Closed rauldpm closed 4 months ago
Hello @rauldpm,
After double checking this report I don't know if this is an actual issue or a feature request.
If we consider that system users must be removed by calling remove action, we must create a new feature request in wazuh-packages. In this case we could chain the remove / purge actions together.
Please clarify. @wazuh/qa
@JorgeMarinoDev Thanks. Indeed, this is not a stopper as this effect appears before 4.8.0.
Here is the package's post-removal logic:
remove
command makes a configuration backup and keeps /var/ossec. Thus, there is no point in deleting the user as the folder would be assigned to an unnamed UID/GID.purge
command causes /var/ossec to be fully removed, so the package may delete the user and the group.remove
/purge
.Therefore, we should block this issue.
The behavior described by @vikman90 LGTM.
Closing this issue.
Source issue: https://github.com/wazuh/wazuh/issues/21394#issuecomment-1892704362
It has been detected when deleting a Debian agent without
purge
that thewazuh
user and group are maintained on the system. By reviewing the code, it has been found that the user and group will only be deleted when thepurge
option is used.It is necessary to review this since uninstalling a package should not maintain a necessary user for the package on the system, furthermore, in CentOS the user and group are deleted
group
andpasswd
files)