[arch-commits] Commit in gitolite/trunk (PKGBUILD gitolite.install)
Christian Hesse
eworm at archlinux.org
Tue May 3 06:59:24 UTC 2016
Date: Tuesday, May 3, 2016 @ 08:59:24
Author: eworm
Revision: 173522
upgpkg: gitolite 3.6.5-2
* do not delete user on package removal
* comment about sysusers.d(5)
Modified:
gitolite/trunk/PKGBUILD
gitolite/trunk/gitolite.install
------------------+
PKGBUILD | 2 +-
gitolite.install | 14 +++++---------
2 files changed, 6 insertions(+), 10 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-05-03 03:45:45 UTC (rev 173521)
+++ PKGBUILD 2016-05-03 06:59:24 UTC (rev 173522)
@@ -5,7 +5,7 @@
pkgname=gitolite
pkgver=3.6.5
-pkgrel=1
+pkgrel=2
pkgdesc='An access control layer on top of git'
url='https://github.com/sitaramc/gitolite'
arch=('any')
Modified: gitolite.install
===================================================================
--- gitolite.install 2016-05-03 03:45:45 UTC (rev 173521)
+++ gitolite.install 2016-05-03 06:59:24 UTC (rev 173522)
@@ -1,4 +1,7 @@
post_install() {
+ # We need ssh login and thus a valid shell. No way to create
+ # the user with sysusers.d(5)?
+
if ! getent group gitolite &>/dev/null; then
groupadd -r -g 196 gitolite >/dev/null
fi
@@ -13,12 +16,5 @@
post_install
}
-post_remove() {
- if getent passwd gitolite &>/dev/null; then
- userdel gitolite >/dev/null
- fi
-
- if getent group gitolite &>/dev/null; then
- groupdel gitolite >/dev/null
- fi
-}
+# Do NOT delete the user in post_remove(). It poses a security risk if
+# any files are left behind with this ownership.
More information about the arch-commits
mailing list