[opensuse-packaging] Spec file advice requested
Hi, I'd like some advice about how to set up this package. Please see a_jaeger's review in https://build.opensuse.org/request/show/151476 I can fix the sshd_config stuff but what to do about the home directory location? A little background: this package installs a 'fonehome' user who's sole purpose is to allow incoming SSH connections under that username. These connections do not have pty's or sessions, rather they exist only for port forwarding. Pubkey authentication is required. This means that a 'fonehome' user must exist and must have a ${HOME}/.ssh/authorized_keys file. I originally put the home directory under /usr/share but perhaps there is a better location. Regarding the read-only comment, there should not be any modifications to the home directory except when initializing the key. Thanks, -Archie -- Archie L. Cobbs -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org
On Tue, Feb 12, 2013 at 10:28:56AM -0600, Archie Cobbs wrote:
Hi,
I'd like some advice about how to set up this package. Please see a_jaeger's review in https://build.opensuse.org/request/show/151476
I can fix the sshd_config stuff but what to do about the home directory location?
A little background: this package installs a 'fonehome' user who's sole purpose is to allow incoming SSH connections under that username. These connections do not have pty's or sessions, rather they exist only for port forwarding. Pubkey authentication is required.
This means that a 'fonehome' user must exist and must have a ${HOME}/.ssh/authorized_keys file.
I originally put the home directory under /usr/share but perhaps there is a better location.
I'd say the best one is /var/lib/fonehome/ - so just call useradd ... -d /var/lib/fonehome fonehome in your %post. See osc less openSUSE:Factory ntp ntp.spec as an example. Regards Mchal Vyskocil
On Tue, Feb 12, 2013 at 11:00 AM, Michal Vyskocil <mvyskocil@suse.cz> wrote:
This means that a 'fonehome' user must exist and must have a ${HOME}/.ssh/authorized_keys file.
I originally put the home directory under /usr/share but perhaps there is a better location.
I'd say the best one is /var/lib/fonehome/ - so just call
useradd ... -d /var/lib/fonehome fonehome in your %post.
See osc less openSUSE:Factory ntp ntp.spec as an example.
Thanks for that example. I'll change to /var/lib/fonehome and resubmit with the other cleanups. -Archie -- Archie L. Cobbs -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org
participants (2)
-
Archie Cobbs
-
Michal Vyskocil