From: ludo@gnu.org (Ludovic Courtès)
To: Vincent Legoll <vincent.legoll@gmail.com>
Cc: Alex Kost <alezost@gmail.com>,
24275@debbugs.gnu.org,
John Darrington <john@darrington.wattle.id.au>
Subject: bug#24275: Misnamed directory in GuixSD
Date: Sun, 28 Aug 2016 01:32:01 +0200 [thread overview]
Message-ID: <87twe54wlq.fsf@gnu.org> (raw)
In-Reply-To: <CAEwRq=rhhGh1MpZef30m=Ke6Zo9NB3ARULwuEqF5Jz3DO_sFLA@mail.gmail.com> (Vincent Legoll's message of "Tue, 23 Aug 2016 13:04:49 +0200")
[-- Attachment #1: Type: text/plain, Size: 754 bytes --]
Hello!
What an embarrassing bug. :-)
Vincent Legoll <vincent.legoll@gmail.com> skribis:
> I came with the attached patch, totally untested, probably wrong for some
> cases...
>
> The following is what I think I have implemented:
>
> At account creation time, do not create directories for system? accounts.
>
> At account modification, do not create directories, nor move existing ones,
> but change them in /etc/passwd
>
> WDYT ?
We currently lack a way to specify whether the home directory should be
created, which would be useful for ‘nobody’.
So what about a patch along these lines instead? It adds a
‘create-home-directory?’ field to <user-account> and sets it to #f for
‘nobody’.
Thanks,
Ludo’.
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: Type: text/x-patch, Size: 3981 bytes --]
diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm
index 6666cb4..10aa58d 100644
--- a/gnu/build/activation.scm
+++ b/gnu/build/activation.scm
@@ -110,7 +110,8 @@ owner-writable in HOME."
files)))
(define* (add-user name group
- #:key uid comment home shell password system?
+ #:key uid comment home create-home?
+ shell password system?
(supplementary-groups '())
(log-port (current-error-port)))
"Create an account for user NAME part of GROUP, with the specified
@@ -139,7 +140,7 @@ properties. Return #t on success."
`("-G" ,(string-join supplementary-groups ","))
'())
,@(if comment `("-c" ,comment) '())
- ,@(if home
+ ,@(if (and home create-home?)
(if (file-exists? home)
`("-d" ,home) ; avoid warning from 'useradd'
`("-d" ,home "--create-home"))
@@ -158,7 +159,8 @@ properties. Return #t on success."
#t)))))
(define* (modify-user name group
- #:key uid comment home shell password system?
+ #:key uid comment home create-home?
+ shell password system?
(supplementary-groups '())
(log-port (current-error-port)))
"Modify user account NAME to have all the given settings."
@@ -186,7 +188,8 @@ logged in."
(zero? (system* "groupdel" name)))
(define* (ensure-user name group
- #:key uid comment home shell password system?
+ #:key uid comment home create-home?
+ shell password system?
(supplementary-groups '())
(log-port (current-error-port))
#:rest rest)
@@ -207,7 +210,8 @@ numeric gid or #f."
(define activate-user
(match-lambda
- ((name uid group supplementary-groups comment home shell password system?)
+ ((name uid group supplementary-groups comment home create-home?
+ shell password system?)
(let ((profile-dir (string-append "/var/guix/profiles/per-user/"
name)))
(ensure-user name group
@@ -216,6 +220,7 @@ numeric gid or #f."
#:supplementary-groups supplementary-groups
#:comment comment
#:home home
+ #:create-home? create-home?
#:shell shell
#:password password)
diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm
index c394890..be08646 100644
--- a/gnu/system/shadow.scm
+++ b/gnu/system/shadow.scm
@@ -78,6 +78,8 @@
(default '())) ; list of strings
(comment user-account-comment (default ""))
(home-directory user-account-home-directory)
+ (create-home-directory? user-account-create-home-directory? ;Boolean
+ (default #f))
(shell user-account-shell ; gexp
(default #~(string-append #$bash "/bin/bash")))
(system? user-account-system? ; Boolean
@@ -128,6 +130,7 @@
(group "nogroup")
(shell #~(string-append #$shadow "/sbin/nologin"))
(home-directory "/nonexistent")
+ (create-home-directory? #f)
(system? #t))))
(define (default-skeletons)
@@ -255,6 +258,7 @@ of user '~a' is undeclared")
#$(user-account-supplementary-groups account)
#$(user-account-comment account)
#$(user-account-home-directory account)
+ #$(user-account-create-home-directory? account)
,#$(user-account-shell account) ; this one is a gexp
#$(user-account-password account)
#$(user-account-system? account)))
next prev parent reply other threads:[~2016-08-27 23:33 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-20 20:11 bug#24275: Misnamed directory in GuixSD John Darrington
2016-08-21 23:14 ` Leo Famulari
2016-08-22 8:21 ` Alex Kost
2016-08-22 8:47 ` Vincent Legoll
2016-08-22 18:09 ` Leo Famulari
2016-08-23 11:04 ` Vincent Legoll
2016-08-27 23:32 ` Ludovic Courtès [this message]
2016-08-27 23:49 ` Vincent Legoll
2016-08-28 13:48 ` Ludovic Courtès
2016-08-28 14:44 ` Vincent Legoll
2016-08-29 8:04 ` Ludovic Courtès
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87twe54wlq.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=24275@debbugs.gnu.org \
--cc=alezost@gmail.com \
--cc=john@darrington.wattle.id.au \
--cc=vincent.legoll@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).