** Description changed: [Impact] - * Removeing users on "remove" instead of doing so only on "purge" - can lead to some fallout. + * Removeing users on "remove" instead of doing so only on "purge" + can lead to some fallout. - * We stopped doing so since 18.10, backporting the same fix to Bionic + * We stopped doing so since 18.10, backporting the same fix to Bionic [Test Case] + * apt install net-snmp * grep snmp /etc/passwd - * apt remove net-snmp - * apt instal net-snmp - * grep snmp /etc/passwd + * apt remove net-snmp + * grep snmp /etc/passwd + * apt install net-snmp - With the fix installed this should not change anymore when running the - above. + With the fix installed this should not change anymore when running the + above. [Regression Potential] - * It was wrong to re-create the user every time, I don't see an issue "not - to remove it" on apt remove - if people want things gone they are using - "apt purge". - If anything first installs net-snmp, to then remove it and expects the - Debian-snmp is free that would change - but that seems like a very - constructed case. + * It was wrong to re-create the user every time, I don't see an issue "not + to remove it" on apt remove - if people want things gone they are using + "apt purge". + If anything first installs net-snmp, to then remove it and expects the + Debian-snmp is free that would change - but that seems like a very + constructed case. - * The real "potential" is that any upgrade will trigger the bug "once". - That includes this update - see below in [Other Info] + * The real "potential" is that any upgrade will trigger the bug "once". + That includes this update - see below in [Other Info] [Other Info] - - * No matter which way we turn this, this bug will be triggered "once" when - the old postrm is run. We don't need/want to trigger it with this - update. Therefore the intention is to only make this available in - - proposed and mark it as block-proposed. On any later functional or - security update which would trigger the bug "anyway" it would then be - included and fixed. + + * No matter which way we turn this, this bug will be triggered "once" when + the old postrm is run. We don't need/want to trigger it with this + update. Therefore the intention is to only make this available in - + proposed and mark it as block-proposed. On any later functional or + security update which would trigger the bug "anyway" it would then be + included and fixed. --- - - snmpd upgrade bionic->focal changes Debian-snmp UID/GID. Tested on two different machines, the result: + snmpd upgrade bionic->focal changes Debian-snmp UID/GID. Tested on two + different machines, the result: #1 diff -u passwd.r15 passwd.local --- passwd Rev. 15 (Fri Sep 13 10:35:32 2019) +++ passwd Local version (Fri Apr 24 09:53:12 2020) @@ -31,4 +31,6 @@ systemd-resolve:x:112:122:systemd Resolv uuidd:x:100:101::/run/uuidd:/bin/false _apt:x:114:65534::/nonexistent:/bin/false dhcpd:x:115:125::/var/run:/bin/false -Debian-snmp:x:109:118::/var/lib/snmp:/bin/false +tcpdump:x:109:126::/nonexistent:/usr/sbin/nologin +Debian-snmp:x:113:127::/var/lib/snmp:/bin/false +systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin #2 --- passwd Rev. 5 (Thu Feb 20 15:21:15 2020) +++ passwd Local version (Wed Apr 29 17:28:58 2020) @@ -31,6 +31,9 @@ postfix:x:111:114::/var/spool/postfix:/u bacula:x:112:116:Bacula:/var/lib/bacula:/usr/sbin/nologin mysql:x:113:117:MySQL Server,,,:/nonexistent:/bin/false nagios:x:114:118::/var/lib/nagios:/usr/sbin/nologin -Debian-snmp:x:115:119::/var/lib/snmp:/bin/false elasticsearch:x:116:120::/nonexistent:/bin/false str_alk_prod:x:1000:1000:,,,:/home/str_alk_prod:/bin/bash +systemd-timesync:x:115:119:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin +tcpdump:x:117:123::/nonexistent:/usr/sbin/nologin +Debian-snmp:x:118:124::/var/lib/snmp:/bin/false +systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin
** Description changed: [Impact] * Removeing users on "remove" instead of doing so only on "purge" can lead to some fallout. * We stopped doing so since 18.10, backporting the same fix to Bionic [Test Case] - * apt install net-snmp - * grep snmp /etc/passwd - * apt remove net-snmp + * apt install snmpd * grep snmp /etc/passwd - * apt install net-snmp + * apt remove snmpd + * grep snmp /etc/passwd + * apt install snmpd + * grep snmp /etc/passwd With the fix installed this should not change anymore when running the above. [Regression Potential] * It was wrong to re-create the user every time, I don't see an issue "not to remove it" on apt remove - if people want things gone they are using "apt purge". If anything first installs net-snmp, to then remove it and expects the Debian-snmp is free that would change - but that seems like a very constructed case. * The real "potential" is that any upgrade will trigger the bug "once". That includes this update - see below in [Other Info] [Other Info] * No matter which way we turn this, this bug will be triggered "once" when the old postrm is run. We don't need/want to trigger it with this update. Therefore the intention is to only make this available in - proposed and mark it as block-proposed. On any later functional or security update which would trigger the bug "anyway" it would then be included and fixed. --- snmpd upgrade bionic->focal changes Debian-snmp UID/GID. Tested on two different machines, the result: #1 diff -u passwd.r15 passwd.local --- passwd Rev. 15 (Fri Sep 13 10:35:32 2019) +++ passwd Local version (Fri Apr 24 09:53:12 2020) @@ -31,4 +31,6 @@ systemd-resolve:x:112:122:systemd Resolv uuidd:x:100:101::/run/uuidd:/bin/false _apt:x:114:65534::/nonexistent:/bin/false dhcpd:x:115:125::/var/run:/bin/false -Debian-snmp:x:109:118::/var/lib/snmp:/bin/false +tcpdump:x:109:126::/nonexistent:/usr/sbin/nologin +Debian-snmp:x:113:127::/var/lib/snmp:/bin/false +systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin #2 --- passwd Rev. 5 (Thu Feb 20 15:21:15 2020) +++ passwd Local version (Wed Apr 29 17:28:58 2020) @@ -31,6 +31,9 @@ postfix:x:111:114::/var/spool/postfix:/u bacula:x:112:116:Bacula:/var/lib/bacula:/usr/sbin/nologin mysql:x:113:117:MySQL Server,,,:/nonexistent:/bin/false nagios:x:114:118::/var/lib/nagios:/usr/sbin/nologin -Debian-snmp:x:115:119::/var/lib/snmp:/bin/false elasticsearch:x:116:120::/nonexistent:/bin/false str_alk_prod:x:1000:1000:,,,:/home/str_alk_prod:/bin/bash +systemd-timesync:x:115:119:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin +tcpdump:x:117:123::/nonexistent:/usr/sbin/nologin +Debian-snmp:x:118:124::/var/lib/snmp:/bin/false +systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin ** Description changed: [Impact] * Removeing users on "remove" instead of doing so only on "purge" can lead to some fallout. * We stopped doing so since 18.10, backporting the same fix to Bionic [Test Case] * apt install snmpd * grep snmp /etc/passwd * apt remove snmpd * grep snmp /etc/passwd * apt install snmpd * grep snmp /etc/passwd - With the fix installed this should not change anymore when running the - above. + With the fix installed this should not change the UID anymore when running + the above and also not vanish in between. [Regression Potential] * It was wrong to re-create the user every time, I don't see an issue "not to remove it" on apt remove - if people want things gone they are using "apt purge". If anything first installs net-snmp, to then remove it and expects the Debian-snmp is free that would change - but that seems like a very constructed case. * The real "potential" is that any upgrade will trigger the bug "once". That includes this update - see below in [Other Info] [Other Info] * No matter which way we turn this, this bug will be triggered "once" when the old postrm is run. We don't need/want to trigger it with this update. Therefore the intention is to only make this available in - proposed and mark it as block-proposed. On any later functional or security update which would trigger the bug "anyway" it would then be included and fixed. --- snmpd upgrade bionic->focal changes Debian-snmp UID/GID. Tested on two different machines, the result: #1 diff -u passwd.r15 passwd.local --- passwd Rev. 15 (Fri Sep 13 10:35:32 2019) +++ passwd Local version (Fri Apr 24 09:53:12 2020) @@ -31,4 +31,6 @@ systemd-resolve:x:112:122:systemd Resolv uuidd:x:100:101::/run/uuidd:/bin/false _apt:x:114:65534::/nonexistent:/bin/false dhcpd:x:115:125::/var/run:/bin/false -Debian-snmp:x:109:118::/var/lib/snmp:/bin/false +tcpdump:x:109:126::/nonexistent:/usr/sbin/nologin +Debian-snmp:x:113:127::/var/lib/snmp:/bin/false +systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin #2 --- passwd Rev. 5 (Thu Feb 20 15:21:15 2020) +++ passwd Local version (Wed Apr 29 17:28:58 2020) @@ -31,6 +31,9 @@ postfix:x:111:114::/var/spool/postfix:/u bacula:x:112:116:Bacula:/var/lib/bacula:/usr/sbin/nologin mysql:x:113:117:MySQL Server,,,:/nonexistent:/bin/false nagios:x:114:118::/var/lib/nagios:/usr/sbin/nologin -Debian-snmp:x:115:119::/var/lib/snmp:/bin/false elasticsearch:x:116:120::/nonexistent:/bin/false str_alk_prod:x:1000:1000:,,,:/home/str_alk_prod:/bin/bash +systemd-timesync:x:115:119:systemd Time Synchronization,,,:/run/systemd:/usr/sbin/nologin +tcpdump:x:117:123::/nonexistent:/usr/sbin/nologin +Debian-snmp:x:118:124::/var/lib/snmp:/bin/false +systemd-coredump:x:999:999:systemd Core Dumper:/:/usr/sbin/nologin -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1875926 Title: snmpd upgrade (Bionic->Focal) changes Debian-snmp UID/GID To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/net-snmp/+bug/1875926/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
