Package: harden-doc Version: 3.11 Severity: normal Hello Javier,
According to your Securing-Debian-HOWTO, one should add lots of code to the postrm maintainer script, in case that a system user/group needs to be removed. At http://www.debian.org/doc/manuals/securing-debian-howto/ch9#s-bpp-lower-privs you explain how to check in the postrm, whether the to-be-removed account is really a system account. Why don't you simply suggest to use 'deluser/delgroup --system' from the adduser package? One reason why adduser has been developed, was to help package maintainers to deal with system accounts. One problem for sure is, that adduser doesn't have priority essential, but on the other side passwd, where userdel/groupdel lives, doesn't have that either. I suggest to update the HOWTO to use the adduser tools instead of your code in maintainer scripts. Your code might do the same, but in case that a bug is found, every single maintainer script that uses this code needs to be updated. That is a strong argument for tools like adduser. greetings, jonas -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.18-12-amd64-resivo Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
