Lucid screwed some users after upgrade/unsolicited update

[Steve Morris]

I used the alternate cd to upgrade from Karmic to Lucid and yesterday 
morning kpackagekit did a package update without telling me it was doing 
it, even though on Karmic I had explicitly disabled this. A second of 
the 5 users defined to my system tried to logon yesterday and had all 
sorts of problems.
First they were required to change their password, even though in Karmic 
password changing was disabled, why?
Secondly, for the user who tried to logon her home directory ownership 
had been changed to root, plus her's and 2 other users uid had been 
changed or ownership had been stuffed such that, her home directory 
contents were owned by a second user, the second users home directory 
and contents were owned by a third user and, the third users home 
directory and contents were owned by the first user. The environment for 
the other 2 users was unchanged. What is happening here and why?
Also, I suspect this was caused by yesterday mornings unsolicited 
update, Konsole will now no longer run complaining of an issue with 
/bin/bash. What caused this and how do I remedy this (I assume its a 
case of uninstalling/reinstalling its package, but which one)?
The other question this raises is, how do I prevent this from happening 
again in the future?

regards,
Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: samorris.vcf
Type: text/x-vcard
Size: 126 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kubuntu-users/attachments/20100603/8bad62e8/attachment.vcf>