtf> <[🔎] 20231021142828.hlogt42ucm6uvpiz@office.mailbox.org> <[🔎] cb0d17a8-c092-42c6-b857-f3657676e4cd@taavi.wtf> <[🔎] 20231021211600.bcz4yonp7pu4wxed@office.mailbox.org> <[🔎] 20231022211332.rxi3bxrqia5ojzdw@office.mailbox.org>

On Mon, Oct 23, 2023 at 02:43:32AM +0530, Nilesh Patra wrote:
> On Sun, Oct 22, 2023 at 02:46:00AM +0530, Nilesh Patra wrote:
> > On Sat, Oct 21, 2023 at 11:57:14PM +0300, Taavi Väänänen wrote:
> > > On 10/21/23 17:28, Nilesh Patra wrote:
> > > > I have pushed a small change with reasoning to properly fix those. However, I have two
> > > > questions to ask:
> > > > 
> > > > * Why is the groupname of soju user names "ssl-cert" and not soju itself?
> > > > * Do we expect a "ssl-group" to be commonly present in linux systems? If
> > > >    not (it isn't on mine), should it not be:
> > > >    - Created in d/postinst? -- There is no groupadd or --ingroup with
> > > >      adduser
> > > >    - Removed in d/postrm? -- no delgroup
> > > 
> > > The group is added by the "ssl-cert" package[0] package which soju has a
> > > Depends: on, and it's added as a supplementary group to the soju user and
> > > not as the primary group. That group generates self-signed TLS certificates
> > > that the package can use in the default configuration, instead of shipping a
> > > default configuration with a plaintext listener which is heavily discouraged
> > > by upstream and something I'd rather not do regardless.
> > 
> > Yes, makes sense. I have one almost final question -- you have created a
> > /var/lib/soju in d/dirs and then creating a new soju user with this has
> > homedir but correspondingly also using --no-create-home.
> > 
> > Wouldn't it be cleaner if you just remove d/dirs and let it create this
> > in postinst instead?
> > I've usually seen adduser to be used in this way in the past.
> 
> Another comment - the systemd service probably should be stopped in
> prerm - isn't it?

No, it should not -- dh_installsystemd already takes care of it.

| $ cat /var/lib/dpkg/info/soju.prerm
| #!/bin/sh
| set -e
| # Automatically added by dh_installsystemd/13.11.7
| if [ -z "${DPKG_ROOT:-}" ] && [ "$1" = remove ] && [ -d /run/systemd/system ] ; then
|        deb-systemd-invoke stop 'soju.service' >/dev/null || true
| fi
| # End automatically added section

I should sleep now :P
Please comment on the d/dirs thingy and then we could wind it up!

> > > [0]: https://tracker.debian.org/pkg/ssl-cert

Best,
Nilesh

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Re: RFS: soju
  - From: Taavi Väänänen <hi@taavi.wtf>

References:
- RFS: soju
  - From: Taavi Väänänen <hi@taavi.wtf>
- Re: RFS: soju
  - From: Nilesh Patra <nilesh@debian.org>
- Re: RFS: soju
  - From: Taavi Väänänen <hi@taavi.wtf>
- Re: RFS: soju
  - From: Nilesh Patra <nilesh@debian.org>
- Re: RFS: soju
  - From: Taavi Väänänen <hi@taavi.wtf>
- Re: RFS: soju
  - From: Nilesh Patra <nilesh@debian.org>
- Re: RFS: soju
  - From: Nilesh Patra <nilesh@debian.org>

Prev by Date: Re: RFS: soju
Next by Date: Re: [RFS] -- golang-github-zyedidia-terminal/golang-github-zyedidia-tcell/ and micro
Previous by thread: Re: RFS: soju
Next by thread: Re: RFS: soju
Index(es):
- Date
- Thread