Bug#621833: System user handling in packages: status of discussion

To: Lars Wirzenius <liw@liw.fi>, 621833@bugs.debian.org
Subject: Bug#621833: System user handling in packages: status of discussion
From: Bill Allombert <Bill.Allombert@math.u-bordeaux1.fr>
Date: Fri, 10 Jun 2011 19:25:53 +0200
Message-id: <[🔎] 20110610172553.GC469@yellowpig>
Reply-to: Bill Allombert <Bill.Allombert@math.u-bordeaux1.fr>, 621833@bugs.debian.org
In-reply-to: <[🔎] 20110610091220.GA3071@havelock.liw.fi>
References: <[🔎] 20110610091220.GA3071@havelock.liw.fi>

On Fri, Jun 10, 2011 at 10:12:20AM +0100, Lars Wirzenius wrote:
> I've just reviewed the discussion so far, here's my best attempt
> at a summary of the current status:
> 
> * To create an user, a maintainer script should call
>   "adduser --system foo". It is not necessary to wrap this in
>   a check for whether the user exists.
> * When the package is removed, the user should be locked:
>   "lockuser foo".
> * lockuser is a still-hypothetical tool, which needs to be added
>   to the adduser package. It is a wrapper around "usermod -L -e 1 foo".
> * Similarly, adduser needs to be changed to unlock:
>   "usermod -U -e '' foo".
> * Policy 9.2.2, the description of the 100-999 UID range for system
>   users, should be changed to mention when and how users need to
>   be locked. Perhaps by adding the following sentence to the end of
>   the paragraph: "When the package is removed, it should lock the
>   user it created using 'lockuser'."
> * We need a lintian check to verify that packages create and lock
>   users properly.

Maybe also a piuparts check.

> * Once the lintian check is done, bugs on all packages that fail it
>   should be filed.

> Have I understood the discussion correctly? Any corrections or
> objections to the above?
> 
> Unclear to me are the following two points:
> 
> * Should packages also remove the contents of the system account's
>   home directory? Should this be done upon package remove or purge?
>   If this is to be done, should we also provide a tool for it, to
>   make sure everyone does it the right way? "clearuserhome foo"
>   would essentially be "find ~foo -mindepth 1 -exec rm '{}' +",
>   except it needs to delete directories as well, and should
>   possibly have protection against crossing mount points,
>   and perhaps verifying ownership of files before removing, etc.

I think this should be done is the content is exactly the same as when the
package was just installed. But this might be too hard to check.

Cheers,
-- 
Bill. <ballombe@debian.org>

Imagine a large red swirl here.

Reply to:

References:
- Bug#621833: System user handling in packages: status of discussion
  - From: Lars Wirzenius <liw@liw.fi>

Prev by Date: Re: Bug#621833: System user handling in packages: status of discussion
Next by Date: Re: Request for TC to rule on a course of action for supporting build-arch
Previous by thread: Re: Bug#621833: System user handling in packages: status of discussion
Next by thread: Bug#630174: debian-policy: forbid installation into /lib64
Index(es):
- Date
- Thread