Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-3443

rpm should not remove user on uninstall

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Low
    • Resolution: Invalid
    • Fix Version/s: None
    • Component/s: Packaging
    • Labels:
    • Severity:
      Low

      Description

      Fedora's packaging guidelines state, "We never remove users or groups created by packages. There's no sane way to check if files owned by those users/groups are left behind (and even if there would, what would we do to them?), and leaving those behind with ownerships pointing to now nonexistent users/groups may result in security issues when a semantically unrelated user/group is created later and reuses the UID/GID. Also, in some setups deleting the user/group might not be possible or/nor desirable (eg. when using a shared remote user/group database). Cleanup of unused users/groups is left to the system administrators to take care of if they so desire." (that's from http://fedoraproject.org/wiki/Packaging/UsersAndGroups)

      However, Cassandra's spec file in trunk and all branches contains this:

      %preun
      # only delete user on removal, not upgrade
      if [ "$1" = "0" ]; then
          userdel %{username}
      fi
      

      I agree with Fedora's reasoning. Additionally I'd like to add that stray accounts on a system are generally relatively harmless. I wonder if there was some intentional decision to diverge from Fedora's (and presumably Red Hat's) customary behavior? If not, I would suggest removing the above scriptlet from the Cassandra spec file. I'd be happy to provide a diff if that would be useful.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              markdoliner Mark Doliner
              Reviewers:
              paul cannon
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: