Users and groups kept after a port deinstallation
in [Ports]
|
From: Anonymous on 22 May 2010 23:57 RW <rwmaillists(a)googlemail.com> writes: > On Sun, 23 May 2010 03:39:53 +0400 > Anonymous <swell.k(a)gmail.com> wrote: > >> RW <rwmaillists(a)googlemail.com> writes: >> >> > On Sat, 22 May 2010 11:42:53 -0400 >> > jhell <jhell(a)dataix.net> wrote: >> >> This is more of a best practices case than what the implications of >> >> leaving users in the master.passwd are. >> > >> > Why is it best practice? Why add extra complexity to solve a problem >> > that doesn't actually exist? >> >> Such unused entries in passwd add clutter. It in turn makes managing >> users more complex. You have to remember which users are created by >> you and which ones are created by ports. > > You don't have to remember, just look at the UID/GID values, ordinary > users start at 1001, ports create UIDs < 1000. You're presuming non-ordinary users are created only by ports framework. That's not always the case. I may want for example a separate user for telnetd to broadcast ascii movies or youterm sessions. ;) Besides, some ports do not create users by default but may use them if available, e.g. dns/dnsmasq & dnsmasq user. This case is more like a bug, though. > > The base system alone creates 18 such users, if you have problems with > this kind of thing a few stale uids are the least of your problems. > >> So, if you change home dir >> of some user there may be undesireble consequences. And only then >> security becomes a concern because port app may be run with >> privilegies that are higher than intended. > > This appears to refer to an admin confusing a normal user with a > system user that's still in use by a port, so I don't see the > relevance. No. It's about conflict: system user created by admin and system user created by port happen to have same username. _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: Matthew Seaman on 23 May 2010 01:59 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 23/05/2010 02:50:00, Ade Lovett wrote: > > On May 22, 2010, at 16:39 , Anonymous wrote: >> >> Such unused entries in passwd add clutter. It in turn makes managing >> users more complex. You have to remember which users are created by you >> and which ones are created by ports. > > Irrespective of the UID/GID stuff mentioned elsewhere, merely go > through the ports tree and add (or append) "(created by ports)" to the > GECOS field of any such created users. OpenBSD has a convention that all system user accounts start with a '_' character. There are a few accounts in UIDs that have adopted that, but no great stampede to adopt the idea despite most people agreeing with it. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv4xFkACgkQ8Mjk52CukIxtUgCgh3ulQ2NBlHrFJIMWSb0eQYnc lhEAn2J9Fx+gpzv7Z28pL3VS8sv9rBDw =GACU -----END PGP SIGNATURE----- _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: Matthew Seaman on 23 May 2010 02:02 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 23/05/2010 04:47:49, jhell wrote: > But if a port can install a user there is no reason that it can not > uninstall a user via pw(8) that is available from bsd.commands.mk after > checking a recorded md5(1) sum that it could create upon installation > for the output of pw usershow/groupshow UID/GID. The trick would be to teach the ports how to tell if a port was being deleted for good, when trashing the user would be appropriate, or if the port was being deleted as part of the process of upgrading it, when you'ld want to keep the user. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv4xPcACgkQ8Mjk52CukIyoCwCdERkAVk19Iy0el1EpR46GlKSo b6UAnAuVqhInDCfnAqw77mP5UrKKAYgK =17k9 -----END PGP SIGNATURE----- _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: rwmaillists on 23 May 2010 07:00 On Sat, 22 May 2010 23:21:35 -0400 jhell <jhell(a)dataix.net> wrote: > You being the originator of the thread called "Users and groups kept > after a port deinstallation" which implies to me that you had a > problem with users left behind on a system am I correct ? No, and the OP and I have different names and email addresses. > If you really do not care about them after suggestions have been made > in either point that would help with the above subject line then what > is the original intention of your email ? why did you even write it ? I didn't _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
From: rwmaillists on 23 May 2010 07:45 On Sun, 23 May 2010 07:57:36 +0400 Anonymous <swell.k(a)gmail.com> wrote: > > You don't have to remember, just look at the UID/GID values, > > ordinary users start at 1001, ports create UIDs < 1000. > > You're presuming non-ordinary users are created only by ports > framework. That's not always the case. I may want for example a > separate user for telnetd to broadcast ascii movies or youterm > sessions. ;) This has no relevance, we're talking about users that were previously created by ports and left behind after port deletions. > > This appears to refer to an admin confusing a normal user with a > > system user that's still in use by a port, so I don't see the > > relevance. > > No. It's about conflict: system user created by admin and system user > created by port happen to have same username. pw and adduser wont let you add usernames that already exist. I've no idea whether pwd_mkdb allows duplicates usernames with different UIDs, I've never tried it, but if you create users that way without performing a check, you deserve what you get. _______________________________________________ freebsd-ports(a)freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscribe(a)freebsd.org"
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 5 Prev: INDEX build failed for 6.x Next: INDEX build failed for 6.x |