You are not logged in.

#1 2021-05-07 10:29:24

wolegis
Member
Registered: 2021-05-07
Posts: 6

Undoing systemd-tmpfiles & systemd-sysusers

I'm currently in the process of taking over on abandonned AUR package. I'm already testing the package on several VMs. My package creates a system user by means of systemd-sysusers and a bunch of directories and files by means of systemd-tmpfiles. To my surprise I found out that there is no counterpart in the process of removing a package.

So here is my question: Are there any best practices what to do with system users, directories and files that were created during installation / upgrade when it it comes to removing that package?

(So far I opted for removing stuff below /var/log, /var/tmp and /var/cache in post_remove(). User content below /var/lib is left untouched. The system user also remains since it is used as owner of the files below /var/lib.)

Offline

#2 2021-05-07 13:44:45

Lone_Wolf
Member
From: Netherlands, Europe
Registered: 2005-10-04
Posts: 11,868

Re: Undoing systemd-tmpfiles & systemd-sysusers

No idea about sysusers, but man systemd-tmpfiles mentions it has mechanisms to remove / clean stuff it created earlier .

I do think that's done regularly (at shutdown / reboot ? ) but incase you want to make sure the files are gone, restarting systemd-tmpfiles-clean.service after removal of the package should be enough to clean up.


Disliking systemd intensely, but not satisfied with alternatives so focusing on taming systemd.


(A works at time B)  && (time C > time B ) ≠  (A works at time C)

Offline

#3 2021-05-08 07:30:49

ayekat
Member
Registered: 2011-01-17
Posts: 1,589

Re: Undoing systemd-tmpfiles & systemd-sysusers

wolegis wrote:

So far I opted for removing stuff below /var/log, /var/tmp and /var/cache in post_remove(). […]

I believe this is a bad idea. You can't possibly know whether the user really doesn't want to keep log files or cached files around. And for /var/tmp, there's already a tmpfiles.d snippet that regularly clears old files (30 days by default).

It would also lead bad surprises for a user if they want to tinker around a little and e.g. temporarily remove a package to debug something, then install it back later on: suddenly, parts of their files would be gone.

[…] User content below /var/lib is left untouched. The system user also remains since it is used as owner of the files below /var/lib.

This is also the main reason why users are usually not removed when uninstalling a package: if there are any files around that were owned by that user, those now become ownerless, and—worse—might become owned by another user later on (may lead to security issues). Cleaning up users is currently the job of the system administrator; the package manager can't possibly know whether a user should still stick around or not.


pkgshackscfgblag

Offline

Board footer

Powered by FluxBB