[arch-dev-public] user/group management in packages

Allan McRae allan at archlinux.org
Tue Feb 3 23:05:35 UTC 2015


On 03/02/15 22:01, Jerome Leclanche wrote:
> 2015-02-03 12:46 GMT+01:00 Allan McRae <allan at archlinux.org>:
>>
>> 1) We should not remove users/groups when packages are uninstalled. This
>> is a potential security issue if any files are left owned by the
>> non-existent user/group.
> 
> When should the cleanup be done? Installing and immediately
> uninstalling a package should really not do permanent changes to the
> system; iow, ideally, users shouldn't have to do regular cleanups on
> their system like that.
> 

Never - what does on extra line in a file matter?


More information about the arch-dev-public mailing list