[Pkg-puppet-devel] Bug#528068: purge fails, do not delete puppet group

martin f krafft madduck at debian.org
Sun May 10 15:58:06 UTC 2009 

Package: puppet
Version: 0.24.8-1
Severity: serious

Independently of #527381, the purge of puppet seems to fail (set -x
activated, and getent calls put in place):

lapse:/etc/puppet% sudo dpkg -P puppet
(Reading database ... 189333 files and directories currently installed.)
Removing puppet ...
Stopping puppet configuration management tool.
+ [ remove = purge ]
+ exit 0
Purging configuration files for puppet ...
+ rm -rf /var/lib/puppet
+ getent passwd puppet
puppet:x:112:119:Puppet configuration management daemon,,,:/var/lib/puppet:/bin/false
+ getent group puppet
puppet:x:119:
+ deluser --system puppet
Removing user `puppet' ...
Warning: group `puppet' has no more members.
Done.
+ getent passwd puppet
+ :
+ getent group puppet
+ :
+ delgroup --system puppet
The group `puppet' does not exist.
dpkg: error processing puppet (--purge):
 subprocess post-removal script returned error exit status 3
Processing triggers for man-db ...
Errors were encountered while processing:
 puppet

It seems like `deluser --system puppet` deletes the group when it's
empty, but this causes delgroup to fail.

I think it would be best if the group (and user) weren't deleted at
all, as there may still be files owned by them on the system.

Also, for your information, some discussion about this on #d-d,
although I think not removing user or group is the best solution.

10 17:32 < madduck> is it normal that deluser --system username deletes the user and the group?
10 17:33 < azeem> adduser adds the group as well, no?
10 17:33 < rleigh_> madduck: This bizzaro behaviour confused me a few weeks back when I added a buildd user+group to the buildd package.
10 17:35 < rleigh_> adduser does add the group as well, but what if there are other group members on removal.  I tested a number of ways of addition and removal, and 
                    the observed behaviour seemed rather unclear and under-specified.
10 17:35 < rleigh_> Sometimes it would keep the group around, and other times not.  This is with different combinations of --group and --system etc.
10 17:43 < madduck> rleigh_: :((
10 17:44 < madduck> rleigh_: it seems that deluser --system foo removes the group foo is there are no more members
10 17:48 < rleigh_> madduck: That sucks.  I went the the approach shown in buildd.postinst and buildd.postrm at 
                    http://git.debian.org/?p=buildd-tools/sbuild.git;a=tree;f=debian (based on looking at the postgresql-common code)
10 17:49 < rleigh_> Here we just remove the user and assume that if the group wasn't empty, deluser won't delete it (I'm slightly unsure if it's OK to unilaterally 
                    remove people from groups on package removal--I decided to be convervative and leave them).
10 17:51 < madduck> rleigh_: can i quote you in a bug report?
10 17:52 < rleigh_> madduck: Sure.
10 17:56 < madduck> i am going to suggest not to remove user/group anyway, since they might still own files.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.30-rc4-686 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages puppet depends on:
ii  adduser                       3.110      add and remove users and groups
ii  facter                        1.5.4-1    a library for retrieving facts fro
ii  libopenssl-ruby               4.2        OpenSSL interface for Ruby
ii  libruby [libxmlrpc-ruby]      4.2        Libraries necessary to run Ruby 1.
ii  libshadow-ruby1.8             1.4.1-8    Interface of shadow password for R
ii  libxmlrpc-ruby                4.2        transitional dummy package
ii  lsb-base                      3.2-22     Linux Standard Base 3.2 init scrip
ii  ruby                          4.2        An interpreter of object-oriented 

Versions of packages puppet recommends:
ii  libaugeas-ruby1.8             0.2.0-2    Augeas bindings for the Ruby langu
ii  rdoc                          4.2        Generate documentation from ruby s

puppet suggests no packages.


-- 
 .''`.   martin f. krafft <madduck at d.o>      Related projects:
: :'  :  proud Debian developer               http://debiansystem.info
`. `'`   http://people.debian.org/~madduck    http://vcs-pkg.org
  `-  Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
URL: <http://lists.alioth.debian.org/pipermail/pkg-puppet-devel/attachments/20090510/f9b4e905/attachment.pgp>

More information about the Pkg-puppet-devel mailing list