Closed yuvipanda closed 3 months ago
My suggestion is that we mount all users' home directories at something like ~/shared/admin/homes for admins, and then admins can do the renaming themselves. This shouldn't be on by default, since an accidental rm -rf . on an admin's home directory will wipe out everyone's work
So the workflow would be something like:
Some questions:
~/shared/admin/homes
or do we move them back to /export/homes/
? Do we still want/need to give admin access to the user's home dirs?username
-> new-username
map and do the renaming ourselves? (I have no idea if this is something that can be done automatically)Hey @GeorgianaElena! This looks good. One thing to think of is that admins might need to change user names incrementally, rather than in one go. If you are switching from Google to GitHub, admins might not know all the GitHub usernames immediately.
So I think we should just mount all user homes to something like ~/shared-readwrite/user-homes
, so they can rename as they need whenever they want. So then the sequence becomes:
~/shared-readwrite/user-homes
for all adminsThis also enables a few other use cases:
How does that sound?
It sounds really good. I do have one other question though.
Mount user home directory under ~/shared-readwrite/user-homes for all admins
This should be optional (for the hubs that want a different auth method) or should we do this for all hubs? Or maybe better, make this be an option for the hubs that want to have admin access to user's home dirs, regardless if they want or not to rename it afterwards?
@GeorgianaElena that actually sounds good. We have 2i2c-org/features#4 that talks about different 'kinds' of shared folders, and this could be one.
So to begin with, we can enable it just for a hub that wants it, and turn it off after. Can you try turning it on for staging?
Background
When a hub switches authentication methods, the users' get a new name. For example, with GitHub my username is
yuvipanda
while with Google it might beyuvipanda@gmail.com
. Most of our infrastructure doesn't care about usernames, except home directories. So while my home directory with GitHub might be at/export/homes/yuvipanda
, with Google it might be/export/homes/yuvipanda@gmail.com
. So we need to support renaming users when authentication methods change.User stories
As a hub administrator, I want to be able to rename user home directories, so that if we change authentication for our hub, the users will be able to keep their old home directories.
This is a somewhat rare occasion, so we don't need to over-do it. This should also be as self-serve as possible.
Implementation
My suggestion is that we mount all users' home directories at something like
~/shared/admin/homes
for admins, and then admins can do the renaming themselves. This shouldn't be on by default, since an accidentalrm -rf .
on an admin's home directory will wipe out everyone's workTo Do