Hello,
On Mon, Aug 22, 2016 at 8:09 PM, Leo Famulari <l...@famulari.name> wrote:
> On Mon, Aug 22, 2016 at 10:47:51AM +0200, Vincent Legoll wrote:
>>
>> > IIUC it happens because the home directory is created only when a user
>> > is added, and is not changed when the user is modified. See (gnu build
>> > activation) module:
>> >
>> > - 'add-user' runs "useradd" with "-d" option to create home dir
>>
>> Maybe the nobody user should be special cased, not to run useradd with
>> -d, the non existent directory, should really not exist for nobody. This is a
>> (very small ?) security enhancement, I think...
>
> My Debian system uses '/nonexistent' for the nobody user's passwd entry,
> but the directory does not actually exist.
>
>> If this is the way to go, I can have a shot at it...
>>
>> > - 'modify-user' runs "usermod" without "-d" (and without "--move-home")
>> >
>> > So the home of nobody was not changed for us to '/nonexistent' when the
>> > nobody user was changed.
>> >
>> > As for me, I wouldn't like to have this directory, and I think it
>> > shouldn't be created (if it is not really needed for nobody user).
>>
>> Ditto.
>
> I don't fully understand the implications of the change, but it seems
> like a worthwhile thing to try doing. At least you might learn something
> while implementing it :)
>
> I'll let more experienced people decide if it's the right thing to do.
I came with the attached patch, totally untested, probably wrong for some
cases...
The following is what I think I have implemented:
At account creation time, do not create directories for system? accounts.
At account modification, do not create directories, nor move existing ones,
but change them in /etc/passwd
WDYT ?
--
Vincent Legoll
From 8c83d8cebc3b440a523e714e652b266f7c37b380 Mon Sep 17 00:00:00 2001
From: Vincent Legoll <vincent.leg...@idgrilles.fr>
Date: Tue, 23 Aug 2016 12:37:57 +0200
Subject: [PATCH] Avoid creating system-user's home directories
* gnu/build/activation.scm (modify-user): pass -d to usermod command
(add-user): add system? condition to home
dir creation.
Signed-off-by: Vincent Legoll <vincent.leg...@idgrilles.fr>
---
gnu/build/activation.scm | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 6666cb4..c0f54ae 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -140,9 +140,13 @@ properties. Return #t on success."
'())
,@(if comment `("-c" ,comment) '())
,@(if home
- (if (file-exists? home)
- `("-d" ,home) ; avoid warning from 'useradd'
- `("-d" ,home "--create-home"))
+ ;; system? accounts may have non existent home
+ ;; directories (for example, user nobody)
+ (if system?
+ `("-d" ,home)
+ (if (file-exists? home)
+ `("-d" ,home) ; avoid warning from 'useradd'
+ `("-d" ,home "--create-home")))
'())
,@(if shell `("-s" ,shell) '())
,@(if password `("-p" ,password) '())
@@ -169,7 +173,10 @@ properties. Return #t on success."
`("-G" ,(string-join supplementary-groups ","))
'())
,@(if comment `("-c" ,comment) '())
- ;; Don't use '--move-home', so ignore HOME.
+ ;; The home directory could have changed, but may be a
+ ;; nonexistent one, so don't use '--move-home'. Manually
+ ;; cleaning things up may be needed in such a case
+ ,@(if home `("-d" ,home) '())
,@(if shell `("-s" ,shell) '())
,name)))
(zero? (apply system* "usermod" args))))
--
1.9.1
