debian: don't create home directories for every user - exchange - Base system with REST service to issue digital coins, run by the payment service provider

commit e592ef40578d57797e5df9a81be9f742bb0b3511
parent ce4daddca0ef0b455ed6a09fc9e4478f41d72914
Author: Florian Dold <florian@dold.me>
Date:   Thu, 29 Jul 2021 20:55:04 +0200

debian: don't create home directories for every user

Diffstat:
M debian/taler-exchange-offline.postinst  | 6 ++++--
M debian/taler-exchange.postinst  | 15 +++++++--------

2 files changed, 11 insertions(+), 10 deletions(-)
diff --git a/debian/taler-exchange-offline.postinst b/debian/taler-exchange-offline.postinst
@@ -1,9 +1,10 @@
+#!/bin/bash
 
 set -e
 
 . /usr/share/debconf/confmodule
 
-TALER_HOME="/var/lib/taler-exchange"
+TALER_HOME="/var/lib/taler"
 
 case "${1}" in
 configure)
@@ -15,7 +16,8 @@ configure)
   if ! getent passwd taler-exchange-offline >/dev/null; then
     adduser --quiet --system \
       --ingroup taler-exchange-offline \
-      --home ${TALER_HOME}/offline taler-exchange-offline
+      --no-create-home \
+      --home ${TALER_HOME} taler-exchange-offline
   fi
 
   ;;
diff --git a/debian/taler-exchange.postinst b/debian/taler-exchange.postinst
@@ -4,8 +4,7 @@ set -e
 
 . /usr/share/debconf/confmodule
 
-TALER_HOME="/var/lib/taler-exchange"
-CONFIG_FILE="/etc/default/taler-exchange"
+TALER_HOME="/var/lib/taler"
 _GROUPNAME=taler-exchange-secmod
 _DBGROUPNAME=taler-exchange-db
 _EUSERNAME=taler-exchange-httpd
@@ -28,25 +27,25 @@ configure)
 
   # Create taler users if needed
   if ! getent passwd ${_EUSERNAME} >/dev/null; then
-    adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/httpd ${_EUSERNAME}
+    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_EUSERNAME}
     adduser --quiet ${_EUSERNAME} ${_DBGROUPNAME}
   fi
   if ! getent passwd ${_RSECUSERNAME} >/dev/null; then
-    adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/secmod-rsa ${_RSECUSERNAME}
+    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_RSECUSERNAME}
   fi
   if ! getent passwd ${_ESECUSERNAME} >/dev/null; then
-    adduser --quiet --system --ingroup ${_GROUPNAME} --home ${TALER_HOME}/secmod-eddsa ${_ESECUSERNAME}
+    adduser --quiet --system --no-create-home --ingroup ${_GROUPNAME} --home ${TALER_HOME} ${_ESECUSERNAME}
   fi
   if ! getent passwd ${_WIREUSERNAME} >/dev/null; then
-    adduser --quiet --system --home ${TALER_HOME}/wire ${_WIREUSERNAME}
+    adduser --quiet --system --no-create-home --home ${TALER_HOME} ${_WIREUSERNAME}
     adduser --quiet ${_WIREUSERNAME} ${_DBGROUPNAME}
   fi
   if ! getent passwd ${_CLOSERUSERNAME} >/dev/null; then
-    adduser --quiet --system --home ${TALER_HOME}/closer ${_CLOSERUSERNAME}
+    adduser --quiet --system --no-create-home --home ${TALER_HOME} ${_CLOSERUSERNAME}
     adduser --quiet ${_CLOSERUSERNAME} ${_DBGROUPNAME}
   fi
   if ! getent passwd ${_AGGRUSERNAME} >/dev/null; then
-    adduser --quiet --system --home ${TALER_HOME}/aggregator ${_AGGRUSERNAME}
+    adduser --quiet --system --no-create-home --home ${TALER_HOME} ${_AGGRUSERNAME}
     adduser --quiet ${_AGGRUSERNAME} ${_DBGROUPNAME}
   fi

	exchange Base system with REST service to issue digital coins, run by the payment service provider
	Log \| Files \| Refs \| Submodules \| README \| LICENSE

M	debian/taler-exchange-offline.postinst	\|	6	++++--
M	debian/taler-exchange.postinst	\|	15	+++++++--------