From owner-freebsd-ports@FreeBSD.ORG Sat May 22 07:29:42 2010 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 021BE106564A for ; Sat, 22 May 2010 07:29:42 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-yw0-f175.google.com (mail-yw0-f175.google.com [209.85.211.175]) by mx1.freebsd.org (Postfix) with ESMTP id A6A598FC12 for ; Sat, 22 May 2010 07:29:41 +0000 (UTC) Received: by ywh5 with SMTP id 5so1133572ywh.13 for ; Sat, 22 May 2010 00:29:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :x-enigmail-version:openpgp:content-type:content-transfer-encoding; bh=OOR2JmjhGaoro6AVQk5U5YjukzWkXW6GiD+om5W4BZA=; b=C5Bwj09zQYEjbPjNUYYF0CO3nkZpGGPjI7AY7g9TEfssH6+NsUhdDkzTgD/uzQZGM8 NLvOhduuyNGYkk18uYgp23CqeomJnQGjWJpOSK/WJLN3+tqJl12B6gQ4GO4eq8nXxyIt Z1rPzcE3Dna2yPlwBxLtoyzyepshVsr28BIVo= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:openpgp:content-type :content-transfer-encoding; b=AYKoCtvwTYdonlxyfw0HOpoe+aHsnufNqv2tFD3XA0cHmc1SkY/+nOZhR450+70LQ/ 9OR/gn0FK0v2pcyD1NrdyYgYCJkzdCuLa/3fu0hT9YozZvgH5snkVHZtU7/OkgMrIp4d I+Ej5RqcMLmVV2i9PALEMU90kH/zPHTjvuQGs= Received: by 10.151.21.12 with SMTP id y12mr4292960ybi.226.1274513380975; Sat, 22 May 2010 00:29:40 -0700 (PDT) Received: from centel.dataix.local (adsl-99-181-129-134.dsl.klmzmi.sbcglobal.net [99.181.129.134]) by mx.google.com with ESMTPS id w18sm26292298ybe.22.2010.05.22.00.29.39 (version=SSLv3 cipher=RC4-MD5); Sat, 22 May 2010 00:29:40 -0700 (PDT) Sender: "J. Hellenthal" Message-ID: <4BF787E2.9010907@dataix.net> Date: Sat, 22 May 2010 03:29:38 -0400 From: jhell User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.9.1.9) Gecko/20100515 Thunderbird/3.0.4 MIME-Version: 1.0 To: Garrett Cooper References: <20100522005313.26dcfbdb@gumby.homeunix.com> In-Reply-To: X-Enigmail-Version: 1.0.1 OpenPGP: id=89D8547E Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: ports@freebsd.org, RW Subject: Re: Users and groups kept after a port deinstallation X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 22 May 2010 07:29:42 -0000 On 05/21/2010 20:08, Garrett Cooper wrote: > On Fri, May 21, 2010 at 4:53 PM, RW wrote: >> On Fri, 21 May 2010 16:23:18 +0100 >> Florent Thoumie wrote: >> >>> On Fri, May 21, 2010 at 11:11 AM, David DEMELIER >>> wrote: >>>> Hi, >>>> >>>> I used pkgsrc for a while on NetBSD. I was used to the pkgsrc >>>> notifications about the users and groups leaves, when some ports are >>>> removed these leaves are not used anymore. e.g pulseaudio needs some >>>> users on the system. >>>> >>> >>> This was discussed in the following bug-report: >>> >>> http://www.freebsd.org/cgi/query-pr.cgi?pr=108514 >>> >>> I think the proper solution is to create a +UGIDS file to be able to >>> maintain a refcount, but the status quo isn't that bad. >> >> Personally I'd much prefer to keep them so ls -l, filemanagers etc can >> continue to use names rather than numbers for any files left behind. >> >> IMO the status quo is better than any solution that involves automated >> deletion. > > I agree by and large with RW, but it would be nice if there was an > audit tool to do this check and suggest whether or not a group should > be added or removed in general, regardless of whether or not a > pkg/port was added or removed. > Thanks, > -Garrett find(1) is already used by periodic(1) through weekly_noid_enable which should probably be extended to also include weekly_nogid_enable and would ultimately alert you to users and groups that have gone missing due to a port removal. Having unused logins on a system is bad! and just for the case of mapping to uid/gid does not justify leaving them. uid & gid printed in ls(1) output may be ugly as well but you can not log in with one of those and they should be handled in a way that is prompt to login removal. find / -nouser find / -nogroup and then after inspection add -delete -print. find / -empty Of course these can be combined to form a simple one line command but I will leave that as a exercise for the reader. Regards, -- jhell