[2015-02-03 22:10:26 -0500] Daniel Micay:
> It's definitely a security issue when it comes to the dynamically
> assigned range (500..999) since files may be left behind and the
> user/group could be reused. It doesn't seem like it could be an issue
> with the reserved static ids though.
I concur.
On 04/02/15 13:21, Sébastien Luttringer wrote:
> On 03/02/2015 17:16, Evangelos Foutras wrote:
>> On 03/02/15 17:58, Andrew Gregory wrote:
>>> -1 for systemd-sysusers unless you can figure out a way to use it in
>>> pre_install. In order for the dynamic user creation Allan mentioned
>>> to work, p
On 03/02/2015 17:16, Evangelos Foutras wrote:
> On 03/02/15 17:58, Andrew Gregory wrote:
>> -1 for systemd-sysusers unless you can figure out a way to use it in
>> pre_install. In order for the dynamic user creation Allan mentioned
>> to work, pacman will have to be changed to use symbolic user na
On 03/02/15 06:05 PM, Allan McRae wrote:
> On 03/02/15 22:01, Jerome Leclanche wrote:
>> 2015-02-03 12:46 GMT+01:00 Allan McRae :
>>>
>>> 1) We should not remove users/groups when packages are uninstalled. This
>>> is a potential security issue if any files are left owned by the
>>> non-existent us
On 03/02/15 22:01, Jerome Leclanche wrote:
> 2015-02-03 12:46 GMT+01:00 Allan McRae :
>>
>> 1) We should not remove users/groups when packages are uninstalled. This
>> is a potential security issue if any files are left owned by the
>> non-existent user/group.
>
> When should the cleanup be done?
Hi Tobias,
[2015-02-03 09:33:12 +0100] Tobias Powalowski:
> I don't use it on any of my machines anymore, anyone who wants to step up?
I'll take unison.
Cheers.
--
Gaetan
pgpedt5So0eTz.pgp
Description: PGP signature
Hi Tobias
On Tue, Feb 3, 2015 at 12:33 AM, Tobias Powalowski
wrote:
> Hi guys,
> I don't use it on any of my machines anymore, anyone who wants to step up?
> Else those are candidates for AUR/community.
>
> ocaml
> ocaml-compiler-libs
I'll take care of ocaml.
On 03/02/15 17:58, Andrew Gregory wrote:
> -1 for systemd-sysusers unless you can figure out a way to use it in
> pre_install. In order for the dynamic user creation Allan mentioned
> to work, pacman will have to be changed to use symbolic user names for
> file ownership which requires the user to
On 02/03/15 at 02:27pm, Evangelos Foutras wrote:
> On 03/02/15 13:46, Allan McRae wrote:
> > Hi all,
> >
> > While looking into how best handle those directory permission warnings
> > with pacman-4.2, I have noticed a couple of things about user/group
> > management in our packages.
> >
> > 1) We
On Tue, Feb 3, 2015 at 1:27 PM, Evangelos Foutras
wrote:
> I'd say yes and I agree on both points.
>
> This is also a perfect opportunity to mention systemd-sysusers(8) which,
> along with sysusers.d(5) entries, can greatly simplify the creation of
> system users.
>
+1 for doing this.
--
Andre
On 03/02/15 13:46, Allan McRae wrote:
> Hi all,
>
> While looking into how best handle those directory permission warnings
> with pacman-4.2, I have noticed a couple of things about user/group
> management in our packages.
>
> 1) We should not remove users/groups when packages are uninstalled. Th
2015-02-03 12:46 GMT+01:00 Allan McRae :
>
> 1) We should not remove users/groups when packages are uninstalled. This
> is a potential security issue if any files are left owned by the
> non-existent user/group.
When should the cleanup be done? Installing and immediately
uninstalling a package sho
Hi all,
While looking into how best handle those directory permission warnings
with pacman-4.2, I have noticed a couple of things about user/group
management in our packages.
1) We should not remove users/groups when packages are uninstalled. This
is a potential security issue if any files are le
=== Signoff report for [testing] ===
https://www.archlinux.org/packages/signoffs/
There are currently:
* 3 new packages in last 24 hours
* 0 known bad packages
* 0 packages not accepting signoffs
* 4 fully signed off packages
* 57 packages missing signoffs
* 2 packages older than 14 days
(Note: t
Hi guys,
I don't use it on any of my machines anymore, anyone who wants to step up?
Else those are candidates for AUR/community.
ocaml
ocaml-compiler-libs
facile
lablgtk2
unison
greetings
tpowa
--
Tobias Powalowski
Archlinux Developer & Package Maintainer (tpowa)
http://www.archlinux.org
tp...@
Am 13.01.2015 um 17:59 schrieb Tobias Powalowski:
> Hi guys,
> I don't use it on any of my machines anymore, anyone who wants to step up?
> Else those are candidates for AUR.
>
> greetings
> tpowa
>
Done removed from [extra] repository.
greetings
tpowa
--
Tobias Powalowski
Archlinux Developer &
16 matches
Mail list logo