[arch-general] Removing gitolite package doesn't remove gitolite user
Ahoi, I was removing gitolite because I fucked my setup up. When I reinstalled it to start from scratch, I ran into a problem. The /var/lib/gitolite folder wasn't created when I reinstalled the package. I found out that the gitolite user also still existed. I removed it and reinstalled gitolite. Now the directory was created like it should. I think this is a bug. When gitolite is uninstalled it should also remove the gitolite user. If the user is for some reason still needed after uninstall, another solution would be to correctly recreate the /var/lib/gitolite directory when installing the package and the gitolite user is detected. -- Greetings Ricardo Band https:// www.ricardo.band mailto:// email@ricardo.band
On Sat, 01 Apr 2017 03:01:04 +0200 Ricardo Band <email@ricardo.band> wrote:
I think this is a bug. When gitolite is uninstalled it should also remove the gitolite user.
No, it shouldn't. A deleted user presents a security issue, since the package has no way of knowing if there's any files/dirs left owned by that user. Short version here, you deleted the user's home dir manually and left the user. That's not a packaging problem.
On Fri, 2017-03-31 at 20:37 -0500, Doug Newgard wrote:
Short version here, you deleted the user's home dir manually and left the user. That's not a packaging problem.
Yep. But shouldn't the home dir be recreated when I reinstall the package? It seems that the package only executes a useradd command that creates the user home. If the user already exists that command seems to return true without recreating the home. The package could check for the dir after that and if it's not there create it. The package method in the PKGBUILD already includes the creation of the directory but it doesn't seem to fire if the user is already there. Which is a bit weird because I don't see any check for the user in there [1]. [1]: https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUI LD?h=packages/gitolite -- Greetings Ricardo Band https:// www.ricardo.band mailto:// email@ricardo.band
The main problem is that the _useradd_ is launched with -m parameter that creates the home directory to gitolite user. If user already exists then the home directory is not recreated. IMHO is better don't use -m modifier and do something like this: if [[ ! -d /var/lib/gitolite ]] ; then mkdir /var/lib/gitolite chown gitolite:gitolite /var/lib/gitolite fi The full install script must be something like this: post_install() { # We need ssh login and thus a valid shell. No way to create # the user with sysusers.d(5)? getent group gitolite > /dev/null || groupadd \ -g 196 gitolite getent passwd gitolite > /dev/null || useradd \ -M -u 196 -g gitolite -d /var/lib/gitolite -s /bin/bash gitolite if [[ ! -d /var/lib/gitolite ]] ; then mkdir /var/lib/gitolite chown gitolite:gitolite /var/lib/gitolite fi } post_upgrade() { post_install } Take note that -r option is unnecessary since in the script is specifies the UID and GID. Greetings. 2017-04-01 4:12 GMT+02:00 Ricardo Band <email@ricardo.band>:
On Fri, 2017-03-31 at 20:37 -0500, Doug Newgard wrote:
Short version here, you deleted the user's home dir manually and left the user. That's not a packaging problem.
Yep. But shouldn't the home dir be recreated when I reinstall the package? It seems that the package only executes a useradd command that creates the user home. If the user already exists that command seems to return true without recreating the home.
The package could check for the dir after that and if it's not there create it. The package method in the PKGBUILD already includes the creation of the directory but it doesn't seem to fire if the user is already there. Which is a bit weird because I don't see any check for the user in there [1].
[1]: https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUI LD?h=packages/gitolite
--
Greetings
Ricardo Band
https:// www.ricardo.band mailto:// email@ricardo.band
-- Óscar García Amor | ogarcia at moire.org | http://ogarcia.me
On 03/31/2017 10:12 PM, Ricardo Band wrote:
On Fri, 2017-03-31 at 20:37 -0500, Doug Newgard wrote:
Short version here, you deleted the user's home dir manually and left the user. That's not a packaging problem.
Yep. But shouldn't the home dir be recreated when I reinstall the package?
You are literally responding to a post in which you are told that this "shouldn't" be done.
It seems that the package only executes a useradd command that creates the user home. If the user already exists that command seems to return true without recreating the home.
Correct. Since the user home dir is created as part of the user creation itself, it makes sense to assume that the user home dir is *deleted* as part of the user deletion itself. You have now learned a valuable lesson: don't delete user home dirs for system users, without first making sure the system user is deleted as well (in addition to anything else that system user may have been responsible for).
The package could check for the dir after that and if it's not there create it. The package method in the PKGBUILD already includes the creation of the directory but it doesn't seem to fire if the user is already there. Which is a bit weird because I don't see any check for the user in there [1].
[1]: https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUI LD?h=packages/gitolite
No, the PKGBUILD package() method does not in fact create the directory in any way, shape, or form. If it did, you wouldn't have had this problem. -- Eli Schwartz
participants (4)
-
Doug Newgard
-
Eli Schwartz
-
Ricardo Band
-
Óscar García Amor