On Wed, 9 Mar 2022 14:35:52 -0600, Richard Laager <rlaa...@debian.org> wrote: >If the admin can change the default DIR_MODE that applies to system user >home directories, then any postinst script doing `adduser --system` >needs to also explicitly chmod its home directory if it needs anything >more permissive than 700 or more restrictive than 755. This is true >today and remains true whether or not the default DIR_MODE is changed.
Anything that NEEDS to be written in postinst scripts is bad. I'd rather implement a SYSTEM_DIR_MODE setting that applies to directories created during creation of a --system user. Would that help with the issue? >> How would chown handle the dot case intelligently? > >Something along the lines of see if the user exists. Michael Stone has elaborated on that topic and told us how chown already behaves. Greetings Marc -- -------------------------------------- !! No courtesy copies, please !! ----- Marc Haber | " Questions are the | Mailadresse im Header Mannheim, Germany | Beginning of Wisdom " | Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
