On 1/19/20 2:47 PM, Rich Freeman wrote: > > Obviously the UIDs associated with the shared /home need to be > identical. Simplest solution is to sync anything > 1000 in > /etc/passwd, and then not allow UIDs below 1000 in /home. A cron job > could easily handle both, and of course regular users can't go > creating stuff with the wrong UID anyway.
That's not enough. You also need to sync any user/group that appears as the owner or group of a file in /home, and every user/group that appears in an ACL in /home, and so on. And since you have no idea what files or access control lists will show up in /home, you'd better sync them all. >> We've talked this to death. Barring any new evidence, /home still seems >> like the best place for these, and I don't want to put them in the wrong >> spot (forcing users to migrate) just to appease a QA warning from before >> GLEP81 was a thing. > > Well, great, then by all means ask QA for a policy exception. Not my > place to yell at you if you don't, but don't be surprised if somebody > else does... > I'm not going to violate the policy, I'm going to delete the keepdir file from $D. Then everything is back to normal. If I was willing to introduce a QA warning, this thread would have been a lot shorter =P
