On 3/9/22 14:00, Marc Haber wrote:
On Tue, 8 Mar 2022 17:02:06 -0600, Richard Laager <rlaager@debian.org> wrote:On 3/8/22 10:49, Marc Haber wrote:
(1a) would it be necessary to handle --system accounts differently? I think yes. > (1b) should we stay with 0755 for --system accounts?I don't see why system accounts need to be different.avahi-daemon has /var/run/avahi-daemon as its home directory and places its socket there. I'd guess that having this directory not accessible for the world will kind of influence the usability of the daemon. We have many packages that are configured like that. dnsmask even has /var/lib/misc as home, which is not even owned by the account, so setting that one to 0750 would probably be even more destructive.
Having thought about this some more:If the admin can change the default DIR_MODE that applies to system user home directories, then any postinst script doing `adduser --system` needs to also explicitly chmod its home directory if it needs anything more permissive than 700 or more restrictive than 755. This is true today and remains true whether or not the default DIR_MODE is changed.
How would chown handle the dot case intelligently?
Something along the lines of see if the user exists.If I was to take a stab at an implementation (Python-ish pseudocode here; yes I know chown is C):
group = None
if ':' in arg:
(user, group) = arg.split(':')
elif '.' in arg:
# This could be:
# user.group
# us.er.group
# user.gr.oup
# us.er.gr.oup
# Or user and/or group could have multiple dots.
# Idea A) Exactly one dot can mean either user.group or us.er
arg_split = arg.split(',', 2)
if len(arg_split) == 3:
# There was more than one dot.
user = arg
else:
# Split on dot.
(user, group) = arg.split('.')
if not getent(user):
# Treat the whole thing as a username.
user = arg
group = None
# Idea B) Loop over each possible split and see if any work.
# Exercise for reader.
else:
user = arg
--
Richard
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature