On 15/08/2022 09.31, Ionen Wolkens wrote:
> On Mon, Aug 15, 2022 at 08:56:51AM +0200, Ulrich Mueller wrote:
>>>>>>> On Mon, 15 Aug 2022, John Helmert wrote:
>>
>>> # John Helmert III <ajak@gentoo.org> (2022-08-14)
>>> # Many vulnerabilities (including code execution and root privilege
>>> # escalation), effectively unmaintained. Removal in 30 days, bugs
>>> # #631552, #790296, #842789
>>> sys-cluster/slurm
>>
>> This will leave acct-{user,group}/slurm without reverse dependencies.
>> Last-rite them, too?
>
> Aren't we still stuck on what to do with [1]?
>
> [1] https://bugs.gentoo.org/781881
FWIW, I am not sure why we should keep the unused acct-{user,group}
packages. At least I don't see how removing them would cause any issues
or confusion? The bug appears to be light on arguments in favor of
keeping them. Quite contrary, I think keeping them could cause some
confusion, as users may start looking for the according actual package
and hope to find it.
But maybe I am missing something?
Needless to say that I am only talking about the acct-{user,group}
packages, the uid-gid.txt reservation should stay for obvious reasons.
And this also rules out that the IDs are re-assigned.
- Flow
> On Mon, Aug 15, 2022 at 08:56:51AM +0200, Ulrich Mueller wrote:
>>>>>>> On Mon, 15 Aug 2022, John Helmert wrote:
>>
>>> # John Helmert III <ajak@gentoo.org> (2022-08-14)
>>> # Many vulnerabilities (including code execution and root privilege
>>> # escalation), effectively unmaintained. Removal in 30 days, bugs
>>> # #631552, #790296, #842789
>>> sys-cluster/slurm
>>
>> This will leave acct-{user,group}/slurm without reverse dependencies.
>> Last-rite them, too?
>
> Aren't we still stuck on what to do with [1]?
>
> [1] https://bugs.gentoo.org/781881
FWIW, I am not sure why we should keep the unused acct-{user,group}
packages. At least I don't see how removing them would cause any issues
or confusion? The bug appears to be light on arguments in favor of
keeping them. Quite contrary, I think keeping them could cause some
confusion, as users may start looking for the according actual package
and hope to find it.
But maybe I am missing something?
Needless to say that I am only talking about the acct-{user,group}
packages, the uid-gid.txt reservation should stay for obvious reasons.
And this also rules out that the IDs are re-assigned.
- Flow