From mboxrd@z Thu Jan 1 00:00:00 1970 From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=) Subject: bug#24275: Misnamed directory in GuixSD Date: Sun, 28 Aug 2016 01:32:01 +0200 Message-ID: <87twe54wlq.fsf@gnu.org> References: <20160820201100.GA22429@jocasta.intra> <20160821231410.GA4548@jasmine> <87bn0lciy1.fsf@gmail.com> <20160822180903.GB17367@jasmine> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:59138) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bdn62-0003qS-0G for bug-guix@gnu.org; Sat, 27 Aug 2016 19:33:07 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bdn5x-0003Kk-Rt for bug-guix@gnu.org; Sat, 27 Aug 2016 19:33:05 -0400 Received: from debbugs.gnu.org ([208.118.235.43]:44578) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bdn5x-0003Kg-OY for bug-guix@gnu.org; Sat, 27 Aug 2016 19:33:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1bdn5x-0005eQ-Ju for bug-guix@gnu.org; Sat, 27 Aug 2016 19:33:01 -0400 Sender: "Debbugs-submit" Resent-Message-ID: In-Reply-To: (Vincent Legoll's message of "Tue, 23 Aug 2016 13:04:49 +0200") List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Vincent Legoll Cc: Alex Kost , 24275@debbugs.gnu.org, John Darrington --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hello! What an embarrassing bug. :-) Vincent Legoll skribis: > I came with the attached patch, totally untested, probably wrong for some > cases... > > The following is what I think I have implemented: > > At account creation time, do not create directories for system? accounts. > > At account modification, do not create directories, nor move existing one= s, > but change them in /etc/passwd > > WDYT ? We currently lack a way to specify whether the home directory should be created, which would be useful for =E2=80=98nobody=E2=80=99. So what about a patch along these lines instead? It adds a =E2=80=98create-home-directory?=E2=80=99 field to and sets i= t to #f for =E2=80=98nobody=E2=80=99. Thanks, Ludo=E2=80=99. --=-=-= Content-Type: text/x-patch Content-Disposition: inline diff --git a/gnu/build/activation.scm b/gnu/build/activation.scm index 6666cb4..10aa58d 100644 --- a/gnu/build/activation.scm +++ b/gnu/build/activation.scm @@ -110,7 +110,8 @@ owner-writable in HOME." files))) (define* (add-user name group - #:key uid comment home shell password system? + #:key uid comment home create-home? + shell password system? (supplementary-groups '()) (log-port (current-error-port))) "Create an account for user NAME part of GROUP, with the specified @@ -139,7 +140,7 @@ properties. Return #t on success." `("-G" ,(string-join supplementary-groups ",")) '()) ,@(if comment `("-c" ,comment) '()) - ,@(if home + ,@(if (and home create-home?) (if (file-exists? home) `("-d" ,home) ; avoid warning from 'useradd' `("-d" ,home "--create-home")) @@ -158,7 +159,8 @@ properties. Return #t on success." #t))))) (define* (modify-user name group - #:key uid comment home shell password system? + #:key uid comment home create-home? + shell password system? (supplementary-groups '()) (log-port (current-error-port))) "Modify user account NAME to have all the given settings." @@ -186,7 +188,8 @@ logged in." (zero? (system* "groupdel" name))) (define* (ensure-user name group - #:key uid comment home shell password system? + #:key uid comment home create-home? + shell password system? (supplementary-groups '()) (log-port (current-error-port)) #:rest rest) @@ -207,7 +210,8 @@ numeric gid or #f." (define activate-user (match-lambda - ((name uid group supplementary-groups comment home shell password system?) + ((name uid group supplementary-groups comment home create-home? + shell password system?) (let ((profile-dir (string-append "/var/guix/profiles/per-user/" name))) (ensure-user name group @@ -216,6 +220,7 @@ numeric gid or #f." #:supplementary-groups supplementary-groups #:comment comment #:home home + #:create-home? create-home? #:shell shell #:password password) diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm index c394890..be08646 100644 --- a/gnu/system/shadow.scm +++ b/gnu/system/shadow.scm @@ -78,6 +78,8 @@ (default '())) ; list of strings (comment user-account-comment (default "")) (home-directory user-account-home-directory) + (create-home-directory? user-account-create-home-directory? ;Boolean + (default #f)) (shell user-account-shell ; gexp (default #~(string-append #$bash "/bin/bash"))) (system? user-account-system? ; Boolean @@ -128,6 +130,7 @@ (group "nogroup") (shell #~(string-append #$shadow "/sbin/nologin")) (home-directory "/nonexistent") + (create-home-directory? #f) (system? #t)))) (define (default-skeletons) @@ -255,6 +258,7 @@ of user '~a' is undeclared") #$(user-account-supplementary-groups account) #$(user-account-comment account) #$(user-account-home-directory account) + #$(user-account-create-home-directory? account) ,#$(user-account-shell account) ; this one is a gexp #$(user-account-password account) #$(user-account-system? account))) --=-=-=--