Source: icecc
Version: 1.0.1-2
Severity: normal


the postinst script greps /etc/group and /etc/passwd to see if the icecc
user and group exist already; however, that's not the only place a Linux
system can store users and groups -- NSS offers great flexibility.

Instead of "grep -q $ICECC_GROUP /etc/group" you should "getent group
$ICECC_GROUP" and likewise for passwd.

It's not clear that the package should attempt to create the user and group
if they don't exist and nsswitch.conf is set to get user and group info from
anywhere but /etc; maybe the postinst should just complain in that case. I'm
not sure.

Additionally, immediately after testing for the existence of the user and
maybe creating it, you do


Even if you didn't create the user (so you don't know where it's home is).
Maybe you should only execute this line if you create the user? Or query its
homedir before?

Best regards,


pkg-kde-extras mailing list

Reply via email to