On Thu, Mar 11, 2010 at 02:31:43PM -0000, Quentin Armitage wrote: > See https://bugzilla.redhat.com/show_bug.cgi?id=572399 > > >> groupdel: group 'saslauth' does not exist Non-fatal POSTUN scriptlet failure >> in rpm package cyrus-sasl >> warning: %postun(cyrus-sasl-2.1.23-4.fc12.i686) scriptlet failed, exit >> status 6 >> >> >> This looks benign, but I suppose it could check if the group exists before >> attempting to delete it. >> There's actually a not so benign side of this. Here's what the Guidelines say about removing groups: """ We never remove users or groups created by packages. There's no sane way to check if files owned by those users/groups are left behind (and even if there would, what would we do to them?), and leaving those behind with ownerships pointing to now nonexistent users/groups may result in security issues when a semantically unrelated user/group is created later and reuses the UID/GID. Also, in some setups deleting the user/group might not be possible or/nor desirable (eg. when using a shared remote user/group database). Cleanup of unused users/groups is left to the system administrators to take care of if they so desire. """ https://fedoraproject.org/wiki/Packaging:UsersAndGroups I've updated bugzilla with this information as well. -Toshoi
Attachment:
pgpRmrBfaUas1.pgp
Description: PGP signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
