On Tue, Aug 14, 2012 at 09:18:36AM +0200, Michael Hanke wrote: > On Mon, Aug 13, 2012 at 02:18:11PM +0200, Tiziano Zito wrote: > > What about this in condor.postinst:: > > > > SH=$(getent passwd | egrep '^condor:'| cut -d : -f 7) > > if [ "$SH" = "/bin/false" -o "$SH" = "/usr/sbin/nologin" ]; then > > # condor user exists and it is a locked user > > else > > adduser --system ... > > fi > > I'd like to turn this around: First run adduser and only if it fails > check for an existing condor user and issue a warning if it exists _and_ > is locked down _and_ the package will use it as a daemon user. Otherwise fail. > > The code above would result in a warning message on every upgrade, > even when the package did successfully create a system user itself.
So here is a proposal how to deal with this. Please let me know, if you anticipate problems with this approach: diff --git a/debian/condor.postinst b/debian/condor.postinst index 91ac8a5..0156b7c 100755 --- a/debian/condor.postinst +++ b/debian/condor.postinst @@ -164,8 +164,24 @@ case "$1" in configure) # according to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621833#119 # this should always work - adduser --system --group --gecos "$condor_gecos" --home $condor_home \ - --disabled-password --disabled-login $condor_user --quiet + if ! adduser --system --group --gecos "$condor_gecos" --home $condor_home \ + --disabled-password --disabled-login $condor_user --quiet ; then + # the only time where it would fail, is when there is an existing + # non-system 'condor' user. This could happen e.g. in a heterogenous + # Condor pool (various OSes) where the adminstrative Condor user + # comes from LDAP and the home dir is shared across machines. This + # is a supported deployment scenario for Condor (see installation + # manual section 3.2) + # the only problem is the possibility to conflict with an actual + # "human" user with the same name, so only proceed when the + # respective user is locked down + SH=$(getent passwd | egrep '^condor:'| cut -d : -f 7) + if [ "$SH" = "/bin/false" -o "$SH" = "/usr/sbin/nologin" ]; then + echo "WARNING: Condor will be running under an existing non-system user account 'condor'." + else + exit 1 + fi + fi # make sure the config and home dir are complete condor_local_cfg_template condor_put_debconf_cfg Thanks Michael -- Michael Hanke http://mih.voxindeserto.de -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org