Bug#902612: Packages should not touch users' home directories

[David Bremner <david@tethera.net>]

Sean Whitton <spwhitton@spwhitton.name> writes:

>> OK. Something like this?
>>
>>     Packages must not contain files in /home, and packages' maintainer
>>     scripts must not write to users' home directories. The programs in
>>     those packages may create directory hierarchies as described in
>>     §3.8.3 "Home Directory Specifications and Conventions" when run by
>>     a user.
>>
>> I'm not so sure whether this belongs in the FHS section?
>
> Indeed.  I thought that the requirement that packages don't contain
> files in /home was in Policy already, but it seems that it is not.
>

> So filing as a separate bug.
>
>> I think it's a point about how our packages are required to behave,
>> rather than about the directories that can exist and their
>> purposes. The directory hierarchies are still the same, regardless of
>> how they're created.
>
> The wording of FHS is not about directories that can exist -- it says
> that distributions "can create" or "may create" the dirs.  That's what
> we want to forbid.

By the way there are packages (gitolite3 is the one I know) that create
user home directories in /var for some package dedicated user. I'm not
sure how to distinguish cleanly between that case and the human users
case. I guess having a home directory in /home is a reasonable proxy for being human.

d