Re: strawman proposal: homed directories for users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/4/24 11:05, Zbigniew Jędrzejewski-Szmek wrote:
Hi folks,

I was recently doing a bunch of test reinstalls of Fedora [1],
looking to see if it's complicated to retain the user directories
during a reinstall. The answer is, sadly, that it's possible only with
some manual tinkering. This is a known problem [2].

With a little bit of trickery, Anaconda will let the "home" subvolume
be and install the system to a new "root" subvolume, so user data is
preserved. But then after a reboot a new user will be created, because
the old user is not hooked up into /etc/passwd.

We actually have a partial solution for this: systemd-homed.
With systemd-homed the information about the user is maintained in the
user directory/subvolume/partition, e.g. /home/username.homedir.
After a reinstall, ideally nothing needs to be done and the user
account is ready to be used.

The primary purpose of systemd-homed is to use per-user encryption
using loopback devices. This still has various problem related to
resizing and suspend. Work is being done [see 3,4 for recent developments],
but it's not at a point where we can recommend it.
But systemd-homed has a mode where the user "home" is just a normal
directory or btrfs subvolume with some metadata stored in files [5].
Some work would be needed [6] to make this work smoothly, but it
doesn't seem like too much. (Mostly filing down some rough edges
in systemd-homed and adding pam_home_systemd and nss_systemd
in various authselect profiles.)

Thus the question: would this be something worth looking into?

[1] https://discussion.fedoraproject.org/t/feedback-anaconda-web-ui-partitioning/108995/65
[2] https://discussion.fedoraproject.org/t/its-difficult-to-reformat-a-btrfs-partition-subvolume-in-the-installer/89052
[3] https://cfp.all-systems-go.io/all-systems-go-2024/talk/FFY3BB/
[4] https://www.youtube.com/watch?v=3e3IhBBU0JY
[5] https://systemd.io/HOME_DIRECTORY/
[6] When I tested this today, this actually doesn't work.
     systemd-homed does a misguided check that break reinstalls.
     We'd need to figure out some solution here. Most likely just
     conditionalize that part of the code.

Zbyszek

The common use case for this is the Fedora laptop user which in nearly every case is going to have one local user account.

I have always split /home from the rest of the system and I know others do as well. I would rather see anaconda modified so that if I am creating a user account at install time, check for /home/USERNAME and if USERNAME matches and the UID and GID matches, just don't create the home directory. That is, -M on useradd(8).

--
David Cantrell <dcantrell@xxxxxxxxxx>
Red Hat, Inc. | Boston, MA | EST5EDT

--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux