[tor] User and group entries are left over in passwd and gshadow after removal, makes pwck and shadow.service fail

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Hi,
I opened FS#47893 [1] to discuss this issue, but it's been closed with no delay and I can't really have a discussion via re-opening requests.
Upon installation of the tor package, directory /var/lib/tor is created (see PKGBUILD#40 [2]). Upon uninstallation, it is automatically deleted **only if empty**: 

# pacman -S tor
# touch /var/lib/tor/test
# pacman -Rns tor
# ls -lah /var/lib/tor
total 8,0K
drwx------ 2 tor tor 4,0K 25 janv. 16:50 .
drwxr-xr-x 39 root root 4,0K 25 janv. 16:50 ..
-rw-r--r-- 1 root root 0 25 janv. 16:50 test

# rm -rf /var/lib/tor

# pacman -S tor
...
(1/1) installing tor
error: command failed to execute correctly
...
# pacman -Rns tor
# ls -lah /var/lib/tor
ls: cannot access /var/lib/tor: No such file or directory
However, tor user and group (UID/GID 43) created via post_install() hook [3] are not removed: 

# pacman -Rns tor
$ id tor
uid=43(tor) gid=43(tor) groupes=43(tor)

This makes shadow.service fail at bootup:

pwck[718]: tor user: directory « /var/lib/tor » does not exist
pwck[718]: pwck : no change
systemd[1]: shadow.service: Main process exited, code=exited, status=2/INVALIDARGUMENT 
systemd[1]: Failed to start Verify integrity of password and group files.
systemd[1]: shadow.service: Unit entered failed state.
systemd[1]: shadow.service: Failed with result 'exit-code'.

Same for pwck.
What I asked in FS#47893 was to add a post_uninstall() hook to remove tor user (e.g. with `userdel tor`), so that **if /var/lib/tor has been deleted automatically** because it was empty, pwck doesn't trip on home dir verification.
Note that if /var/lib/tor isn't empty, `userdel tor` would merely remove the user entry and not delete its home directory (-r switch). Therefore, no data loss. Moreover, I believe it is possible to condition user deletion on directory existence (e.g. `if [ ! -e /var/lib/tor ]; then userdel tor; else :`), so that could do it too.
Reason for closing was "Not a bug / So fix it. This isn't something that can be dealt with automatically". I fail to see how it is so, but if I'm wrong please tell me so and why. 

Thanks,
Bastien

[1] https://bugs.archlinux.org/task/47893
[2] https://projects.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/tor#n40 [3] https://projects.archlinux.org/svntogit/community.git/tree/trunk/tor.install?h=packages/tor
[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux