[pkg] CurveDNS - review
Raphael Hertzog
hertzog at debian.org
Mon Jul 3 09:57:03 UTC 2017
Hello,
On Sat, 01 Jul 2017, Lukas Schwaighofer wrote:
> * I've changed debian/rules so that the generated man pages are cleaned
> as well (the clean target now properly removes everything that was
> generated)
Note that you can use debian/clean if you have a fixed list of files or
directories to remove.
> * Changes to postinst:
> - /var/lib/curvedns and the curvedns user is already cleaned on
> "remove" (it's not configuration…)
> - the configuration in /etc/curvedns/ is still only cleaned on "purge"
dynamic data and system users are generally dropped on purge as well.
Dropping the user on remove puts you at risk of getting another UID the
next time you reinstall the package. And if you missed some files to
remove, then you have files with bad ownership.
For this reason, we sometimes discuss the possibility to never remove any
dynamically created user.
Cheers,
--
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/
More information about the Pkg-security-team
mailing list