Bug#902612: Packages should not touch users' home directories
On Thu, 2018-06-28 at 10:23:17 -0300, David Bremner wrote:
> Sean Whitton <spwhitton@spwhitton.name> writes:
> >> OK. Something like this?
> >>
> >> Packages must not contain files in /home, and packages' maintainer
> >> scripts must not write to users' home directories. The programs in
> >> those packages may create directory hierarchies as described in
> >> §3.8.3 "Home Directory Specifications and Conventions" when run by
> >> a user.
> >>
> >> I'm not so sure whether this belongs in the FHS section?
> >
> > Indeed. I thought that the requirement that packages don't contain
> > files in /home was in Policy already, but it seems that it is not.
> >
>
> > So filing as a separate bug.
> >
> >> I think it's a point about how our packages are required to behave,
> >> rather than about the directories that can exist and their
> >> purposes. The directory hierarchies are still the same, regardless of
> >> how they're created.
> >
> > The wording of FHS is not about directories that can exist -- it says
> > that distributions "can create" or "may create" the dirs. That's what
> > we want to forbid.
>
> By the way there are packages (gitolite3 is the one I know) that create
> user home directories in /var for some package dedicated user. I'm not
> sure how to distinguish cleanly between that case and the human users
> case. I guess having a home directory in /home is a reasonable proxy for being human.
I think the distinction you are looking for is system users, as the
ones requested in the gitolite3 case with «adduser --system …».
Thanks,
Guillem
Reply to: