Re: Bug#72738: Unnecessary changes to /etc/passwd

To: Lindsay Haisley <fmouse@fmp.com>, 72738@bugs.debian.org, debian-qa@lists.debian.org
Subject: Re: Bug#72738: Unnecessary changes to /etc/passwd
From: Lindsay Haisley <fmouse@fmp.com>
Date: Fri, 29 Sep 2000 21:13:54 -0500
Message-id: <[🔎] 20000929211354.A31892@donjon.fmp.com>
Reply-to: fmouse@fmp.com
In-reply-to: <[🔎] 20000929224349.L9661@seteuid.getuid.de>; from Christian Kurz on Fri, Sep 29, 2000 at 10:43:49PM +0200
References: <20000928193644.G31537@donjon.fmp.com> <20000929163417.B9661@seteuid.getuid.de> <20000929114121.A23241@donjon.fmp.com> <[🔎] 20000929224349.L9661@seteuid.getuid.de>

Thus spake Christian Kurz on Fri, Sep 29, 2000 at 03:43:49PM CDT
> > My original post specified Debian 2.2.  The numerals got stripped somewhere
> > along the way.  Sorry if the usage on this field was out of spec.  I wasn't
> > sure what to specify since I don't know what package did the deed.
> 
> Then you can stil assign it to the package general so that people get
> notified and give as version-numer 2.2. 

Would you please see to it that the right information gets to whoever needs
to see it, whether or not this was done correctly?  If you want people to
follow this format for non-specific problem reporting then it should be
explained on <http://www.debian.org/Bugs/Reporting>.  It's not.

> > I updated packages using apt from within dselect, auto-installing everything
> > that needed to be updated via transfers from the debian ftp site.  Lots of
> > package install scripts asked a lot of questions, as usual, and I kept a
> > record on another virtual terminal of those messages which appeared to be
> 
> Apperead? How can you say if something appers to be important or not? I
> see no one do this automatically. This has always to be done by manual
> reading.

I read with my eyes, not by hand :)  Every time I was presented with a
notice which required my attention and some sort of input or keypress to
continue I read it thoroughly.  If it indicated some action that needed to
be taken, such as manual reconfiguration of stuff in /etc/pam.d to
reproducte the functionality of /etc/suauth or a warning about possible
problems, I took care of it immediately on another vt and where appropriate
I copied the screen data to a review file.  I >do< know what I'm doing with
this stuff.  I've been using Linux since 1994, guys!  I make my living off
of it.

> > mission-critical to the upgrade.  At no point do I remember being asked if I
> > wanted to overwrite any information in /etc/passwd.  I know that the mysql
> 
> Look at the code of base-passwd.postinst and see what's done in it. You
> will also notice that update-passwd gets only executed if the admin who
> does the upgrade says y at the prompt. Otherwise no changes will be
> done.

It looks as though this is the guilty party!

System entries (or any other entries) in /etc/passwd which do not relate to
installed packages or which are not fundamental to the operation of the OS
should never be mucked with by >any< script of this nature.  The /etc/passwd
entry for the majordomo list server is totally peripheral to proper
operation of Debian and should under no circumstances be changed in this
fashion.  Although I may have run the update script, it's very broken for it
to "fix" this entry, especially considering that Debian doesn't even offer a
Majordomo package!  I would suggest that the entry for majordomo be striken
from /usr/share/base-passwd/passwd.master, or added to the /etc/passwd file
only if it's not already there.  It is, after all, put there initally simply
as a convenience for people who want to install Majordomo and as an
indicator of what is apropriate under the Debian FHS.

> > circulstances should any package, update-passwd or any other, muck with
> > passwd file entries which are unrelated to the system or to currently
> > installed packages.  Period!  While Debian may advise the use of a certain
> 
> When do you understand the update-passwd gets _only_ executed when _you_
> as the admin make this decision and either call it from the commandline
> or say y in the postinst-script?

I make the decision to drive my car, too, but I don't expect it to drive me
into a utility pole unless I very explicitly steer it in that direction. 
What the update script did was broken, whatever my answer may have been to
the install question.

> > A search through the Debian package list in dselect for "majordomo" and for
> > the partial words "major" and "domo" turns up nothing, and I just tried it
> 
> Hm, then the packages has not only been removed in woody, but also
> potato. If you upgraded, you had slink and slink contained a
> majordomo-package, which you will find in the package list of slink, if
> they didn't remove it there also.

This is all the more reason to remove the majordomo entry from
passwd.master.

Majordomo was in non-free in hamm.  I gave away my slink disks so I don't
know about that.  It was probably removed due to security concerns, of which
there are a few, or possibly becuase of its license. Its proper use with
qmail, which is much more secure than sendmail, removes some of the security
concerns, and the lists which I administer are populated by people who are
extremely unlikely to go and try to break the list server or the underlying
OS.

> > This is none of your business, nor of anyone else at Debian, and your
> > comment is inappropriate.
> 
> But then don't tell us that the update went smooth and you check
> everything (including the mailserver as you wrote on debian-qa) and saw
> no problems.

The mail server worked just fine :)

> How can you say that you saw no problems after the upgrade,
> when a user notices after a day that the mailserver is broken?

The mail server was NOT broken, nor was my qmail list server (ezmlm). The
majordomo list server >was< broken (mail server != list server).  I said
that I saw very few problems with the upgrade, which, concering the
complexity of the overall system, was very good.  I >did< have to reboot the
box to get the mysql server to work properly with apache/php.  This was
probably due to memory caching of some sort, and is the kind of problem one
might expect to deal with in such a large upgrade.  I handled it right away. 
I didn't expect to have to deal with a rogue install script overwriting
something in my /etc/passwd file which it had no business fucking with.

> Please
> get your facts right, before you blame debian for things that debian is
> not responsible for.

Excuse me?  Let me repeat what I said.  NO package or update script has any
business changing entries in /etc/passwd which do not relate to the
functionality of the OS or of installed packages, ESPECIALLY if such an
entry relates to a subsystem which isn't even supported or offered as
package by Debian.

This is a big, black, Debian bug.  Deal with it, Please!

-- 
Lindsay Haisley       | "Everything works    |     PGP public key
FMP Computer Services |       if you let it" |      available at
fmouse@fmp.com        |    (The Roadie)      | <http://www.fmp.com/pubkeys>
http://www.fmp.com    |                      |

Reply to:

Follow-Ups:
- Re: Bug#72738: Unnecessary changes to /etc/passwd
  - From: Joey Hess <joeyh@debian.org>
- Re: Bug#72738: Unnecessary changes to /etc/passwd
  - From: Christian Kurz <shorty@debian.org>

References:
- Re: Bug#72738: Unnecessary changes to /etc/passwd
  - From: Christian Kurz <shorty@debian.org>

Prev by Date: Re: Attitude!
Next by Date: Re: Bug#72738: Unnecessary changes to /etc/passwd
Previous by thread: Re: Bug#72738: Unnecessary changes to /etc/passwd
Next by thread: Re: Bug#72738: Unnecessary changes to /etc/passwd
Index(es):
- Date
- Thread