From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.12) Gecko/20080208 Fedora/2.0.0.12-1.fc8 Firefox/2.0.0.12 Description of problem: I write tests for fedora security audit tool called sectool (https://fedorahosted.org/sectool). One of my test (called home_dirs) checks whether all home directories in /etc/passwd exist. So I found that user news (some daemon or what?) has home directory /etc/news, which does not exist. What is the purpose of user news? Which daemon uses it? I tried # cd /; find -owner news and it found nothing. We need to have our sectool without any warning on default fedora instalation. Version-Release number of selected component (if applicable): setup-2.6.10-1 How reproducible: Always Steps to Reproduce: 1. # sectool -rn home_dirs alternate way: 1. $ grep news /etc/passwd 2. $ stat /etc/news Actual Results: sectool produces Warning(04) Home directory "/etc/news" doesn't exist! news:x:9:13:news:/etc/news: stat: cannot stat `/etc/news': No such file or directory Expected Results: No user news in passwd, if is not needed by any package in default fedora instalation. Or if needed by something, news:x:9:13:news:/:/sbin/nologin Additional info:
Fixed in filesystem now in the end. Read ya, Phil
You added /etc/news into filesystem.rpm instead of removing user 'news' from /etc/passwd and /etc/group. I *don't* think we need user 'news' by default: 1) If any daemon uses user 'news' or directory /etc/news, it should create it during instalation. 2) Your solution makes Fedora less compatible with the Filesystem Hierarchy Standard 3) It is dirty Any reason for keeping user 'news' in /etc/passwd? Other distros don't have it. I will be happy to see /etc/passwd as clean as can be. So please remove it
Adding myself to CC as I'm inn maintainer. I would say that it is in setup from historical reasons (the same thing was with missing /sbin/nologin user shell). I'm not sure if there is some other package which needs news user - if there is no such package, it is reasonable to have the user news created by inn package. Anyway - such change should not be done in stable distribution (as it is reported against F8) - if there is no other package using news user, it should be ok to move creation of news user to inn package for F10.
I'm sorry for not mentioning it: I don't want this change in F9 or even in F8, but in rawhide (F9 branching was April 8th). I did a survey about news servers in Fedora and I found that this change touches only inn, which Ondrej, is ready to change, and leafnode. So I contacted leafnode maintainer Kevin Fenzi. After I get the answer from him, we can continue on this. Thank you all for cooperation.
Sounds like a good plan to me. Just let me know when you want to do the change in inn, Ondrej so i can then remove the news user from /etc/passwd in setup. Read ya, Phil
Greetings. I maintain leafnode that also uses a 'news' user. I would be happy to add a news user to leafnode as well... Note that the correct way to do this is described at: http://fedoraproject.org/wiki/Packaging/UsersAndGroups Further note that both leafnode and inn (and any other packages that own /var/spool/news) should all use the 'news' user, so they don't conflict. So, just let me know when we want to make this change. Perhaps early in the f10 cycle?
Ok, the Sulphur (F9) is out for some days, so we can make these changes (in rawhide) to close this bug: remove user 'news' from setup package and add adding it into leafnode and inn. Thanks in advance.
ok. This is my proposed changes to the 'leafnode' package: diff -r1.14 leafnode.spec 3c3 < Release: 3%{?dist} --- > Release: 4%{?dist} 13a14 > Requires(pre): shadow-utils 64a66,71 > %pre > getent group news >/dev/null || groupadd -r news > getent passwd news >/dev/null || \ > useradd -r -g news -d /etc/news -s /sbin/nologin \ > -c "News server user" news > exit 0 96a104,106 > * Mon Jun 16 2008 Kevin Fenzi <kevin> - 1.11.6-4 > - Add news user. fixes bug #437462 Ondrej: When do you want to make the inn change? I suggest we try and make changes to leafnode, inn and setup all in the same day if possible. Just let me know if the above looks good and when to push a build.
Looks ok, will use the same in inn, I think it is safe to build anytime as it will ignore possible existing user/group news. So I would say, push and build.
Inn package built with news user/group as inn-2.4.4-3.fc10.
Ok, building a new setup package for F10 then without the user news and a new filesystem package with a removed /etc/news directory. Thanks everyone! Read ya, Phil
Leafnode is done and built: http://koji.fedoraproject.org/koji/taskinfo?taskID=665958
Well, the group "news" still exists in /etc/group. Is this correct? news::13:news
Doh, you're absolutely right, Robert. Removed it just now, new package is building. Read ya, Phil