[pkg] CurveDNS - review
Lukas Schwaighofer
lukas at schwaighofer.name
Mon Jul 3 10:53:37 UTC 2017
Hi Raphaël and Stéphane,
On Mon, 3 Jul 2017 11:57:03 +0200
Raphael Hertzog <hertzog at debian.org> wrote:
> Hello,
>
> On Sat, 01 Jul 2017, Lukas Schwaighofer wrote:
> > * I've changed debian/rules so that the generated man pages are
> > cleaned as well (the clean target now properly removes everything
> > that was generated)
>
> Note that you can use debian/clean if you have a fixed list of files
> or directories to remove.
Right…
> > * Changes to postinst:
> > - /var/lib/curvedns and the curvedns user is already cleaned on
> > "remove" (it's not configuration…)
> > - the configuration in /etc/curvedns/ is still only cleaned on
> > "purge"
>
> dynamic data and system users are generally dropped on purge as well.
> Dropping the user on remove puts you at risk of getting another UID
> the next time you reinstall the package. And if you missed some files
> to remove, then you have files with bad ownership.
>
> For this reason, we sometimes discuss the possibility to never remove
> any dynamically created user.
Makes sense, thanks for explaining.
@Stéphane: Feel free to make the proposed changes (otherwise I can also
make them tonight).
Regards
Lukas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20170703/e51becd6/attachment.sig>
More information about the Pkg-security-team
mailing list