Alan Altmark wrote:
In a Unix system, having a process to ensure that you *don't* orphan files when deleting an account would seem to be de riguer. If any file exists to which said uid has privileges, then why would you delete the account until you clean up the files? I'm not a Unix sysadmin, but I presume that there are admin packages that handle this sort of thing for you. When you discover that the admin tools is about to delete /sys/bin/important, you might think twice about it and instead put that user on the "necessary" list.
Users' files do not, by default, get deleted when the account is removed. The ownership of a file is reflected in two numbers, and those are mapped to names through /etc/passwd and /etc/group (and their replacements in LDAP etc). Removal of accounts removes the mapping, but not the files. If you use a centralised authentication store, such as LDAP or RACF or AD, then removing a user account could leave orphaned files all over the place. I think removal of accounts, as opposed to disabling them, is not something to undertake lightly. It might be that data there could be required for legal purposes - recently in a public company in Australia was reported to have embezzled a few million dollars. Enough that, when the money was found, the company's share price doubled. Probably, the user's files reflected her activities. Illegal activites aside, there may be notes, saved emails and the like stored there and nowhere else that may reflect agreements made and which someone else might need to know about after they've left. -- Cheers John -- spambait [email protected] [email protected] -- Advice http://webfoot.com/advice/email.top.php http://www.catb.org/~esr/faqs/smart-questions.html http://support.microsoft.com/kb/555375 You cannot reply off-list:-) ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
