On 2021-02-05 05:07:24, Lorenzo Puliti wrote: > Package: dh-sysuser > Version: 1.3.5 > Severity: normal > X-Debbugs-Cc: plore...@disroot.org > > Helmut Grohne <hel...@subdivi.de> in #981683 > >> Further development seems like a good idea. [...] >> As far as I can tell,project consensus is that system users >> should not be removed on purge, but dh-sysuser does so. > > Reminder for myself: > Check users removal on purge (maybe makes sense to remove if > home is set to nonexistent?) > This will be dealt with after Bullseye release
I am not sure at all what the project consensus is on that topic. I personnally feel that users should be removed on purge if it makes sense to do so, and I think it can make sense to do so in many cases. So I would challenge the idea that there's a "consensus" that "system users should not be removed on purge" in the project because I am a member of this project and I disagree with that statement. :) The manpage actually links to two other bug reports where this was discussed and sets what I think is a pretty good policy about this: https://manpages.debian.org/bullseye/dh-sysuser/dh_sysuser.1.en.html#CRUFT_OF_SYSTEM_USERS copying here: > CRUFT OF SYSTEM USERS > > Creating a system user (or a user in general) is easy, but safely > removing one is hard. There is no consensus on what should happen to > its home directory or files owned by the user elsewhere. > > There was some discussion (#848239, #848240), but there is still no > simple and definitive answer to that. Therefore dh-sysuser does the > following on package removal: > > * If the user has been created without a home directory, it is > considered safe to remove it. > > * If the user has been created with a home directory but at time of > the package removal it is empty, it is considered safe to remove both > the user and its empty home directory. > > * If the user has been created with a home directory but at time of > the package removal it is not empty, both the user and its home > directory are left alone. > > NOTE: As a package maintainer, you are encouraged to delete files from > home directories known to be of little value. It increases chances > that home directory becomes empty and user is removed. Is there a problem with this policy? If someone is specifically against removing those files in their package, they can (a) avoid using dh-sysuser to manage their users or (b) simply leave owned files around in the home directory on postrm. Seems to me like a win-win and something we don't need to fix. A. -- While the creative works from the 16th century can still be accessed and used by others, the data in some software programs from the 1990s is already inaccessible. - Lawrence Lessig
