From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-93469-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 28ADB1382C5
	for <garchives@archives.gentoo.org>; Mon,  4 Jan 2021 16:14:55 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 570E8E09D0;
	Mon,  4 Jan 2021 16:14:52 +0000 (UTC)
Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 23FC6E09CA
	for <gentoo-dev@lists.gentoo.org>; Mon,  4 Jan 2021 16:14:52 +0000 (UTC)
Message-ID: <85a7ff62c353e13e2c2c8c93b7c90282d6d1f045.camel@gentoo.org>
Subject: Re: [gentoo-dev] [PATCH] acct-user.eclass: don't modify existing
 user by default
From: =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?= <mgorny@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Date: Mon, 04 Jan 2021 17:14:47 +0100
In-Reply-To: <CAJ0EP43J-nuBopP9w9Q86vMpNq_7uCMkJ9cXjsKmfBDdY97UkQ@mail.gmail.com>
References: <20210104013558.20072-1-whissi@gentoo.org>
	 <809f727af51f7dcd9aec97a800c0ecd89f60eaa6.camel@gentoo.org>
	 <CAJ0EP43J-nuBopP9w9Q86vMpNq_7uCMkJ9cXjsKmfBDdY97UkQ@mail.gmail.com>
Organization: Gentoo
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.38.2 
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Archives-Salt: 03c3a59f-0407-493d-8521-af615cffbe02
X-Archives-Hash: cc5af1436147416556eb287a58691c02

On Mon, 2021-01-04 at 11:10 -0500, Mike Gilbert wrote:
> On Mon, Jan 4, 2021 at 4:23 AM Michał Górny <mgorny@gentoo.org> wrote:
> > 
> > On Mon, 2021-01-04 at 02:35 +0100, Thomas Deutschmann wrote:
> > > Modifying an existing user is a bad default and makes Gentoo
> > > special because it is common for system administrators to make
> > > modifications to user (i.e. putting an user into another service's
> > > group to allow that user to access service in question) and it
> > > would be unexpected to see these changes reverted during normal
> > > world upgrade (which could break services).
> > 
> > Not modifying an existing user is a horrible default that has already
> > bricked one system (by removing /dev/null).  So, over my dead commit
> > access.
> 
> As the eclass maintainer, would you be willing to merge a similar
> patch that enables user modifications by default, but provides
> sysadmins a way to disable it?

Yes, I don't mind an option, as long as it spews a big fat ewarn that
the user loses the right to support.  However, that's still not
the right solution to the immediate problem, and I'm currently working
on a better patch, so I'd prefer if you waited with that to avoid merge
conflicts.


-- 
Best regards,
Michał Górny