From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 18FEB138350 for ; Sun, 19 Jan 2020 21:00:26 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A98F3E099B; Sun, 19 Jan 2020 21:00:22 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A5D23E096F for ; Sun, 19 Jan 2020 21:00:21 +0000 (UTC) Received: from [192.168.1.100] (c-98-218-46-55.hsd1.md.comcast.net [98.218.46.55]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mjo) by smtp.gentoo.org (Postfix) with ESMTPSA id 0DFE534E26C for ; Sun, 19 Jan 2020 21:00:14 +0000 (UTC) Subject: Re: [gentoo-dev] GLEP81 and /home To: gentoo-dev@lists.gentoo.org References: <825bd707-faa2-f956-edbb-a11a8d82296b@gentoo.org> <2313c928-6c17-394c-d437-b5ad1f76ecea@gentoo.org> <4c60e5c5-92ce-09f0-09c5-a7338bb9cfb3@gentoo.org> <21efee36-dcc8-bb14-9fb9-0d6b2abf8c8d@gentoo.org> From: Michael Orlitzky Message-ID: <5e98c62e-3501-9322-7129-a9d6105a6126@gentoo.org> Date: Sun, 19 Jan 2020 16:00:12 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Archives-Salt: fd82b9be-cfcc-4c0e-a522-ee61aacfefe9 X-Archives-Hash: 4672756fd26d00869ed8ae4b047511f0 On 1/19/20 2:47 PM, Rich Freeman wrote: > > Obviously the UIDs associated with the shared /home need to be > identical. Simplest solution is to sync anything > 1000 in > /etc/passwd, and then not allow UIDs below 1000 in /home. A cron job > could easily handle both, and of course regular users can't go > creating stuff with the wrong UID anyway. That's not enough. You also need to sync any user/group that appears as the owner or group of a file in /home, and every user/group that appears in an ACL in /home, and so on. And since you have no idea what files or access control lists will show up in /home, you'd better sync them all. >> We've talked this to death. Barring any new evidence, /home still seems >> like the best place for these, and I don't want to put them in the wrong >> spot (forcing users to migrate) just to appease a QA warning from before >> GLEP81 was a thing. > > Well, great, then by all means ask QA for a policy exception. Not my > place to yell at you if you don't, but don't be surprised if somebody > else does... > I'm not going to violate the policy, I'm going to delete the keepdir file from $D. Then everything is back to normal. If I was willing to introduce a QA warning, this thread would have been a lot shorter =P