[Pkg-net-snmp-devel] Bug#911132: snmpd: Upgrading the snmpd package removes system user named "snmp"
carnil at debian.org
Tue Oct 16 09:01:53 BST 2018
Control: found -1 5.7.3+dfsg-1.1
On Tue, Oct 16, 2018 at 09:21:56AM +0200, Ramon Cahenzli wrote:
> Package: snmpd
> Version: 5.7.3+dfsg-1.7+deb9u1
> Severity: normal
> Dear Maintainer,
> The snmp package appears to remove any system user named "snmp"
> whenever it is upgraded.
> How to reproduce:
> 1. Downgrade your snmpd package (e.g. by removing the package,
> removing the security repository and installing the package
> again from the main repository)
> 2. Create a system user called "snmp"
> 3. Add the security repository, apt-get update and apt-get upgrade.
> Observe that the snmpd package will be upgraded.
> 4. Observe that the user "snmp" is gone from the system.
> The expected outcome would be that the user "snmp" still exists.
> Ever since the migration to the user "Debian-snmp", admins may be using
> users called "snmp" for other purposes than what Debian-snmp is
> intended for, so snmpd shouldn't remove these users.
This seems to have been on purpose since the change from snmp to
The intention seems to have been, that if it is a system user, then it
was created by the package, and can be as well removed.
This though might not be safe in each variant/setup, as your usecase
More information about the Pkg-net-snmp-devel