bug#19795: Allow for stateless users and groups in GuixSD

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#19795: Allow for stateless users and groups in GuixSD

From:	Mark H Weaver
Subject:	bug#19795: Allow for stateless users and groups in GuixSD
Date:	Sat, 07 Feb 2015 22:07:59 -0500
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.4 (gnu/linux)

Andreas Enge <address@hidden> writes:

> I agree, it is rather surprising that removing a user does not remove it.
> So I think it should be fully stateless (as long as the user's home
> directory is not erased, of course; so this should remain as a state and
> be reactivated once the user is available again, which could cause problems
> with user names vs. numbers).

If we do this, I think we should take steps to prevent users+groups from
being added, removed, group memberships changed, setting of passwords,
etc, outside of 'guix system reconfigure'.  I think that users will be
very unhappy with us if commands like 'passwd' and 'useradd' work as
expected, but are undone the next time they update their system.

My position is that we should support both stateful or stateless
operation for some aspects of our configuration.

For example, consider wireless network configuration.  Most casual users
want this to be stateful.  They will want to be able to use a nice GUI
applet to connect to a wireless network, and have the system remember
the authentication info and to connect to that network automatically in
the future, etc.  I don't want GuixSD to forget that information the
next time I update, or if I roll-back, etc.

However, for some applications it may be preferable to have the wireless
configuration completely stateless and specified in the OS config,
e.g. for a headless server that's connected via wireless.

I think it's the same way with users+groups.  For my personal system, I
might want to be able to add a user without updating its software at the
same time (which might involve a lot of downloading and/or compiling),
and I don't want the new user to be erased if I roll-back.

Even for many kinds of servers, I don't think it makes sense to tie the
users+groups to the system configuration.  Most of the time I don't want
that.  But for some other kinds of servers, I think I would want it.

So, I think we should support both modes.

My two cents...

     Mark

[Prev in Thread]

Current Thread

[Next in Thread]

bug#19795: Allow for stateless users and groups in GuixSD, Thompson, David, 2015/02/06
- bug#19795: Allow for stateless users and groups in GuixSD, Alex Sassmannshausen, 2015/02/06
- bug#19795: Allow for stateless users and groups in GuixSD, Andreas Enge, 2015/02/07
  - bug#19795: Allow for stateless users and groups in GuixSD, Mark H Weaver <=
    - bug#19795: Allow for stateless users and groups in GuixSD, Ludovic Courtès, 2015/02/08

Prev by Date: bug#19811: Attempt to graft texlive times out after one hour
Next by Date: bug#19811: Attempt to graft texlive times out after one hour
Previous by thread: bug#19795: Allow for stateless users and groups in GuixSD
Next by thread: bug#19795: Allow for stateless users and groups in GuixSD
Index(es):
- Date
- Thread