Re: [gentoo-dev] [PATCH] acct-user.eclass: don't modify existing user by default

[Thomas Deutschmann <whissi@gentoo.org>]

On 2021-01-04 10:23, Michał Górny wrote:
> Not modifying an existing user is a horrible default that has already
> bricked one system (by removing /dev/null).  So, over my dead commit
> access.

Have you seen how many user were hit caused by the recent rebuilt on 
2020-12-28 and are already complaining/asking for help through various 
channels?

It's like asking for service auto-restart support in PMS as requested as 
part of current OpenSSH upgrade because if you move from <8.3_p1 to 
 >=8.3_p1 and don't restart OpenSSH in time, you can get locked out.

However, an easily looking solution like

> Just add something like
> 
> 	if [[ -d /run/systemd/system ]]; then
> 			systemctl try-restart sshd
> 	else
> 			rc-service -q --ifstarted sshd restart
> 	fi
> 
> to pkg_postinst

is wrong because even if it works for *some* users it won't work for all 
users but has the potential to cause major problems.

That's why we have elog and newitem system. However, 8.3 is in 
repository for while and multiple people forgot about the newitem and 
didn't pay attention to elog messages. While I agree that it's a problem 
when you lose access to a remote box you don't have physical access to, 
this reached a level where I have to say,

 > We cannot rescue/protect everyone.

Back to topic, acct-* stuff:

Like already said in February 2020 when I joined a thread created by a 
user posting same concerns:

There is a reason why *no* distribution on this planet is trying to mess 
with existing data/configurations: Every attempt trying to analyze given 
setup to apply required changes to fix/migrate something automatically 
has been prone to fail the long run.

Please get some experience from real world. Preferable from running 
headless systems not just for yourself and where you are not the only 
person touching the system.

When I worked on bug 605008 long time ago for example, I also ended up 
over-engineering. There is stuff you cannot fix. I am still thinking 
about creating everything the way it should look like in $D and report 
any difference like changed file permissions to user on merge to allow 
them to notice (an improvement, now user only have to pay attention and 
you need to solve the additional problem that the more information you 
present all the time, the more information will be ignored). But 
sometimes users are making changes we wouldn't do, not recommend or just 
don't understand at first. That all doesn't matter: We have to keep in 
mind that these aren't our systems and we have to respect whatever the 
user did on their system.


-- 
Regards,
Thomas Deutschmann / Gentoo Linux Developer
fpr: C4DD 695F A713 8F24 2AA1 5638 5849 7EE5 1D5D 74A5