Re: how to forbid debhelper to modify /home ?

To: debian-user@lists.debian.org
Subject: Re: how to forbid debhelper to modify /home ?
From: Roberto C. Sánchez <roberto@debian.org>
Date: Fri, 3 Sep 2021 08:39:09 -0400
Message-id: <[🔎] 20210903123909.GI19926@connexer.com>
Mail-followup-to: Roberto C. Sánchez <roberto@debian.org>, debian-user@lists.debian.org
In-reply-to: <YTIWFa1tH/4psE1P@wooledge.org>
References: <[🔎] e167fdde-55bd-5bfa-8c94-2fea12683671@aixigo.com> <[🔎] 20210903115744.GG19926@connexer.com> <YTIPC14A3t/t/tUd@wooledge.org> <[🔎] 20210903122307.GH19926@connexer.com> <YTIWFa1tH/4psE1P@wooledge.org>

On Fri, Sep 03, 2021 at 08:33:25AM -0400, Greg Wooledge wrote:
> On Fri, Sep 03, 2021 at 08:23:07AM -0400, Roberto C. Sánchez wrote:
> > On Fri, Sep 03, 2021 at 08:03:23AM -0400, Greg Wooledge wrote:
> > > Out of curiosity, I checked my system to see if there were any system
> > > users with home directories under /home.  The only one I found is "ntp".
> 
> > How old is your system?  I just checked a machine that I initially as a
> > Woody (3.0) system in 2001 and there is no ntp user directory under
> > /home.
> 
> Well, you probably didn't install the ntp pacakge. ;-)
> 
> I *think* this system was installed as stretch, so I downloaded a stretch
> package of ntp:
> 
> unicorn:~/tmp/x$ dpkg-deb -R ../ntp_4.2.8p10+dfsg-3+deb9u2_amd64.deb .
> unicorn:~/tmp/x$ grep adduser DEBIAN/postinst 
> 	adduser --system --quiet --ingroup ntp --no-create-home ntp
> 
> I'm not 100% sure, but I think that creates a user with a home directory
> under /home, even though it doesn't actually create that directory.
> 
> I also just fired up a fresh wheezy chroot and the ntp postinst
> > has this:
> > 
> > adduser --system --quiet --ingroup ntp --no-create-home ntp
> > 
> > Did you perhaps modify your ntp config at a time when you might have
> > been limited on space under /var?
> 
> ... uh, I don't think so?
> 
> Let's test this sucker and find out:
> 
> unicorn:~/tmp/x$ sudo adduser --system --quiet --ingroup ntp --no-create-home zzntp
> unicorn:~/tmp/x$ grep zzntp /etc/passwd 
> zzntp:x:115:112::/home/zzntp:/usr/sbin/nologin
> 
> As I guessed.  That's what it did.

Quite right.  That explains the motivation a few years ago to begin
explicitly specifying the home directory as /nonexistent for system
users not meant to have an actual home directory.

So, the existence of /home/ntp on the OP's system, or any system
installed from a Debian release prior to the last 4-ish years, could be
attributed to some process or series of actions that decides, "hey, this
ntp user's home directory is missing, I should create it".  Whether
those actions be manual or the result of some script or service, that
seems the most likely way for that directory to appear on a system.

Regards,

-Roberto

-- 
Roberto C. Sánchez

Reply to:

Follow-Ups:
- Re: how to forbid debhelper to modify /home ?
  - From: Greg Wooledge <greg@wooledge.org>

References:
- how to forbid debhelper to modify /home ?
  - From: Harald Dunkel <harald.dunkel@aixigo.com>
- Re: how to forbid debhelper to modify /home ?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: how to forbid debhelper to modify /home ?
  - From: Greg Wooledge <greg@wooledge.org>
- Re: how to forbid debhelper to modify /home ?
  - From: Roberto C. Sánchez <roberto@debian.org>
- Re: how to forbid debhelper to modify /home ?
  - From: Greg Wooledge <greg@wooledge.org>

Prev by Date: Re: how to forbid debhelper to modify /home ?
Next by Date: Re: how to forbid debhelper to modify /home ?
Previous by thread: Re: how to forbid debhelper to modify /home ?
Next by thread: Re: how to forbid debhelper to modify /home ?
Index(es):
- Date
- Thread