[Adduser-devel] adduser --system in maintainer scripts (re: Bug #634475)
smcv at debian.org
Wed Jul 20 11:16:25 UTC 2011
On Mon, 30 May 2011 at 09:12:59 +0100, Stephen Gran wrote:
> This one time, at band camp, Roger Leigh said:
> > [...] However, most
> > postinsts wrap the call to adduser with a check for whether the
> > account already exists [...]
> I know that people do that, but it is unnecessary scaffolding. adduser
> already handles that just fine. Maybe the documentation is lacking, but
> the design goal is that you can just call adduser --system --quiet $args
> in your postinst, and adduser will do what you meant:
> steve at varinia:~$ getent passwd postfix
> steve at varinia:~$ sudo adduser --system --quiet postfix
> [sudo] password for steve:
> steve at varinia:~$ echo $?
We use adduser --system --quiet in the dbus package without checking for
existence of the user first, as recommended here. However, bug #634475
reveals that if the messagebus user is present, but is not in the system UID
range, this will make the upgrade fail.
Peter Chubb (reporter of #634475) wrote:
> Simon> If you have enough backups of /etc/passwd to be able to answer
> Simon> these questions: what were the messagebus user's home
> Simon> directory, numeric UID, and primary group ID before the
> Simon> upgrade? What was the messagebus group's numeric GID? Did you
> Simon> have any other users or groups whose numeric UID/GID collided
> Simon> with messagebus?
> In the backup from two days ago:
> : wombat ; grep messagebus passwd group
> wombat ; grep 110 passwd
> : wombat ; grep 107 group
> I think the issue I have is that because of legacy accounts,
> LAST_SYSTEM_UID is 99 in /etc/adduser.conf, and for some reason the
> account was already existing with a higher UID than that.
Presumably, on Peter's system, messagebus was either created while
LAST_SYSTEM_UID was higher, or possibly before 2003 when dbus created
messagebus as a non-system group (#222563 - which was undeniably itself a bug,
but we should do what we can to recover from historical bugs).
In the opinions of the adduser maintainers, what should daemon-user-creating
packages like dbus be doing about this?
More information about the Adduser-devel