On Fri, Jun 10, 2011 at 10:12:20AM +0100, Lars Wirzenius wrote: > * To create an user, a maintainer script should call > "adduser --system foo". It is not necessary to wrap this in > a check for whether the user exists.
It would be a bug to do so. Add --quiet to the adduser call if you don't want to show the resulting warning to your users, but I'd recommend to leave the warning active. > * When the package is removed, the user should be locked: > "lockuser foo". > * lockuser is a still-hypothetical tool, which needs to be added > to the adduser package. It is a wrapper around "usermod -L -e 1 foo". > * Similarly, adduser needs to be changed to unlock: > "usermod -U -e '' foo". Why not extending deluser to not delete the user if it is a system account? > Unclear to me are the following two points: > > * Should packages also remove the contents of the system account's > home directory? No, the local admin might have put important additional data in there. It may be an idea to remove all files that the _package_ has put there, but that would be a _significant_ burden IMO. > Should this be done upon package remove or purge? Purge, of course. When you remove and reinstall, you should be exactly where you were before. > * Is there consensus that adduser should get a --local option, > and if so, what should its semantics be, and should packages > start using it now? Or can this wait until there's an actual > need for --local, so that the precise semantics can be defined? > There's a fairly few packages that create users, so we should > be able to deal with them fairly easily later. Actually --system was meant for that. Greetings Marc, who has for quite some time taken care of adduser but has lost touch to the package recently -- ----------------------------------------------------------------------------- Marc Haber | "I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things." Winona Ryder | Fon: *49 621 31958061 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 31958062 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
