[buildd-tools-devel] Bug#710167: Bug#710167: sbuild: support non-local sbuild user

[Oxan van Leeuwen]

On 05-07-13 11:16, Roger Leigh wrote:
> Why is the user in LDAP rather than local?  My understanding of this
> is that when packages create system users using adduser, they are
> created in the local system databases, and not in LDAP, therefore
> we would expect that any modification of these users/groups would
> work in maintainer scripts after their creation.

I originally moved the sbuild user and group to LDAP so that I could add my 
regular user account to the sbuild group. However, it seems to be possible 
to configure sbuild to give other groups access now (this is a years old 
setup), so I can try that.

> Regarding the patch, I don't think it's necessarily safe since other
> types of local database are also supported by the tools.  Also, this
> isn't a problem specific to sbuild, it's a problem relating to any
> package creating/modifying users.  I'm not saying that it's not a
> problem, just that if it's something that needs addressing, it needs
> fixing for the general case rather than just on a package-by-package
> basis.

Yes, I agree, it's not the best way, I just couldn't think of a cleaner one. 
An alternative patch would be to ignore it if usermod fails (the main 
problem for me is that the error causes dpkg to abort). I don't think I've 
seen another package using usermod in the postinst yet (most packages seem 
to either delete the user or leave it alone, not lock it).