Deal with the death of a user

jershon · January 9, 2024, 11:07am

Hi !

One of the user of my self hosted services died yesterday. And I don’t know what I should do with there account.
Should I delete the account from the user interface ? If I do this, what appends to the content this user created (comments on Piwigo, messages in element, etc) ?
Is it possible to revoke all connection and prevent any new connection from this user, without deleting the account ?
What would you recommend ?

Regards.

GoustiFruit · January 9, 2024, 12:10pm

I would try to contact people around that person (family ?), to know if, possibly, that person gave instructions (passwords ?) to someone to get his/her data back, or delete it, or something else.

hook · January 9, 2024, 12:17pm

If you know the user, I would definitely suggest reaching out to their heirs.

hook · January 9, 2024, 3:22pm

To expand a little bit on this – my previous message was written on my phone while I was out and about – here are some concerns I’d have if I was you:

If you had an agreement with that user (or part of your ToS, if they exist) to wipe everything upon their death, do that. I assume you don’t, so unless you have serious concerns about what they have there, I wouldn’t. And if you have such concerns, why the hell did you host that in the first place.

Depending which services you were offering them, a lot of stuff that they had on their account, they would “own” or have certain rights (e.g. copyright) in. – e.g. blog posts, documents, photos, e-mails, … These rights get inherited, so their heirs would be the ones “owning” those rights (or licenses) now.

One thing you could do is disable their account, but not delete it. That way you’d reduce the security risk of a breach, but keep the data. In this case, I’d shoot out a message about your plans for this via e-mail and any other regular contacts you had from them. (Be kind in those, as if anyone will see them, it will be the grieving family.)

Of course, if you do know their next of kin (or even who their heirs would be) – I imagine in a self-hosting scenario people typically know each other well enough –, you could reach out directly. Perhaps just call them on their phone, it’s likely someone from their family would pick up. (If the death has been recent, maybe wait a bit, and don’t forget to express your condolences before you bug people about cleaning up your server )

Happy to continue brainstorming about this, if it helps in any way.

P.S. I’m a lawyer, privacy is not my main specialisation (FOSS licensing & IP is), but I care about it quite a bit. Above are just some idle thoughts on that matter.
P.P.S. Oh, and of course, I am sorry to hear about one of your users passing away. I hope you’re handling this well.

jershon · January 9, 2024, 4:30pm

Thank you for your answers.

I realize the way to go depends on the situation. I host a little server for my family, with a few services. So yeah, I know the user, she was the sister of my grand-father. I will talk about it with my grand-father, to know what he thinks about it. But I would like to prepare this discussion, and know what is possible, and what people usually do in this situation.

As far as I know, she used Piwigo to see and comment my pictures, and Element to chat with the family. I don’t think she used the email, but if it’s the case I may have to be careful because it may be the entry point to other services…

Anyway, one of your suggestion was to disable the account. Do you know how to do this with Yunohost?

tituspijean · January 9, 2024, 6:43pm

I am sorry for your loss.

Let me answer technically regarding YunoHost account management and its interaction with applications.

You cannot “disable” YunoHost account (as in, remaining in the LDAP database but cannot be logged in).
- I think there is a mechanism for locking accounts directly in the LDAP server, but that would require manually tweaking in there. This is not handled by YunoHost as of today.
- Alternatively, you may replace their password with a very long and complex one, and promptly forget it.
If you opt for deleting the account:
- You will be asked by the webadmin if you want to purge their /home/<user> directory and emails.
- Normally, apps should have their own database or data storage, so that deleting users in YunoHost should not delete their presence in the apps (i.e. Piwigo comments, or ~~Element~~ Matrix conversations).

Lapineige · January 9, 2024, 10:19pm

Except if their is an LDAP connection, right ?

But in many case it’s not the behavior, hence you would have to delete this user (content) manually on each app (eitheir in thei admin UI, in the database…), if that’s something you’re willing to do.

Sorry for your loss

tituspijean · January 9, 2024, 10:31pm

Nope, and that’s what I assume to be normal, apps should usually poll the LDAP server only when users log in.

Lapineige · January 10, 2024, 8:14am

Ok so it’s only apps with a dedicated hook ?

tituspijean · January 10, 2024, 3:38pm

No, what I mean is that usually, normal apps should only poll the LDAP server when they create the user account within their own database, or whenever the user tries to log in with their LDAP credentials.

For example, I do not see any reason for Piwigo to poll the LDAP server when jershon opens a picture that had been commented by their late great-aunt.

jershon · January 17, 2024, 7:37pm

Hi @tituspijean,

Sorry for the late answer, and thank you for your message.

I think it would be a good feature if there was a “disable/enable” button in the users administration page to lock accounts in LDAP. But it might be a little tricky to implement, because each application should be notified of the disabling, so in deletes current sessions…

Well, I opted to the “change the password to a very long and complex one”

Many thanks to all of you for your support