| 1 |
On 1/19/20 2:47 PM, Rich Freeman wrote: |
| 2 |
> |
| 3 |
> Obviously the UIDs associated with the shared /home need to be |
| 4 |
> identical. Simplest solution is to sync anything > 1000 in |
| 5 |
> /etc/passwd, and then not allow UIDs below 1000 in /home. A cron job |
| 6 |
> could easily handle both, and of course regular users can't go |
| 7 |
> creating stuff with the wrong UID anyway. |
| 8 |
|
| 9 |
That's not enough. You also need to sync any user/group that appears as |
| 10 |
the owner or group of a file in /home, and every user/group that appears |
| 11 |
in an ACL in /home, and so on. And since you have no idea what files or |
| 12 |
access control lists will show up in /home, you'd better sync them all. |
| 13 |
|
| 14 |
|
| 15 |
>> We've talked this to death. Barring any new evidence, /home still seems |
| 16 |
>> like the best place for these, and I don't want to put them in the wrong |
| 17 |
>> spot (forcing users to migrate) just to appease a QA warning from before |
| 18 |
>> GLEP81 was a thing. |
| 19 |
> |
| 20 |
> Well, great, then by all means ask QA for a policy exception. Not my |
| 21 |
> place to yell at you if you don't, but don't be surprised if somebody |
| 22 |
> else does... |
| 23 |
> |
| 24 |
|
| 25 |
I'm not going to violate the policy, I'm going to delete the keepdir |
| 26 |
file from $D. Then everything is back to normal. |
| 27 |
|
| 28 |
If I was willing to introduce a QA warning, this thread would have been |
| 29 |
a lot shorter =P |
Archives