On Sun, Jan 19, 2020 at 8:51 PM Michael Orlitzky <[email protected]> wrote: > > On 1/19/20 8:20 PM, Rich Freeman wrote: > > It would be far simpler for the sysadmin to simply ensure that no > > unsynced user owns a file or appears in an ACL. That would be pretty > > trivial to achieve. Whatever is hosting /home could be designed to > > block such changes, or you could just scan for these ownership issues > > periodically and treat those responsible for them appropriately. > > Fantasy scenarios again. I'm not going to debunk a system that you just > thought up and that has never existed. Why don't you find one person who > actually does this, and see if it bothers him if we create a home > directory under /home where it belongs?
Uh, I'm pretty confident that nothing in my /home is owned by a UID under 1000, or has an ACL referencing such a UID. I just checked with myself and I don't want you creating directories in /home. This really seems like it has the potential to create a mess for anybody using LUKS-encrypted home directories, stuff mounted from CIFS, and so on. While I personally don't do either it seems fairly mainstream, and I could eventually see myself using it more once better supported on Gentoo (such as when systemd-homed is more mainstream). > > On the topic of treating those responsible appropriately, somehow I > > could see this scenario turning into a quiz question. > > > > I mean, would it kill you to just talk to QA first? > > I've already got responses from two QA members. This thread is pretty > hard to miss. Well, then why go posting stuff like "guess we'll be triggering a warning after all?" > I'm working on a patch for the install-qa-check.d check > and I'm sure I'll get more when I post it. Are you just allowing it to not create the directory, or are we considering patching it to allow creating stuff under /home? It would seem that the policy would also need updating in that case, but probably not the former. -- Rich
