On Sat, 2024-10-05 at 07:36 +0000, Zbigniew Jędrzejewski-Szmek wrote: > On Fri, Oct 04, 2024 at 12:17:14PM -0400, David Cantrell wrote: > > The common use case for this is the Fedora laptop user which in nearly every > > case is going to have one local user account. > > > > I have always split /home from the rest of the system and I know others do > > as well. I would rather see anaconda modified so that if I am creating a > > user account at install time, check for /home/USERNAME and if USERNAME > > matches and the UID and GID matches, just don't create the home directory. > > That is, -M on useradd(8). > > Yeah, that's the other possible approach. But I think it's actually > quite complicated to make this work reliably. Traditional UNIX accounts > spread the information about the user over a bunch of files. Consistency > must be maintained, UIDs and GIDs on disk must match, etc. We _could_ > add the smarts to cover all that in Anaconda, but Anaconda developers > are trying to simplify it, not add new complicated code. > > OTOH, homed was created with the idea of self-contained "homes" from > the beginning, and systemd upstream is dedicating resources to make it > work. (E.g., currently, a full-time developer working on integration > of systemd-homed and GNOME on a grant from German STF.) > So I think it's much more maintainable to just make use of this and > let systemd upstream help with any bugs that we discover. > > The homed approach would make other things possible too. For example, > sharing of /home in dual-boot scenarios. Right now a manual setup > needs to be done, and login details need to be propagated each time, > but with homed, dual-boot and reinstall are very similar scenarios, > so if we get one to work, we get the other one for free. > > Zbyszek The homed approach can work only in cases where you basically have only one user and all the OSs use the same approach. I see a few issues with security that needs to be addressed. What happens if I plug a disk into a laptop that sports a "homed" directory, will the laptop suddenly allow a stranger to just login into the machine? What happens if there are conflicts of uid or gid ? Will it now allow this other user to access files and directories that should be reserved to other users? What happen if you want to change the user to be a corporate directory provided one? Can you configure autologin for those uses cases (like kiosks or a home entertainment system) where that makes sense to do ? Is this tied to a specific file system type? Changing a default like this is not something to do lightly IMHO. -- Simo Sorce Distinguished Engineer RHEL Crypto Team Red Hat, Inc -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue