bug-mcron
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2] base: Handle nonexistent user home directories.


From: Dale Mellor
Subject: Re: [PATCH v2] base: Handle nonexistent user home directories.
Date: Thu, 30 Dec 2021 04:18:55 +0000
User-agent: Evolution 3.38.3-1

On Mon, 2021-09-20 at 22:13 -0400, Maxim Cournoyer wrote:
> Hello Dale,
> 
> Dale Mellor <mcron-lsfnyl@rdmp.org> writes:
> 
> > On Tue, 2021-08-17 at 19:23 -0400, Maxim Cournoyer wrote:
> > > This is useful for running jobs as the "nobody" user, for
> > > example.
> > > 
> > > * src/mcron/base.scm (run-job): Catch the ENOENT (2, "No
> > > such
> > > file or
> > > directory") error when attempting to change directory to
> > > the
> > > user home
> > > directory.
> > > 
> > 
> > Hmmm, this smells a bit to me.  I'd be interested to hear
> > from Guix
> > developers their opinion on if there is really a case for
> > allowing the
> > nobody user to run cron jobs.  I would have thought that the
> > case
> > would be better handled by a dedicated user for the purpose.
> 
> My use case here was making some network enabled job (it's a
> job that
> updates my dynamic IP address with some dyndns service by
> issuing an
> HTTP get) a bit more secure (ensuring the process wouldn't have
> read-access to the whole of my $HOME directory) by not running
> it as my
> own user.
> 
> Creating a dedicated user for it would probably be the
> best/safest
> approach, but using the nobody user seemed like a positive
> change
> already for zero extra complication (creating a new user).  Was
> it
> misguided?  Too lazy?  :-)

   That sounds like a reasonable use case to me.

> > There is also the problem that mcron scripts may become
> > unstable: if
> > one relies on "/" being the working directory, and suddenly a
> > real
> > home directory appears, the script will cease to function.
> 
> It's true that it introduces a special case; but it seems to me
> that the
> nobody user *is* special hence it is reasonable; it shall be
> documented
> though.

   Fair enough.

> > If it is really desired, I think an explicit test for the
> > nobody user
> > needs to go into the patch, but I really think that failure
> > with a
> > system error is the most appropriate action here.
> 
> I don't mind to write one after we decide if it makes sense or
> not :-).

   I think that we shall do well to keep it simple.  If you need
to scratch an itch you can follow the patch with another one to
add the test.


   This all looks good; I've pushed your patch into the project
repository, followed with a little cosmetic fiddly-diddly to make
things slightly more consistent and a bit shorter.  I've left the
new behaviour undocumented as I think it will silently 'just
work'; again feel free to submit a follow-up patch if this
tickles you.

Best,
Dale





reply via email to

[Prev in Thread] Current Thread [Next in Thread]