From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D294E138350 for ; Mon, 20 Jan 2020 05:35:30 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 9D7BEE0A89; Mon, 20 Jan 2020 05:35:28 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 3CA3CE0A76 for ; Mon, 20 Jan 2020 05:35:28 +0000 (UTC) Received: from pomiot (c142-245.icpnet.pl [85.221.142.245]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id 6CD8334E2B7; Mon, 20 Jan 2020 05:35:26 +0000 (UTC) Message-ID: Subject: Re: [gentoo-dev] [PATCH 2/2] install-qa-check.d: allow acct-user home directories under /home. From: =?UTF-8?Q?Micha=C5=82_G=C3=B3rny?= To: gentoo-dev@lists.gentoo.org Date: Mon, 20 Jan 2020 06:35:22 +0100 In-Reply-To: <20200120034350.27108-3-mjo@gentoo.org> References: <20200120034350.27108-1-mjo@gentoo.org> <20200120034350.27108-3-mjo@gentoo.org> Organization: Gentoo Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-SNtpdsgLiZE4yZDvhI6G" User-Agent: Evolution 3.32.5 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 X-Archives-Salt: da60bdf2-a937-49f0-b3a7-8434ac7a8219 X-Archives-Hash: 5422395e7db6549f5011043c4af4ca86 --=-SNtpdsgLiZE4yZDvhI6G Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Sun, 2020-01-19 at 22:43 -0500, Michael Orlitzky wrote: > In rare cases, a system user will need a real home directory to store > per-user configuration data and/or be accessed interactively by a > human being. In those cases, /home/${username} is an appropriate place > for the user's home directory. Using /home is allowed and encouraged > by the FHS, and there are no real technical obstacles to it aside from > an install-time QA warning about the path. >=20 > Before GLEP81, the efficacy of this check was unarguable. With > enewuser, you could still set a user's home directory to a location > under /home, but the lack of a "keepdir" meant that it would fly under > the radar during the QA check. As a result, the QA check would only > flag truly problematic files. With GLEP81, however, an implementation > detail leads this check to flag the user's home directory. >=20 > This commit makes an exception for the home directory /home/${PN} > itself, and the /home/${PN}/.keep* file it contains. This lets us > migrate existing user.eclass ebuilds to GLEP81 without triggering a > new QA warning on a dummy file. >=20 > This will be useful in at least two real situations: >=20 > * The "amavis" user exists to launch the amavisd daemon, but much of > the configuration for that user is created in $HOME by a human who > is logged in as "amavis" interactively. This is user data by any > definition, and should be stored in /home/amavis rather than > dumping it in the daemon's working directory. >=20 > * The "spamd" user gets its SpamAssassin configuration the same way > local users do in a traditional UNIX mail setup: by reading it out > of $HOME. This is user data, even though it happens to affect the > daemon. With user.eclass, /home/spamd is already used as the home > directory. When migrating to GLEP81, we should not break existing > systems and force a migration just to avoid an old warning. >=20 > There are other potential uses as well. If I want to share (real > human) user accounts across multiple Gentoo installs per the design of > GLEP81, then I can do that with acct-user packages in an overlay. The > user packages ensure that the same UIDs and GIDs get used on every > system, but if I do this with my "mjo" account, I'm going to want > /home/mjo to be my home directory. There's nothing wrong with that, > so we shouldn't warn about it. > --- > metadata/install-qa-check.d/08gentoo-paths | 27 ++++++++++++++++++++++ > 1 file changed, 27 insertions(+) >=20 > diff --git a/metadata/install-qa-check.d/08gentoo-paths b/metadata/instal= l-qa-check.d/08gentoo-paths > index 5161aef9922..ab9bd64d0e0 100644 > --- a/metadata/install-qa-check.d/08gentoo-paths > +++ b/metadata/install-qa-check.d/08gentoo-paths > @@ -19,6 +19,10 @@ gentoo_path_check() { > boot dev etc opt srv usr var > ) > =20 > + # We make an exception and allow acct-user packages to install to > + # /home in rare circumstances. > + [[ "${CATEGORY}" =3D=3D "acct-user" ]] && allowed_paths_toplevel+=3D( h= ome ) > + > # directories in /usr which can be installed to by ebuilds > # /usr/games is not included as it is banned nowadays > local allowed_paths_usr=3D( > @@ -61,6 +65,29 @@ gentoo_path_check() { > fi > done > =20 > + # Normally ebuilds should not install anything under /home. If this > + # is a GLEP81 user package, however, we make an exception for the > + # user's home directory itself and the ".keep" file within it. This > + # allows GLEP81 user packages to have home directories under /home, > + # which can be useful if the account is meant to be used by a human > + # to store configuration data or run maintenance tasks. > + if [[ "${CATEGORY}" =3D=3D "acct-user" ]]; then > + local f found=3D() > + while read -r -d '' f; do > + found+=3D( "${f}" ) > + done < <(find -L "${ED%/}/home" \ > + -mindepth 1 \ > + -maxdepth 2 \ > + ! -path "${ED%/}/home/${PN}" \ > + ! -path "${ED%/}/home/${PN}/.keep*" \ > + -print0) > + > + if [[ ${found[@]} ]]; then > + # mimic the output for non-acct-user packages. > + bad_paths+=3D( "/home" ) > + fi > + fi > + > ${shopt_save} > =20 > # report NAK. /home belongs to paths that are deliberately left for sysadmin to manage and use for real (read: human) users. 'Rare cases' are no justification to abuse those paths, especially that there is no technical reason not to use /var (or /srv) as intended for system users. --=20 Best regards, Micha=C5=82 G=C3=B3rny --=-SNtpdsgLiZE4yZDvhI6G Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQGTBAABCgB9FiEEx2qEUJQJjSjMiybFY5ra4jKeJA4FAl4lPBpfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEM3 NkE4NDUwOTQwOThEMjhDQzhCMjZDNTYzOUFEQUUyMzI5RTI0MEUACgkQY5ra4jKe JA6V9wf/U0gLi3B1J/TDmToDHeW9JQ4b++FdR1S7GWghhehXjaNZhrPJrRf5jqO9 NyjBAFl2SsGtnwbquq8ShRyqybkLazZFKSlYoJFILf8ArOsrmYjfavTLOL74NhYJ xznIMgsp5MTsZLz0/cS/aDqYMgxqO14hVZvu5b8XKDxafzs4GSlznGvcRO+U9TcG vErx8JPU079LhCnde53sNl6YHuAqH0ZyEeOh5/VoaKAPgUBQ2zGrAX2Yd1v4WA4W p6DWeL0aXwrzrkFUV92Jzs8NZMZGVK6Kja8ZFasilqrfWw1Zfim16RdxZFJCS9kw 9eFA4AS6hocjP6G/BcIVG5JLW1pKfg== =uRoG -----END PGP SIGNATURE----- --=-SNtpdsgLiZE4yZDvhI6G--