[tor-bugs] #33733 [Internal Services/Tor Sysadmin Team]: How do home directories work?

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Mar 26 14:25:24 UTC 2020 

#33733: How do home directories work?
-------------------------------------------------+-------------------------
 Reporter:  irl                                  |          Owner:  tpa
     Type:  task                                 |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:  #33715                               |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by irl):

 How does the above puppet compare to the Onionoo setup in Puppet?

 Can we make that use the same "standardization" as the check stuff before
 we deploy the new backends (#32268) there?

 I think there may be a case not covered by it where we have the onionoo
 and onionoo-unpriv users, but they both share the same service directory.

 I am confused by the difference between the /home/$user and
 /srv/$service/home directories. For the exit scanner the home directory is
 linked into /srv/$service and not into /srv/$service/home but for Onionoo:

 {{{
 ssh onionoo-backend-01.torproject.org ls -l '/home/onionoo*'
 lrwxrwxrwx 1 root root 32 Sep  6  2019 /home/onionoo ->
 /srv/onionoo.torproject.org/home
 lrwxrwxrwx 1 root root 39 Sep  6  2019 /home/onionoo-unpriv ->
 /srv/onionoo.torproject.org/home-unpriv
 }}}

 Is the /home path only there to keep LDAP happy? Perhaps I need to add a
 key to users for the "real" home directory path as we can't guess it from
 some pattern, and then always link /home/$user to that specified path.

 Regarding where to look for documentation, I had no idea. I guess help.tpo
 would have been the place to look. For this though I don't so much need a
 list of steps that you take to do something, or examples of the Puppet
 usage, but more an understanding of the rationale and intention of doing
 it in this way so that I'm not making incorrect assumptions when I
 recreate it for the dev environments.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33733#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list