Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. Dev
Managing users and groups
daniel.pielmeier at googlemail
Sep 8, 2007, 7:47 PM
Post #1 of 4 (208 views)
Permalink
Hi,

I have recently checked the contents of /etc/{group,passwd,shadow} and
found that there are users and groups which are not needed anymore
because the packages which need them have also been removed. I have
deleted some of them which are unnecessary with userdel and groupdel.

I have experienced that some ebuilds use enewuser and enewgroup to
create users and groups which are needed. Some print a elog notice in
pkg_postinst to inform the user to create them manually.

I think it would be a good idea to either leave it to the user (inform
them via pkg_postinst) to create the groups and users or better create
the needed groups and users in pkg_preinst and remove them at uninstall
in pkg_postrm (edeluser end edelgroup may have to be implemented to
achieve this). In this case the configuration files did not get
cluttered with unneeded entries. To be sure that no group or user is
removed which is still needed some kind of configuration file could be
used to prevent the deletion of shared groups/users. With contents like
group/user X needed by ebuild Y.

While writing this i have found GLEP-27. What is the current status
concerning this?

Regards,

Daniel


--
gentoo-dev@gentoo.org mailing list
Re: Managing users and groups [ In reply to ]
vapier at gentoo
Sep 8, 2007, 8:39 PM
Post #2 of 4 (213 views)
Permalink
On Saturday 08 September 2007, Daniel Pielmeier wrote:
> While writing this i have found GLEP-27. What is the current status
> concerning this?

presumably you'd search bugzilla and come across 53269
-mike

Attached Files:

Re: Managing users and groups [ In reply to ]
daniel.pielmeier at googlemail
Sep 8, 2007, 9:14 PM
Post #3 of 4 (220 views)
Permalink
Mike Frysinger schrieb:
> On Saturday 08 September 2007, Daniel Pielmeier wrote:
>> While writing this i have found GLEP-27. What is the current status
>> concerning this?
>
> presumably you'd search bugzilla and come across 53269
> -mike

I have searched bugzilla, but not for the specific glep. This does not
look like a big issue as there is no progress in this bug at all (sorry
i can not help out there, i am just a user not a programmer as i have
mentioned before).

Why not using something similar to Comment 16 in Bug 8634

USERDEPEND="someuser"
GROUPDEPEND="somegroup"

A group/user is created when no other ebuild has the dependency and is
removed when the last ebuild has been removed which needs it?

Okay the approach in the glep look much cleaner, but this is maybe more
easier to implement!
--
gentoo-dev@gentoo.org mailing list
Re: Managing users and groups [ In reply to ]
lists at anderedomain
Sep 9, 2007, 1:15 AM
Post #4 of 4 (213 views)
Permalink
On Sun, 2007-09-09 at 06:14 +0200, Daniel Pielmeier wrote:
> A group/user is created when no other ebuild has the dependency and is
> removed when the last ebuild has been removed which needs it?

This blows up if you have to uninstall and reinstall a package, caused
by blockers or whatever. Files exist that still belong to the
user/group, new user/group have different ids. So either make sure the
uids and gids stay the same or just leave them be. Usually you have an
extra user for security reasons with minimal access rights. There is
absolutely no harm in that. I would prefer this to be another eclean
function or something like that, which scans passwd, shadow, group,
package database and all the files and dirs for owners.

Philipp

--
gentoo-dev@gentoo.org mailing list

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal