Allow admins to rename user home directories

[yuvipanda]

Background

When a hub switches authentication methods, the users' get a new name. For example, with GitHub my username is yuvipanda while with Google it might be yuvipanda@gmail.com. Most of our infrastructure doesn't care about usernames, except home directories. So while my home directory with GitHub might be at /export/homes/yuvipanda, with Google it might be /export/homes/yuvipanda@gmail.com. So we need to support renaming users when authentication methods change.

User stories

As a hub administrator, I want to be able to rename user home directories, so that if we change authentication for our hub, the users will be able to keep their old home directories.

This is a somewhat rare occasion, so we don't need to over-do it. This should also be as self-serve as possible.

Implementation

My suggestion is that we mount all users' home directories at something like ~/shared/admin/homes for admins, and then admins can do the renaming themselves. This shouldn't be on by default, since an accidental rm -rf . on an admin's home directory will wipe out everyone's work

To Do

• [ ] Agree upon naming conventions for shared folders (https://github.com/2i2c-org/pilot-hubs/issues/262)
• [ ] Implementation of this feature in a PR (https://github.com/2i2c-org/pilot-hubs/pull/300)

[GeorgianaElena]

My suggestion is that we mount all users' home directories at something like ~/shared/admin/homes for admins, and then admins can do the renaming themselves. This shouldn't be on by default, since an accidental rm -rf . on an admin's home directory will wipe out everyone's work

So the workflow would be something like:

• hub admin decides to switch auth methods
• we switch auth methods for that hub
• we "move" user's home dirs to the new location own by the admins
• admins rename the home dirs

Some questions:

• After the renaming process finishes, do we leave this hub with the users home dirs at ~/shared/admin/homes or do we move them back to /export/homes/? Do we still want/need to give admin access to the user's home dirs?
• If we do decide to mount them back, wouldn't be easier for us to have something like a username -> new-username map and do the renaming ourselves? (I have no idea if this is something that can be done automatically)
• What if a user logins with using the new auth method before the admin had the chance to rename their home dir?

[yuvipanda]

Hey @GeorgianaElena! This looks good. One thing to think of is that admins might need to change user names incrementally, rather than in one go. If you are switching from Google to GitHub, admins might not know all the GitHub usernames immediately.

So I think we should just mount all user homes to something like ~/shared-readwrite/user-homes, so they can rename as they need whenever they want. So then the sequence becomes:

1. Mount user home directory under ~/shared-readwrite/user-homes for all admins
2. When auth methods are switched, do the switch + do renames for admins
3. After that, admins have to do renames for their users.

This also enables a few other use cases:

1. Admins can poke around users' home directories to help with other things as well.
2. We can switch auth methods multiple times, and admins can self-serve name changes.

How does that sound?

[GeorgianaElena]

It sounds really good. I do have one other question though.

Mount user home directory under ~/shared-readwrite/user-homes for all admins

This should be optional (for the hubs that want a different auth method) or should we do this for all hubs? Or maybe better, make this be an option for the hubs that want to have admin access to user's home dirs, regardless if they want or not to rename it afterwards?

[yuvipanda]

@GeorgianaElena that actually sounds good. We have 2i2c-org/features#4 that talks about different 'kinds' of shared folders, and this could be one.

So to begin with, we can enable it just for a hub that wants it, and turn it off after. Can you try turning it on for staging?