From: Michael Orlitzky <mjo@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] GLEP81 and /home
Date: Sun, 19 Jan 2020 13:37:16 -0500 [thread overview]
Message-ID: <4c60e5c5-92ce-09f0-09c5-a7338bb9cfb3@gentoo.org> (raw)
In-Reply-To: <CAGfcS_kAwXUY1mTcqtAhsp0wS+r3SMjc2W43TrO_ON2CqnJA2g@mail.gmail.com>
On 1/19/20 12:42 PM, Rich Freeman wrote:
>
> Typically you wouldn't share service accounts across multiple hosts.
> I'd think that something like amavisd is going to go on a mail server.
> You're not going to be logging into that account to do typical
> desktop-oriented functions.
>
> If you had three mail servers, you probably would want to share
> /home/mjo across all of them, but you probably wouldn't want to share
> your amavisd config across them. That is why the config goes in /etc.
> I don't see how stuff it launches would be any different.
The stuff it launches is different because the stuff it launches is
different. SpamAssassin, for example, can be run by normal users in a
traditional UNIX mail setup. So its configuration goes in $HOME, because
that's how it works. When amavis runs spamassassin, the SA configuration
comes from $HOME, because that's how it works.
If you're sharing /home, you also have to be sharing user accounts,
unless you want everyone to be assigned a random set of files. And if
you're sharing user accounts, you have to start each instance of amavis
as a different user, because its configuration is per-user. That's just
the way it works.
Everything is fine here, this all works and has worked for 20 years. If
you have a real scenario where any of this causes a problem, I truly
would like to hear it so that I don't make a mistake. But picking apart
hypothetical scenarios that don't actually apply is making this thread
way longer and more confusing than it has to be.
> You don't really want to be using it interactively as a human per-se
> any more than you interactively log in as root or any other service
> account. There are rare occassions where I'll launch a shell as
> apache or postfix or whatever, but that doesn't mean that you want it
> to have a home in /home.
You also log in as amavis to e.g. release spam from the quarantine. And
postfix/apache don't need home directories at all, it's not the same.
> I mean, you're still doing stuff as root. You're just not running chown.
>
> POSIX certainly could fix it, though whether it could do it in a
> manner that doesn't break everything in existence is another matter.
> For example, if POSIX just got rid of hard links many of the issues
> would just go away.
Hard links are a red herring. Any write or execute operation you intend
to perform as root in my home directory can be subverted in a million
different ways. Hard links just happen to be the stupidest one-line way
to convince people of that fact.
There's already a POSIX solution for changing permissions/ownership:
don't do that. Set umask appropriately, and create files as the user who
should own them. Then you don't have to call chown/chmod to fix the mess
you just created. Running "touch foo.txt && chown mjo foo.txt" as root
in a directory I control is asking for trouble, but if I run "touch
foo.txt" as myself in the same directory... what am I going to do,
escalate privileges to myself?
next prev parent reply other threads:[~2020-01-19 18:37 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-18 17:51 [gentoo-dev] GLEP81 and /home Michael Orlitzky
2020-01-18 18:10 ` Ulrich Mueller
2020-01-18 23:38 ` Michael Orlitzky
2020-01-19 0:21 ` Rich Freeman
2020-01-19 2:50 ` Michael Orlitzky
2020-01-19 11:29 ` Rich Freeman
2020-01-19 15:49 ` Michael Orlitzky
2020-01-19 17:42 ` Rich Freeman
2020-01-19 18:37 ` Michael Orlitzky [this message]
2020-01-19 19:02 ` Rich Freeman
2020-01-19 19:27 ` Michael Orlitzky
2020-01-19 19:47 ` Rich Freeman
2020-01-19 21:00 ` Michael Orlitzky
2020-01-19 22:09 ` Michael Orlitzky
2020-01-20 1:20 ` Rich Freeman
2020-01-20 1:51 ` Michael Orlitzky
2020-01-20 2:52 ` Rich Freeman
2020-01-20 3:16 ` Michael Orlitzky
2020-01-20 3:40 ` Rich Freeman
2020-01-20 3:57 ` Michael Orlitzky
2020-01-19 19:37 ` Robin H. Johnson
2020-01-19 19:19 ` Alec Warner
2020-01-19 19:28 ` Michael Orlitzky
2020-01-19 19:32 ` Alec Warner
2020-01-19 20:44 ` Michael Orlitzky
2020-01-18 19:03 ` Alec Warner
2020-01-18 20:16 ` Michael Orlitzky
2020-01-18 19:08 ` Michał Górny
2020-01-18 19:44 ` Michael Orlitzky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4c60e5c5-92ce-09f0-09c5-a7338bb9cfb3@gentoo.org \
--to=mjo@gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox