Bug#291177: [PROPOSAL] Policy for user/groups creation/removal in package maintainer scripts
On Wed, 19 Jan 2005, Javier Fernández-Sanguino Peña wrote:
> On Wed, Jan 19, 2005 at 09:54:50AM -0200, Henrique de Moraes Holschuh wrote:
> > On Wed, 19 Jan 2005, Javier Fernández-Sanguino Peña wrote:
> > > There is currently no policy on how should per-package users be created and
> > > removed. Eeven though the 'UID and GID classes' sections determines that
> > > packages _should_ use adduser --system in some occasions it doesn't
> >
> > Make it *must* use adduser --system, *if* they add an user at all.
>
> Some packages might need to use a hardcoded UID (and there's a UID range
> for those) those don't use 'adduser --system'
Then they *must* request that UID to be statically allocated to them, and
add a proper versioned dep to the base-passwd package providing it. This is
an old, old rule, if it is not a "must" yet, it is about time it becomes
one...
> > Maintainer scripts can ask about an already existing user *if and only if*
> > it is not a system user... no more useless, aggravating postinst prompts,
> > please.
>
> True. I would love to see a sample for that so that postinst scripts would
> reuse that. Actually, it could even be integrated into a dh_adduser script,
> couldn't it?
Yes, it could. For a sample, please see the amavisd-new or cyrus21-imapd
packages. Both do it. I do not claim they do it in the best possible way,
but it works.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: