Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Michael Orlitzky <mjo@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] [PATCH 2/4] acct-user/jenkins: Add jenkins user, UID 473
Date: Thu, 26 Dec 2019 13:42:29
Message-Id: 460c6d53-aab1-c74d-e0a6-13f01081befa@gentoo.org
In Reply to: Re: [gentoo-dev] [PATCH 2/4] acct-user/jenkins: Add jenkins user, UID 473 by Thomas Deutschmann
1 On 12/26/19 8:28 AM, Thomas Deutschmann wrote:
2 > On 2019-12-26 12:04, Michael Orlitzky wrote:
3 >> On 12/25/19 10:11 AM, Thomas Deutschmann wrote:
4 >>> +ACCT_USER_HOME=/var/lib/jenkins
5 >> Needed?
6 >
7 > I cannot answer that for sure. In *my* setups I need a valid home for
8 > standard SSH setup (~/.ssh/authorized_keys). But there are dozen ways
9 > how you can run and use Jenkins...
10 >
11 > For myself I am probably not going to use Gentoo's acct-* stuff. While
12 > *I* need valid HOME for jenkins' user to get working SSH setup without
13 > any additional configuration I also store services in
14 > /srv/<server-instance> instead of /var/lib. I am still scared to death
15 > that when I change HOME (usermod) which is part of my Salt state
16 > (configuration management) that acct-* stuff will revert at some point
17 > and break dozen of clusters ;]
18 >
19
20 Unless you override acct-{user,group}/jenkins, you won't really be safe.
21 Every time the package is installed -- particularly, the first time --
22 it's going to clobber the existing user's settings. This is true for
23 everyone using Jenkins in those dozens of different ways.
24
25 So before you push this, I would figure out what you want the Jenkins
26 user to look like on your machine, and add an -r1 of acct-user/jenkins
27 in a local overlay that configures it how you want. At that point, you
28 can drop the usermod calls from your configuration management tools.
29
30 For the benefit of those other users, it would be extra nice if you
31 could document how to do all that. I recently had to do the same thing
32 for OpenDKIM, because the old instructions that were gave were being
33 wiped out on upgrades and reinstalls:
34
35 https://wiki.gentoo.org/wiki/OpenDKIM#The_new_way
36
37 Then if the home directory is only needed by people who are going to be
38 overriding the acct-user ebuild anyway, you might as well leave
39 ACCT_USER_HOME at the default and let people set it in their overlays.

Replies

Subject Author
Re: [gentoo-dev] [PATCH 2/4] acct-user/jenkins: Add jenkins user, UID 473 Thomas Deutschmann <whissi@g.o>
Report Message
Find on MARC Find on Google Groups