On 08/20/2014 02:04 PM, Alain Kalker wrote:
Also, why ship the /etc/shadow, /etc/gshadow files at all?
AFAIK, nothing is supposed to mess with the shadow files anyway, except
pwconv and grpconv (for initially converting a freshly installed,
non-shadow system into one using shadow files), after which these files
should be managed by the shadow system itself, in response to
adding/removing/changing users and groups using the designated tools.
From `man pwconv`:
> Each program acquires the necessary locks before conversion.
I'm quite certain that pacman doesn't do this when installing these
files, and if it did, it would mean it has low-level knowledge about the
shadow system which it isn't supposed to have.
Not properly locking these files can lead to some very surprising,
unwanted behaviour, which I experienced first-hand when upgrading the
filesystem package,
Isn't the filesystem package supposed to be a kind of stable, hardly
ever changing scaffold onto which other packages are supposed to attach
their own changes? Why for example doesn't the systemd package add its
users and groups using pre_install function in its install script?
--
Alain