POSTUN scriptlet failure in rpm package cyrus-sasl

Toshio Kuratomi a.badger at gmail.com
Thu Mar 11 16:19:31 UTC 2010 

On Thu, Mar 11, 2010 at 04:35:13PM +0100, Tomas Mraz wrote:
> On Thu, 2010-03-11 at 10:04 -0500, Toshio Kuratomi wrote: 
> > """
> > We never remove users or groups created by packages. There's no sane way to
> > check if files owned by those users/groups are left behind (and even if
> > there would, what would we do to them?), and leaving those behind with
> > ownerships pointing to now nonexistent users/groups may result in security
> > issues when a semantically unrelated user/group is created later and reuses
> > the UID/GID. Also, in some setups deleting the user/group might not be
> > possible or/nor desirable (eg. when using a shared remote user/group
> > database). Cleanup of unused users/groups is left to the system
> > administrators to take care of if they so desire. 
> > """
> > 
> > https://fedoraproject.org/wiki/Packaging:UsersAndGroups
> > 
> > I've updated bugzilla with this information as well.
> 
> Someone should perhaps correct the
> http://fedoraproject.org/wiki/PackageUserCreation then.
> 
> Or add some rules on how to resolve conflicts among the current rules.
> (I'm joking.)
> 
So this is interesting.  That page is not a Packaging Guideline.  You can
tell because it's not Packaging:UserCreation.

The FPC is aware that the page exists but pretty much left it alone as it
documents a program, fedora-usermgmt, that Enrico Scholz wrote to solve
issues with user creation in the way that he thought best.  However, if it's
causing confusion we should definitely make some sort of change.  What
should that be?

Options:
* Put a large admonition at the top that says "I am not a Packaging
  Guideline" and point to the packaging guideline page for user creation.
* Remove the page
* Have the FPC vote whether use of fedora-usermgmt is disallowed and remove
  the page if so
* Rename the page
* Someone  works on the text of the page to make it clear that it's only
  documenting the fedora-usermgmt application, not something written into
  the packaging guidelines.
* Update the page to remove the userdel and groupdel portions.

What combination of the above seems most suitable to people?

-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20100311/7d897d22/attachment.bin

More information about the devel mailing list