From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-27414-garchives=archives.gentoo.org@gentoo.org>)
	id 1InwOQ-0003W9-3y
	for garchives@archives.gentoo.org; Fri, 02 Nov 2007 13:16:58 +0000
Received: from robin.gentoo.org (localhost [127.0.0.1])
	by robin.gentoo.org (8.14.1/8.14.0) with SMTP id lA2DG7Fu006792;
	Fri, 2 Nov 2007 13:16:07 GMT
Received: from farragut.cafarelli.fr (farragut.cafarelli.fr [88.191.27.4])
	by robin.gentoo.org (8.14.1/8.14.0) with ESMTP id lA2DEC8h004373
	for <gentoo-dev@lists.gentoo.org>; Fri, 2 Nov 2007 13:14:12 GMT
Received: by farragut.cafarelli.fr (Postfix, from userid 81)
	id 8F455224EBA; Fri,  2 Nov 2007 14:17:45 +0100 (CET)
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Re: [gentoo-commits] gentoo-x86 commit in
 net-misc/nxserver-freenx: nxserver-freenx-0.7.0-r1.ebuild ChangeLog
 nxserver-freenx-0.7.1.ebuild
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Date: Fri, 2 Nov 2007 14:17:45 +0100
From: Bernard Cafarelli <voyageur@gentoo.org>
Organization: Gentoo Foundation, Inc.
In-Reply-To: <200711020335.35988.vapier@gentoo.org>
References: <200711020335.35988.vapier@gentoo.org>
Message-ID: <601f793be4f9bd08aab8264b38ce6da8@localhost>
X-Sender: voyageur@gentoo.org
User-Agent: RoundCube Webmail/0.1b
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-MIME-Autoconverted: from 8bit to quoted-printable by robin.gentoo.org id lA2DG7He006792
X-Archives-Salt: 9ffa803b-ff66-4651-a64e-afcf0212143b
X-Archives-Hash: 4b88732bdc8fc3824f722325d8692f9f


On Fri, 2 Nov 2007 03:35:35 -0400, Mike Frysinger <vapier@gentoo.org>=0D
wrote:=0D
> On Thursday 01 November 2007, Bernard Cafarelli wrote:=0D
>> Le Thu, 1 Nov 2007 16:06:51 +0100=0D
>>=0D
>> Marius Mauch <genone@gentoo.org> a =C3=A9crit:=0D
>> > On Thu, 1 Nov 2007 15:43:18 +0100=0D
>> >=0D
>> > Bernard Cafarelli <voyageur@gentoo.org> wrote:=0D
>> > > Le Wed, 31 Oct 2007 16:42:35 -0700=0D
>> > >=0D
>> > > Donnie Berkholz <dberkholz@gentoo.org> a =C3=A9crit:=0D
>> > > > On 19:49 Wed 31 Oct     , Bernard Cafarelli (voyageur) wrote:=0D
>> > > > > 1.1=0D
>> > > > > net-misc/nxserver-freenx/nxserver-freenx-0.7.1.ebuild=0D
>> > > > >=0D
>> > > > > file :=0D
>> > > > >=0D
> http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/nxserver-f=0D
>> > > > >reenx/nxserver-freenx-0.7.1.ebuild?rev=3D1.1&view=3Dmarkup plai=
n:=0D
>> > > > >=0D
> http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-misc/nxserver-f=0D
>> > > >=0D
>>reenx/nxserver-freenx-0.7.1.ebuild?rev=3D1.1&content-type=3Dtext/plain=0D
>> > > > >=0D
>> > > > > pkg_postinst () {=0D
>> > > > > 	usermod -s /usr/bin/nxserver nx || die "Unable to set=0D
>> > > > > login shell of nx user!!" usermod -d ${NX_HOME_DIR} nx || die=0D
>> > > > > "Unable to set home directory of nx user!!"=0D
>> > > >=0D
>> > > > This isn't safe with ROOT !=3D / and it looks wrong too, you oug=
hta=0D
>> > > > be using enewuser for this stuff.=0D
>> > > >=0D
>> > > > Thanks,=0D
>> > > > Donnie=0D
>> > >=0D
>> > > The problem is, enewuser can not be used to modify already existin=
g=0D
>> > > user accounts.This happens if another nxserver was installed befor=
e=0D
>> > > (which uses the same account, but with different shell and home=0D
>> > > directory).=0D
>> > >=0D
>> > > I'll fix ROOT handling in the meantime, this should be better:=0D
>> > > usermod -s "${ROOT}"/usr/bin/nxserver nx=0D
>> > > usermod -d "${ROOT}"{NX_HOME_DIR} nx=0D
>> >=0D
>> > Should it really? Wouldn't it modify /etc/passwd instead of the one =
in=0D
>> > $ROOT, in which case it would actually be worse?=0D
>> > Might be better to make it conditional on ROOT =3D /, and show a=0D
>> > warning if ROOT !=3D /, unless you can find a solution that is safe =
for=0D
>> > ROOT !=3D /=0D
>>=0D
>> Yes, as pointed out on IRC by zlin, this does not fix the problem at=0D
>> all (and make it a little worse!).=0D
>>=0D
>> Making it conditional on ROOT !=3D / is a good workaround in the=0D
>> meantime: not breaking anything in all cases, and as  the problem only=
=0D
>> appears if a different nxserver was installed before, it still works i=
n=0D
>> most cases. Thanks!=0D
> =0D
> presumably you have init.d scripts which would start the daemons ?  in=0D
> that =0D
> case, it'd make more sense i think to move the user account check to th=
e =0D
> init.d start() function and error out telling the user what to do inste=
ad=0D
> of =0D
> modifying things on them (which i think is bad form).  see the cheesy=0D
> check =0D
> in openntpd's "ntpd" init.d script as an example.=0D
> -mike=0D
=0D
nxserver-freeedition has one, however freenx only relies on ssh (connecti=
ng=0D
as nx user will start up the "server").=0D
Unless I add one for freenx that only does the user checking (so all NX=0D
servers would include a init.d script).=0D
=0D
Another solution would be to fix and update the setup scripts from the NX=
=0D
servers themselves, but this is less portable...=0D
=0D
Bernard

--=20
gentoo-dev@gentoo.org mailing list