FS#31424 - [git] User git has home set to / - deleting in e.g. Gnome 3 leads to deletion of /

Attached to Project: Arch Linux
Opened by Jonathan S. (js) - Wednesday, 05 September 2012, 16:58 GMT
Last edited by Jan Alexander Steffens (heftig) - Friday, 28 September 2012, 15:18 GMT
Task Type Bug Report
Category Packages: Extra
Status Closed
Assigned To Dan McGee (toofishes)
Architecture All
Severity Critical
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 1
Private No

Details

The git user added by the git package has its home set to /. This leads to catastrophic behaviour when deleting this unnecessary user in e.g. the Gnome 3 user management and choosing "Delete files" (as the git home shouldn't have files anyway). It just started deleting /, already deleted all files and left an unusable system. IMHO this is not only one bug, but three:

* No user should ever have / as home, especially not one added by the system / pacman
* No tool that deletes a user should *EVER* even think about deleting /!!
* The git user should not even be shown in the Gnome 3 user management!

Please fix this immediately before more users lose *ALL* their files!
This task depends upon

Closed by  Jan Alexander Steffens (heftig)
Friday, 28 September 2012, 15:18 GMT
Reason for closing:  Fixed
Additional comments about closing:  accountsservice 0.6.25-1
Comment by Jonathan S. (js) - Wednesday, 05 September 2012, 17:03 GMT
Correction: It seems the system was left intact, at least pacman -Qqk has no complaints. So it seems that Gnome 3 decided / was not a valid home and just deleted the home of the current user instead.
Comment by Dave Reisner (falconindy) - Friday, 07 September 2012, 17:15 GMT
Seems like a bug in gnome. The git UID is well into the range that's considered system territory, and it shouldn't even be displayed. There's also no shortage of cases where a system user's $HOME is in root.
Comment by Matthias Dienstbier (fs4000) - Saturday, 08 September 2012, 14:54 GMT
The git user should have /sbin/nologin or /bin/false as login shell. Gnome will ignore users without valid shell.
Comment by Dan McGee (toofishes) - Saturday, 08 September 2012, 14:59 GMT
The user has to have a real shell because it executes commands. Gnome is broken; it should respect the system UID range, not base decisions on what shell is used.
Comment by Andrea Scarpino (BaSh) - Tuesday, 11 September 2012, 07:40 GMT
This looks like  FS#17157 , I guess the problem is with the gnome pam modules.
Comment by Matthias Dienstbier (fs4000) - Tuesday, 11 September 2012, 10:17 GMT
I have set /sbin/nologin as login shell for the git user and just did a quick test of the git server. As far as I can tell everything worked as expected. So why should that user have a login shell? Is someone supposed to login through this user? Every other daemon user works well without login shell, too.
Comment by Dan McGee (toofishes) - Tuesday, 11 September 2012, 15:44 GMT
You tested with systemd? And initscripts? Please report this to Gnome upstream; they should NOT be showing system users.
Comment by Artem Sheremet (dot) - Monday, 17 September 2012, 23:00 GMT
git user may want a login shell for the git-ssh protocol.
Comment by Matthias Dienstbier (fs4000) - Tuesday, 18 September 2012, 13:10 GMT
Wouldn't this require that the user has a password or a home where to put the public keys? Since this cannot work out of the box why should we set a login shell? And when this is real user where people can log in why should it then be hidden in the user accounts dialog?
Comment by Dave Reisner (falconindy) - Tuesday, 18 September 2012, 13:15 GMT
A login shell is a poor idea. There's a reason /usr/bin/git-shell exists.
Comment by Artem Sheremet (dot) - Tuesday, 18 September 2012, 13:16 GMT
well, mine was just an answer to 'why should that user have a login shell'. In no way I agree that '/' should be HOME, and I think it's up to Gnome developers policy whether to show or hide such users. Liking my own policies on my PC I just refrain from using DE, such as Gnome/KDE/XFCE/etc and fall back to the command line. At least it never tricks me.
Comment by Artem Sheremet (dot) - Tuesday, 18 September 2012, 13:23 GMT
Btw, is there anything wrong with /usr/bin/git-shell ? I've been using it for a long time as my git login shell for the git-ssh proto, am I introducing a security hole or something?
Comment by Thomas Bächler (brain0) - Friday, 28 September 2012, 14:43 GMT
Why is this bug marked as [git]? This is definitely a GNOME bug.

Loading...