* Gabor Gombas ([EMAIL PROTECTED]) [051026 18:03]: > On Wed, Oct 26, 2005 at 05:39:45PM +0200, Andreas Barth wrote: > > > > i don't think removing and reusing users is a good idea in practice. > > > what harm would there be in simply leaving the user account on the > > > system permenantly, with maybe locking the account and setting the > > > shell to /bin/false? > > > > Yep, that's probably best practice. > > Note that most system groups are already locked and have the shell set > to /bin/false by default, anything else is likely a change made by the > admin manually. Forcibly locking the account is thus overriding the > admin's decision, so it must be at least clearly documented somewhere.
Well, locking of course only if the application needed something else than /bin/false in the first place. :) > Another thing would be to change the GECOS indicating that the account > is now stale, and have some small utility to list/remove all such > accounts. So whoever wants to automatically remove unused accounts can > configure apt to do so by calling this utility from DPkg::Post-Invoke. That might be possible, yes. Cheers, Andi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]