Page MenuHomeDevCentral

Ensure /home/username has correct permissions on ZFS servers
ClosedPublic

Authored by dereckson on Mar 22 2022, 18:00.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Dec 17, 05:38
Unknown Object (File)
Tue, Dec 17, 01:07
Unknown Object (File)
Sun, Dec 15, 17:07
Unknown Object (File)
Sun, Dec 15, 15:56
Unknown Object (File)
Sun, Dec 15, 13:16
Unknown Object (File)
Sun, Dec 15, 12:57
Unknown Object (File)
Wed, Dec 11, 08:36
Unknown Object (File)
Sun, Dec 8, 08:54
Subscribers
None

Details

Summary

If the user exists, but the home directory doesn't exist,
a tank/usr/home/luser ZFS volume is created, mounted at
/home/luser, but with root:root ownership.

This changes adds a step to set correctly home directory
permissions. This step will be ignored on non ZFS servers.

As a side-effect, on development servers, if the change runs
again, the permissions will be reset to 0700. This is coherent
with the policy project experiments should be created in /srv.

Test Plan
  • Delete an user and home directory
  • state.sls roles/core/users

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dereckson created this revision.
dereckson edited the summary of this revision. (Show Details)
This revision is now accepted and ready to land.Mar 22 2022, 18:02