Bug#621833: locking system users on package removal
On Sat, Jun 30, 2012 at 02:12:45PM +0100, Simon McVittie wrote:
> On 30/06/12 13:24, Stephan Springl wrote (on Bug #679642):
> > quake-server does neither install nor purge properly on systems
> > without shadow password because usermod gives an error for its
> > e option in this case.
>
> I took this use of usermod from the discussion on debian-devel regarding
> Policy bug #621833 (where it was originally suggested by Roger Leigh),
> so this potentially affects quite a few packages.
>
> Stephan's proposed patch (below) makes me think we really need a script
> (or dpkg-maintscript-helper subcommand) that locks and unlocks system
> users, in which we can make changes like this once and have them affect
> every relevant package, rather than individually patching every
> maintainer script.
>
> Roger: does the change below look appropriate?
>
> [in the preinst]
> > - usermod -U -e '' quake-server
> > + if [ -f /etc/shadow ]; then
> > + usermod -U -e '' quake-server
> > + else
> > + usermod -U quake-server
> > + fi
> [in the postrm]
> > # Lock account on purge
> > - usermod -L -e 1 quake-server
> > + if [ -f /etc/shadow ]; then
> > + usermod -L -e 1 quake-server
> > + else
> > + usermod -L quake-server
> > + fi
It looks sane to me. Having a dh_ command or some other dpkg
maintscript helper shell function to do this automatically would
IMO be a very nice improvement.
Regards,
Roger
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' schroot and sbuild http://alioth.debian.org/projects/buildd-tools
`- GPG Public Key F33D 281D 470A B443 6756 147C 07B3 C8BC 4083 E800
Reply to: