Re: [ptxdist] Resend: Home dir fixup for root in systemd

[David Jander <david@protonic.nl>]

On Tue, 26 Jul 2016 17:13:59 +0200
Ben Stuyts <ben@altesco.nl> wrote:

> Hi David :)
> 
> > On 26 Jul 2016, at 16:00, David Jander <david@protonic.nl> wrote:
> > 
> > 
> > Dear Guillermo,
> > 
> > Thanks for your reply.
> > 
> > On Tue, 26 Jul 2016 15:19:59 +0200
> > Guillermo Rodriguez Garcia <guille.rodriguez@gmail.com> wrote:
> >   
> >> Wouldn't it be easier to either use a custom /etc/passwd, or create a /root
> >> dir in the filesystem ? That sounds better than patching systemd.  
> > 
> > Maybe it would be better to change the default /etc/passwd (and everywhere
> > else) in ptxdist then…  
> 
> Perhaps a Q&D solution would be to create a symbolic link from /root
> to /home (or v.v.)? Then at least whatever mechanism is used, it would end
> up pointing to the same directory.

Yes, of course. The thing is that I am trying to NOT provide a Q&D solution.

> Kind regards,
> Ben
> 
> > 
> > The problem is that what /etc/passwd says is mandatory. The home directory
> > has a special meaning to the user. You can get to the home directory via
> > $HOME passed in the environment, or via the NS-switch (getent) lookup.
> > They are supposed to be the same.
> > systemd has hardcoded defaults in source-code, which by definition is ugly
> > as hell, but the reason is clearly to avoid potentially expensive, blocking
> > NSS-lookups in the early boot stages, so it is understandable. It would be
> > a lot better if there was some configuration setting read from a file I
> > guess, but alas.
> > On PTXdist now (with the default, shipped /etc/passwd), a user logging in
> > as "root" via, say a serial console getty, will have a different $HOME
> > than a systemd service started with User=root. This is bad, and can
> > potentially do funny things people will not like.
> > To solve the problem, there are really only two options AFAICS:
> > 
> > 1.- Change PTXdist and all places in it that assume the $HOME=/home for
> > root. No idea how many places that are, nor how many users already depend
> > on this historic assumption.
> > 
> > or
> > 
> > 2.- Patch systemd to adapt to the reality of PTXdist.
> > 
> > I agree that option 1 is probably better if PTXdist is more or less the
> > only place on earth left where $HOME != /root for uid=0. Historically on
> > Unix it used to be "/", but that is just way too ugly (guess where the
> > name "root" came from?).
> > 
> > Using a custom /etc/passwd is not an option, because the default PTXdist
> > stays broken this way.
> > 
> > Creating a /root dir is also broken, because like I explained above, the
> > root user will become schizophrenic when logging in and running services
> > from systemd alternately. Think about a user logging in, starting a tool
> > that writes a config files to ~/.bla, and then configuring the same tool
> > to run as a system service. I would (did!) get slightly mad when finding
> > the tool to run with a totally different configuration in the latter case.
> >   
> >> Guillermo
> >> 
> >> 2016-07-26 14:09 GMT+02:00 David Jander <david.jander@protonic.nl>:
> >>   
> >>> 
> >>> Dear Michael,
> >>> 
> >>> I have prepared a patch against ptxdist git for the package systemd-230.
> >>> I would like to know the right way to proceed to submit this patch, since
> >>> I am
> >>> not a ptxdist developer and am not familiar with how tools like
> >>> git-ptxdist-patch are supposed to be used (to generate the correct series
> >>> file
> >>> in this case).
> >>> 
> >>> The patch is really trivial and I don't know if it deserves so much work
> >>> (I suspect that I have to clone the git repository of systemd first and
> >>> apply all
> >>> patches there, right?).
> >>> 
> >>> What I am trying to fix here is the notion that systemd has about what
> >>> the $HOME directory of the user 'root' (uid=0) should be. As it seems, in
> >>> systemd
> >>> this is hardcoded to be "/root", while ptxdist by default seems to insist
> >>> in
> >>> "/home" for some reason (according to shipped /etc/passwd). Here's the
> >>> gist of what the patch does:
> >>> 
> >>> --- systemd-230.orig/src/basic/user-util.c
> >>> +++ systemd-230/src/basic/user-util.c
> >>> @@ -123,7 +123,7 @@ int get_user_creds(
> >>>                         *gid = 0;
> >>> 
> >>>                 if (home)
> >>> -                        *home = "/root";
> >>> +                        *home = "/home";
> >>> 
> >>>                 if (shell)
> >>>                         *shell = "/bin/sh";
> >>> 
> >>> Without this patch, things like services that declare "User=root" get
> >>> screwed
> >>> up with the wrong home directory for example.
> >>> 
> >>> Thanks.
> >>> 
> >>> Best regards,
> >>> 
> >>> --
> >>> David Jander
> >>> Protonic Holland.
> >>> 
> >>> _______________________________________________
> >>> ptxdist mailing list
> >>> ptxdist@pengutronix.de    
> >> 
> >> 
> >> 
> >>   
> > 
> > Best regards,
> > 
> > -- 
> > David Jander
> > Protonic Holland.
> > tel.: +31 (0) 229 212928
> > fax.: +31 (0) 229 210930
> > Factorij 36 / 1689 AL Zwaag
> > 
> > _______________________________________________
> > ptxdist mailing list
> > ptxdist@pengutronix.de
> >   
> 
> 

Best regards,

-- 
David Jander
Protonic Holland.
tel.: +31 (0) 229 212928
fax.: +31 (0) 229 210930
Factorij 36 / 1689 AL Zwaag

_______________________________________________
ptxdist mailing list
ptxdist@pengutronix.de