From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id B91761382C5 for ; Mon, 4 Jan 2021 16:11:07 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CADB5E0985; Mon, 4 Jan 2021 16:11:04 +0000 (UTC) Received: from smtp.gentoo.org (mail.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8F427E08CD for ; Mon, 4 Jan 2021 16:11:04 +0000 (UTC) Received: by mail-io1-f48.google.com with SMTP id 81so25407712ioc.13 for ; Mon, 04 Jan 2021 08:11:03 -0800 (PST) X-Gm-Message-State: AOAM531afZM+a/uPgqe7UuitgX3dH/Ke7i83BrUhc0jKbku4VL6Ad5eG QB5eBa3QlCL8CycSWHaR9aQTPmJLvEFoKsM5/PU= X-Google-Smtp-Source: ABdhPJxZyfuORTKraYuLoJlCHTYbrlI8fecq+XVofBh7Q7O+Hinuo4Pe/Eo5vugV4CYzmMm5+7j3aWRqKTt660+n8p8= X-Received: by 2002:a6b:8b88:: with SMTP id n130mr59397122iod.122.1609776661014; Mon, 04 Jan 2021 08:11:01 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 References: <20210104013558.20072-1-whissi@gentoo.org> <809f727af51f7dcd9aec97a800c0ecd89f60eaa6.camel@gentoo.org> In-Reply-To: <809f727af51f7dcd9aec97a800c0ecd89f60eaa6.camel@gentoo.org> From: Mike Gilbert Date: Mon, 4 Jan 2021 11:10:50 -0500 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [gentoo-dev] [PATCH] acct-user.eclass: don't modify existing user by default To: Gentoo Dev Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Archives-Salt: f225e95c-1499-4e2e-8515-c03f2dc5927e X-Archives-Hash: ac846fdca32c4532af808df10f271121 On Mon, Jan 4, 2021 at 4:23 AM Micha=C5=82 G=C3=B3rny w= rote: > > On Mon, 2021-01-04 at 02:35 +0100, Thomas Deutschmann wrote: > > Modifying an existing user is a bad default and makes Gentoo > > special because it is common for system administrators to make > > modifications to user (i.e. putting an user into another service's > > group to allow that user to access service in question) and it > > would be unexpected to see these changes reverted during normal > > world upgrade (which could break services). > > Not modifying an existing user is a horrible default that has already > bricked one system (by removing /dev/null). So, over my dead commit > access. As the eclass maintainer, would you be willing to merge a similar patch that enables user modifications by default, but provides sysadmins a way to disable it? I have a feeling that there will not be a consensus on the default behavior, and I could see that getting escalated to council. However, it might be nice to provide people with the option in the meantime.