Hi, On 2/9/2019 6:02 PM, Sean Whitton wrote: > On Sat 09 Feb 2019 at 01:51PM +01, Guillem Jover wrote: > >> To that effect I sent a patch to adduser to allow these in #521883, >> but it seems that's stuck. :/ >> >>> How do others deal with this problem? Could someone think of a viable >>> approach on how to approach this from a policy side? >> >> Unfortunately, last time it looked like there was some push bach, due >> to there not being a clear winner in "current" practice at the time >> AFAIR. I think a way forward would be to get that adduser patch merged, >> then keep promoting the underscore usage, and possibly try to switch >> existing users to use that. > > ISTM to me we have a consensus, at least, that new packages with system > users should use the underscore prefix convention. There isn't a > consensus on what to do about old packages, but Policy can be written in > such a way to refer only to new packages with system users.
that sounds great to me. I think we should finally come up with a solution and flesh out how to grandfather in the old packages, while nudging them to adopt a new scheme if possible. Marco's approach is ultimately correct in that maintainers of packages with existing system users should evaluate if something can be done - but it might well be that it is pretty much impossible to fix for some of the packages. And that's fine. I do wonder if it would be possible to solve some of the rename cases with some sort of dpkg-maintscript-helper so that not everyone needs to figure this out on their own, but I fear that this could easily be ratholed into a too generic solution that supports all cases - which would not be useful. I did a small evaluation on the set of the existing users created by packages in sid and put it onto [0]. It's a large list of ~300 users to exclude while skipping the ones with dashes and underscores in them. I'd be great to stop the bleeding here, though. It's a bit sad that the policy bug #248809 did not go anywhere with the last update happening in 2008. And obviously the list is now much larger than the list compiled by Vincent back then. Is that the bug in which we should continue this discussion for the policy change? > Ideally the adduser change would happen before we wrote this down in > Policy, but since the adduser behaviour is easy to workaround (IIRC), it > would not be required for it to happen first. The former maintainer of the package seems to have been sympathetic to the patch in [1], too. Kind regards and thanks Philipp Kern [0] https://people.debian.org/~pkern/permanent/userlist.txt -- Obviously this still contains some variables at the top that would need manual analysis. I also ignored all of OpenStack which seems to have its own way of shipping a shell library in every postinst script that calls adduser. [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=521883#38
