POSTUN scriptlet failure in rpm package cyrus-sasl
Tomas Mraz
tmraz at redhat.com
Thu Mar 11 15:35:13 UTC 2010
On Thu, 2010-03-11 at 10:04 -0500, Toshio Kuratomi wrote:
> On Thu, Mar 11, 2010 at 02:31:43PM -0000, Quentin Armitage wrote:
> > See https://bugzilla.redhat.com/show_bug.cgi?id=572399
> >
> >
> >> groupdel: group 'saslauth' does not exist Non-fatal POSTUN scriptlet failure
> >> in rpm package cyrus-sasl
> >> warning: %postun(cyrus-sasl-2.1.23-4.fc12.i686) scriptlet failed, exit
> >> status 6
> >>
> >>
> >> This looks benign, but I suppose it could check if the group exists before
> >> attempting to delete it.
> >>
>
> There's actually a not so benign side of this. Here's what the Guidelines
> say about removing groups:
>
> """
> We never remove users or groups created by packages. There's no sane way to
> check if files owned by those users/groups are left behind (and even if
> there would, what would we do to them?), and leaving those behind with
> ownerships pointing to now nonexistent users/groups may result in security
> issues when a semantically unrelated user/group is created later and reuses
> the UID/GID. Also, in some setups deleting the user/group might not be
> possible or/nor desirable (eg. when using a shared remote user/group
> database). Cleanup of unused users/groups is left to the system
> administrators to take care of if they so desire.
> """
>
> https://fedoraproject.org/wiki/Packaging:UsersAndGroups
>
> I've updated bugzilla with this information as well.
Someone should perhaps correct the
http://fedoraproject.org/wiki/PackageUserCreation then.
Or add some rules on how to resolve conflicts among the current rules.
(I'm joking.)
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the devel
mailing list