On Sun, 2020-01-19 at 22:43 -0500, Michael Orlitzky wrote:
> In rare cases, a system user will need a real home directory to store
> per-user configuration data and/or be accessed interactively by a
> human being. In those cases, /home/${username} is an appropriate place
> for the user's home directory. Using /home is allowed and encouraged
> by the FHS, and there are no real technical obstacles to it aside from
> an install-time QA warning about the path.
>
> Before GLEP81, the efficacy of this check was unarguable. With
> enewuser, you could still set a user's home directory to a location
> under /home, but the lack of a "keepdir" meant that it would fly under
> the radar during the QA check. As a result, the QA check would only
> flag truly problematic files. With GLEP81, however, an implementation
> detail leads this check to flag the user's home directory.
>
> This commit makes an exception for the home directory /home/${PN}
> itself, and the /home/${PN}/.keep* file it contains. This lets us
> migrate existing user.eclass ebuilds to GLEP81 without triggering a
> new QA warning on a dummy file.
>
> This will be useful in at least two real situations:
>
> * The "amavis" user exists to launch the amavisd daemon, but much of
> the configuration for that user is created in $HOME by a human who
> is logged in as "amavis" interactively. This is user data by any
> definition, and should be stored in /home/amavis rather than
> dumping it in the daemon's working directory.
>
> * The "spamd" user gets its SpamAssassin configuration the same way
> local users do in a traditional UNIX mail setup: by reading it out
> of $HOME. This is user data, even though it happens to affect the
> daemon. With user.eclass, /home/spamd is already used as the home
> directory. When migrating to GLEP81, we should not break existing
> systems and force a migration just to avoid an old warning.
>
> There are other potential uses as well. If I want to share (real
> human) user accounts across multiple Gentoo installs per the design of
> GLEP81, then I can do that with acct-user packages in an overlay. The
> user packages ensure that the same UIDs and GIDs get used on every
> system, but if I do this with my "mjo" account, I'm going to want
> /home/mjo to be my home directory. There's nothing wrong with that,
> so we shouldn't warn about it.
> ---
> metadata/install-qa-check.d/08gentoo-paths | 27 ++++++++++++++++++++++
> 1 file changed, 27 insertions(+)
>
> diff --git a/metadata/install-qa-check.d/08gentoo-paths
> b/metadata/install-qa-check.d/08gentoo-paths
> index 5161aef9922..ab9bd64d0e0 100644
> --- a/metadata/install-qa-check.d/08gentoo-paths
> +++ b/metadata/install-qa-check.d/08gentoo-paths
> @@ -19,6 +19,10 @@ gentoo_path_check() {
> boot dev etc opt srv usr var
> )
>
> + # We make an exception and allow acct-user packages to install to
> + # /home in rare circumstances.
> + [[ "${CATEGORY}" == "acct-user" ]] && allowed_paths_toplevel+=( home )
> +
> # directories in /usr which can be installed to by ebuilds
> # /usr/games is not included as it is banned nowadays
> local allowed_paths_usr=(
> @@ -61,6 +65,29 @@ gentoo_path_check() {
> fi
> done
>
> + # Normally ebuilds should not install anything under /home. If this
> + # is a GLEP81 user package, however, we make an exception for the
> + # user's home directory itself and the ".keep" file within it. This
> + # allows GLEP81 user packages to have home directories under /home,
> + # which can be useful if the account is meant to be used by a human
> + # to store configuration data or run maintenance tasks.
> + if [[ "${CATEGORY}" == "acct-user" ]]; then
> + local f found=()
> + while read -r -d '' f; do
> + found+=( "${f}" )
> + done < <(find -L "${ED%/}/home" \
> + -mindepth 1 \
> + -maxdepth 2 \
> + ! -path "${ED%/}/home/${PN}" \
> + ! -path "${ED%/}/home/${PN}/.keep*" \
> + -print0)
> +
> + if [[ ${found[@]} ]]; then
> + # mimic the output for non-acct-user packages.
> + bad_paths+=( "/home" )
> + fi
> + fi
> +
> ${shopt_save}
>
> # reportNAK. /home belongs to paths that are deliberately left for sysadmin to manage and use for real (read: human) users. 'Rare cases' are no justification to abuse those paths, especially that there is no technical reason not to use /var (or /srv) as intended for system users. -- Best regards, Michał Górny
signature.asc
Description: This is a digitally signed message part
