Page MenuHomePhabricator
Create Task
Maniphest T419

no longer write to home folder directly; use /etc/skel
Closed, ResolvedPublic
Actions

Description

rationale:

TODO:

  • no longer have packages (maintainer scripts) directly write to /home
  • use /etc/skel instead
  • copy files from /etc/skel to /home/user at first boot

Related, separate ticket:
ship Tor Browser tarballs in Qubes TemplateVMs in /var/cache/tb-binary and extract in AppVMs at boot time to user's home folder (T417)

Details

Impact
Normal

Related Objects

Event Timeline

Patrick created this task.Oct 17 2015, 6:45 PM
Patrick raised the priority of this task from to Needs Triage.
Patrick updated the task description. (Show Details)
Patrick added projects: Whonix 13, anon-gpg-tweaks, xchat-improved-privacy, anon-mixmaster, whonix-base-files, anon-torchat, Qubes, whonix-initializer.
Patrick set Impact to Normal.
Patrick added subscribers: Patrick, marmarek, nrgaway, HulaHoop.
Herald added a project: Whonix. · View Herald TranscriptOct 17 2015, 6:45 PM
Herald added subscribers: WhonixQubes, troubadour. · View Herald Transcript
Patrick added a comment.Dec 3 2015, 11:11 PM
no longer write to home folder directly; use /etc/skel;

https://phabricator.whonix.org/T419

proper error handling in xchat-reset

https://github.com/Whonix/xchat-improved-privacy/commit/aadea76e21b3804c053338bc9449b6c7962a91dd

Patrick added a comment.Dec 3 2015, 11:33 PM
no longer write to home folder directly; use /etc/skel;

https://phabricator.whonix.org/T419

https://github.com/Whonix/anon-mixmaster/commit/29105ddaecd1280ca706a7dfd7a19a53acf3ccdf
https://github.com/Whonix/whonix-base-files/commit/c34f29f700eaf354e3bf1f64694b4bc89670b06c
https://github.com/Whonix/whonix-base-files/commit/1a5ef1f0a16a65d83fc128af41f768795d20aab9
https://github.com/Whonix/whonix-base-files/commit/b58518c8de3ded6e33eec574ccfb226c1d46d5e2
https://github.com/Whonix/anon-torchat/blob/master/etc/skel/.torchat/torchat.ini
https://github.com/Whonix/anon-gpg-tweaks/commit/2ace0c0768d7f44fae12df48ac4b29287349b993

Patrick triaged this task as Normal priority.Dec 3 2015, 11:43 PM
Patrick updated the task description. (Show Details)
Patrick added a comment.Dec 3 2015, 11:54 PM

chmod 700 /etc/skel/.gnupg in postinst to prevent gpg permission warning:
https://github.com/Whonix/anon-gpg-tweaks/commit/55b727974acf10ed76ed99c84fa560260d36e540

Patrick changed the task status from Open to Review.Dec 10 2015, 10:34 PM
populate /home/user from /etc/skel at first boot

https://phabricator.whonix.org/T419

https://github.com/Whonix/whonix-base-files/commit/4ee7f32ba8b7dcf87d9ae31d1ade8b00468520af

Patrick updated the task description. (Show Details)Dec 10 2015, 10:35 PM
Patrick mentioned this in T463: Qubes-Whonix-Workstation DispVM Support.Jan 7 2016, 12:41 AM
Patrick added a comment.Jan 7 2016, 11:40 PM
fix / code simplification

https://phabricator.whonix.org/T419

https://github.com/Whonix/whonix-base-files/commit/9d7da269be22114737317051c5f4c6bce6ca4253

separate done file for Qubes TemplateVMs to make this work with the
current home folder population for Qubes DispVMs.
https://github.com/QubesOS/qubes-core-agent-linux/blob/f380c346cf9af3f058b8ece853d7d4a5ece28815/misc/dispvm-prerun.sh#L6-L12

https://phabricator.whonix.org/T419
https://phabricator.whonix.org/T463

https://github.com/Whonix/whonix-base-files/commit/9ade708ed7288a1fec4a662b2bf062a8ebffc15c

Patrick added a comment.Jan 7 2016, 11:52 PM

do not needlessly copy .bashrc.whonix-orig from skel to home
https://github.com/Whonix/whonix-base-files/commit/63ed2423f4b6303af32d1daa8affb3e5006e6837

Patrick added a comment.Jan 7 2016, 11:55 PM

first-boot-skel: hide needless output of diff in the logs
https://github.com/Whonix/whonix-base-files/commit/d3d7da44e1e0ca1d8059c202abefce7e1181ce16

Patrick added a comment.Apr 21 2016, 11:42 PM

https://github.com/Whonix/whonix-base-files/commit/da56e3338e1eb802d956f0e55c6debd270cdfa3f
https://github.com/Whonix/whonix-base-files/commit/e87191e2ae8833cadad08d1949ab36198f9eb239
https://github.com/Whonix/qubes-whonix/commit/65fac1f6eb3fd0cfa1d5beb47b757ac4263a5537

Patrick changed the task status from Review to Open.Apr 26 2016, 10:01 PM

There is a problem with the script which runs as root - https://github.com/Whonix/whonix-base-files/blob/master/usr/lib/anon-base-files/first-boot-skel - with the following commands.

sudo -u "$user_name" cp --verbose --no-clobber --archive --parents --recursive "$fso_basename" "$home_dir"
sudo -u "$user_name" cp --verbose --no-clobber --archive "$fso_basename" "$home_dir"
sudo -u "$user_name" cp --verbose --archive "$skel_folder/.bashrc.whonix" "$home_dir/.bashrc"

sudo -u user is problematic. It's useful to not have files within /home/user being owned by root. But when using sudo -u user we cannot read files from folder /etc/skel/.gnupg, since these are owned by root. This could be solved by using cp as root and the fixing ownership using chown. It's not great since in corner cases (power loss; race conditions) the execution could stop after cp ending up with files owned by root in users's home.

Patrick changed the task status from Open to Review.Apr 26 2016, 11:20 PM

https://github.com/Whonix/whonix-base-files/commit/7dca3e197a2dce1fae27363eb412ee63f54e0b27

Patrick closed this task as Resolved.Apr 29 2016, 7:00 AM
Patrick claimed this task.
Whonix OLD Issue Tracker · PLEASE DO NOT POST NEW TICKETS HERE · OLD Issue Tracker - Unread Notifications · OLD Issue Tracker - Feed · OLD Issue Tracker - Open Issues · NEW Issue Tracker · Homepage · Blog · Forum · Legal · Imprint · Privacy Policy · Terms of Use · Disclaimer