Users and groups kept after a port deinstallation

[Anonymous]

RW <rwmaillists at googlemail.com> writes:

> On Sun, 23 May 2010 03:39:53 +0400
> Anonymous <swell.k at gmail.com> wrote:
>
>> RW <rwmaillists at googlemail.com> writes:
>> 
>> > On Sat, 22 May 2010 11:42:53 -0400
>> > jhell <jhell at dataix.net> wrote:
>> >> This is more of a best practices case than what the implications of
>> >> leaving users in the master.passwd are.
>> >
>> > Why is it best practice? Why add extra complexity to solve a problem
>> > that doesn't actually exist?
>> 
>> Such unused entries in passwd add clutter. It in turn makes managing
>> users more complex. You have to remember which users are created by
>> you and which ones are created by ports. 
>
> You don't have to remember, just look at the UID/GID values, ordinary
> users start at 1001, ports create UIDs < 1000.

You're presuming non-ordinary users are created only by ports framework.
That's not always the case. I may want for example a separate user for
telnetd to broadcast ascii movies or youterm sessions. ;)

Besides, some ports do not create users by default but may use them if
available, e.g. dns/dnsmasq & dnsmasq user. This case is more like a
bug, though.

>
> The base system alone creates 18 such users, if you have problems with
> this kind of thing a few stale uids are the least of your problems.
>

>> So, if you change home dir
>> of some user there may be undesireble consequences. And only then
>> security becomes a concern because port app may be run with
>> privilegies that are higher than intended.
>
> This appears to refer to an admin confusing a normal user with a
> system user that's still in use by a port, so I don't see the
> relevance.

No. It's about conflict: system user created by admin and system user
created by port happen to have same username.