cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark Doliner (Created) (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CASSANDRA-3443) rpm should not remove user on uninstall
Date Wed, 02 Nov 2011 05:36:32 GMT
rpm should not remove user on uninstall
---------------------------------------

                 Key: CASSANDRA-3443
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-3443
             Project: Cassandra
          Issue Type: Bug
          Components: Packaging
            Reporter: Mark Doliner
            Priority: Minor


Fedora's packaging guidelines state, "We never remove users or groups created by packages.
There's no sane way to check if files owned by those users/groups are left behind (and even
if there would, what would we do to them?), and leaving those behind with ownerships pointing
to now nonexistent users/groups may result in security issues when a semantically unrelated
user/group is created later and reuses the UID/GID. Also, in some setups deleting the user/group
might not be possible or/nor desirable (eg. when using a shared remote user/group database).
Cleanup of unused users/groups is left to the system administrators to take care of if they
so desire." (that's from http://fedoraproject.org/wiki/Packaging/UsersAndGroups)

However, Cassandra's spec file in trunk and all branches contains this:
{noformat}
%preun
# only delete user on removal, not upgrade
if [ "$1" = "0" ]; then
    userdel %{username}
fi
{noformat}

I agree with Fedora's reasoning.  Additionally I'd like to add that stray accounts on a system
are generally relatively harmless.  I wonder if there was some intentional decision to diverge
from Fedora's (and presumably Red Hat's) customary behavior?  If not, I would suggest removing
the above scriptlet from the Cassandra spec file.  I'd be happy to provide a diff if that
would be useful.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message