On Mon, Apr 19, 2021 at 11:29:41AM -0700, Kevin Fenzi wrote: > Greetings. > > I thought I would bring up for dicussion here something thats come up > after the new account system has been put in place. > > Namely, how do we handle group deletions. > In the FAS2 world, we never deleted anything. I think this was partly > due to an over abundence of caution (there could be files owned by the > group left over on various machines) and partly just because it was > easier. > > We now have 5 requests to remove various no longer used groups. > > I've enabled audit logging on our ipa01 instance, so we have audit logs > (and I intend to back them up and keep them forever). So we can tell > when a group was deleted by whom. We also have a db dump from fas2 > before the switchover where we can look at who was in what group or what > created it. > > So, I would like to propose: > > * we will remove groups on request/ticket from a group manager. > * we will not seek out groups to remove, as them being there doesn't > really hurt anything. > > Thoughts? +1 for me on groups. This does raise the question about user accounts no? We could have a group that is created with the same name as a group that was deleted, and suddenly our auditing trail needs to take into account a time component as group X at time A may be different than group X at time B. I've the feeling that user accounts are a tad more sensitive and thus we may want to keep our current policies, I'm raising the question here nonetheless :) Pierre _______________________________________________ infrastructure mailing list -- infrastructure@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to infrastructure-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/infrastructure@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
