| 1 |
On 8/17/19 4:35 AM, Ulrich Mueller wrote: |
| 2 |
> |
| 3 |
>> 2 No two acct-user packages should define the same ACCT_USER_HOME. |
| 4 |
> |
| 5 |
> These two points are not fulfilled by the users that currently belong |
| 6 |
> to baselayout. For example, "operator" (and "toor" on BSD) share /root |
| 7 |
> with the root user. |
| 8 |
> |
| 9 |
|
| 10 |
Let me first say that I've called these "guidelines" and not "rules" for |
| 11 |
a reason. If there's a legitimate reason to ignore one of them, then so |
| 12 |
be it. |
| 13 |
|
| 14 |
For "toor", it might make sense to leave its home directory as-is. It |
| 15 |
shares the same UID as "root", so the bit about clobbering permissions |
| 16 |
doesn't apply. |
| 17 |
|
| 18 |
The "operator" user on the other hand, is an anachronism. It's unable to |
| 19 |
log in by default, and I'll bet we could simply delete it from |
| 20 |
baselayout and no one would notice. Less zealously, we could leave its |
| 21 |
home directory at the default: /root will be unusable anyway (see below |
| 22 |
about $HOME being unwritable). |
| 23 |
|
| 24 |
|
| 25 |
>> 5 As a corollary of the previous item, it is highly suspicious for |
| 26 |
>> an acct-user package to set ACCT_USER_HOME_OWNER="root:root". |
| 27 |
> |
| 28 |
> Again, points 4 and 5 won't be true for several of baselayout's users. |
| 29 |
> For example, "nobody" lives in /var/empty but cannot write to it, and |
| 30 |
> that dir is owned by root. |
| 31 |
|
| 32 |
"The fact that the home directory is not writable suggests that the |
| 33 |
default (empty) ACCT_USER_HOME would suffice instead." |
| 34 |
|
| 35 |
Would it? |
| 36 |
|
| 37 |
|
| 38 |
> Same for the "sshd" user, which IIRC chroots to /var/empty, but must |
| 39 |
> not (be able to) write to that dir. |
| 40 |
|
| 41 |
It chroots to /var/empty, but does it chroot to $HOME? The ebuild passes |
| 42 |
|
| 43 |
--with-privsep-path="${EPREFIX%/}"/var/empty |
| 44 |
|
| 45 |
to the build. |
| 46 |
|
| 47 |
I see that on newer installs the "sshd" user now has /var/empty as its |
| 48 |
home directory. But the machine I'm typing this on had Gentoo installed |
| 49 |
on it in 2004, and sshd's home directory is set to /dev/null. And as far |
| 50 |
as I know, everything's fine. |
| 51 |
|
| 52 |
So, same question: would the default (empty) ACCT_USER_HOME suffice instead? |
Archives