Page MenuHomeDevCentral

Ensure /home/username has correct permissions on ZFS servers
ClosedPublic

Authored by dereckson on Mar 22 2022, 18:00.
Tags
None
Referenced Files
F3745277: D2623.diff
Fri, Nov 15, 13:39
F3744949: D2623.id6628.diff
Fri, Nov 15, 10:19
F3743689: D2623.id6628.diff
Thu, Nov 14, 23:11
Unknown Object (File)
Wed, Nov 13, 06:48
Unknown Object (File)
Wed, Nov 13, 02:16
Unknown Object (File)
Tue, Nov 12, 17:27
Unknown Object (File)
Tue, Nov 12, 16:43
Unknown Object (File)
Tue, Nov 12, 08:28
Subscribers
None

Details

Summary

If the user exists, but the home directory doesn't exist,
a tank/usr/home/luser ZFS volume is created, mounted at
/home/luser, but with root:root ownership.

This changes adds a step to set correctly home directory
permissions. This step will be ignored on non ZFS servers.

As a side-effect, on development servers, if the change runs
again, the permissions will be reset to 0700. This is coherent
with the policy project experiments should be created in /srv.

Test Plan
  • Delete an user and home directory
  • state.sls roles/core/users

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dereckson created this revision.
dereckson edited the summary of this revision. (Show Details)
This revision is now accepted and ready to land.Mar 22 2022, 18:02