Thanks Didier and Alex! This looks promising. I'm generally +1 on this,
especially that the shadow part of the feature doesn't have to be
blocked on zsys - if all works correctly that is.
For the zsys part, I assume that once we have that we'd like to pull in
zsys to main. Did you reach out to the MIR team and security team about
it already? I wouldn't want us to do a last minute push of zsys right
before release without proper review of all the bits and pieces.
All in all, I'm formally approving the shadow FFe and, with some fear,
the zsys FFe as well. Be sure to reach out to the MIR team as early as
possible. If zsys isn't main-ready before beta, well, I wouldn't want it
to be part of our official images.
** Changed in: shadow (Ubuntu)
Status: New => Triaged
** Changed in: zsys (Ubuntu)
Status: New => Triaged
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1842902
Title:
FFe: create zfs dataset for each user automatically
Status in shadow package in Ubuntu:
Triaged
Status in zsys package in Ubuntu:
Triaged
Bug description:
Part of the zsys spec is creating/associating one user dataset for
each HOME user.
As zsys is an official experimentation for 19.10, we would like to
include this feature in a safe way, and reachable for any tool
creating users (adduser, gnome-control-center, ubiquity…). Those are
using useradd under the scene.
For this, the proposed implementation:
- patch useradd trying to execute "zsys useradd create USER HOMEDIR". If zsys
isn't present or zsys returns a status code != 0 (which will be the case if the
running system isn't a zsys one: pure zfs or non zfs like / on ext4), it will
fallback to mkdir. Then the code does the usual chmod()
- patch usermod, trying as well to execute "zsys useradd rename-home OLDHOME
NEWHOME". Same failing reason (not a zsys system, not installed, OLDHOME isn't
a zsys handled datasets) and fallback to rename(). Then the code does the usual
chmod().
Tested with and without zsys installed, the code does what we expect.
I'm attaching the shadow (useradd/usermod) patches, as you can see it's very
minimal.
A new ZSYS release will be needed (https://github.com/ubuntu/zsys). As you
can see, there are quite some commits since the last release, but it's all
baked (as usual) by a huge suite of tests (in ZFS and machine layers) with
corner cases tested and such. I'm confident on that change.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1842902/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
