Package: dh-sysuser Version: 1.3.5.1 Severity: important X-Debbugs-CC: e...@kiyuko.org
Contrary to intention, users created by dh-sysuser are not actually deleted when the package is purged. Using the libvirt-dbus package, which I maintain, as an example: $ grep libvirtdbus /etc/passwd /etc/group $ sudo apt-get install -y libvirt-dbus Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: libvirt-dbus 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B/61.2 kB of archives. After this operation, 337 kB of additional disk space will be used. Selecting previously unselected package libvirt-dbus. (Reading database ... 226040 files and directories currently installed.) Preparing to unpack .../libvirt-dbus_1.4.0-2_amd64.deb ... Unpacking libvirt-dbus (1.4.0-2) ... Setting up libvirt-dbus (1.4.0-2) ... Processing triggers for dbus (1.12.20-3) ... Processing triggers for man-db (2.9.4-2) ... $ grep libvirtdbus /etc/passwd /etc/group /etc/passwd:libvirtdbus:x:998:998:Created by dh-sysuser for libvirt-dbus:/nonexistent:/usr/sbin/nologin /etc/group:libvirtdbus:x:998: $ sudo apt-get remove --purge -y libvirt-dbus Reading package lists... Done Building dependency tree... Done Reading state information... Done The following packages will be REMOVED: libvirt-dbus* 0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded. After this operation, 337 kB disk space will be freed. (Reading database ... 226061 files and directories currently installed.) Removing libvirt-dbus (1.4.0-2) ... Processing triggers for dbus (1.12.20-3) ... Processing triggers for man-db (2.9.4-2) ... $ grep libvirtdbus /etc/passwd /etc/group /etc/passwd:libvirtdbus:x:998:998:Created by dh-sysuser for libvirt-dbus:/nonexistent:/usr/sbin/nologin /etc/group:libvirtdbus:x:998: $ Looking at the code for sysuser-helper, the reason for this behavior is pretty obvious: command="${1}" ; shift case "${command}" in prerm) case ${1:-} in purge|abort-install) rmdir --ignore-fail-on-non-empty "${CONF_HOME}" if ! [ -d "${CONF_HOME}" ] ; then if ! userdel --force "${CONF_USERNAME}" ; then echo >&2 "warning: failed to remove ${CONF_USERNAME}. Proceeding anyway." fi fi esac esac So users are deleted when sysuser-helper is called from prerm and the operation is purge or abort-install. But deb-prerm(5) lists all possible ways in which prerm can be invoked, and neither of the above can happen. The result is that users created via dh-sysuser are never deleted. Additionally, the call to rmdir needs to be guarded by a check for the /nonexistent scenario, just like the use of --create-home is for the postinst part, because it will result in a script failure otherwise: $ sudo rmdir --ignore-fail-on-non-empty /nonexistent rmdir: failed to remove '/nonexistent': No such file or directory $ echo $? 1 $ -- Andrea Bolognani <e...@kiyuko.org> Resistance is futile, you will be garbage collected.
signature.asc
Description: PGP signature