From Fedora Project Wiki

Revision as of 17:37, 18 January 2022 by Bcotton (talk | contribs) (Announcing the Change proposal)

Authselect: Move State Files to /etc

Summary

Authselect will move several files that are currently stored at /var/lib/authselect to /etc/authselect/.state. This does not affect configuration backup, that will be kept at /var/lib/authselect/backups.

The files that will be moved are:

  • /var/lib/authselect/dconf-db -> /etc/authselect/.state/dconf-db
  • /var/lib/authselect/dconf-locks /etc/authselect/.state/dconf-locks
  • /var/lib/authselect/fingerprint-auth /etc/authselect/.state/fingerprint-auth
  • /var/lib/authselect/nsswitch.conf /etc/authselect/.state/nsswitch.conf
  • /var/lib/authselect/password-auth /etc/authselect/.state/password-auth
  • /var/lib/authselect/postlogin /etc/authselect/.state/postlogin
  • /var/lib/authselect/smartcard-auth /etc/authselect/.state/smartcard-auth
  • /var/lib/authselect/system-auth /etc/authselect/.state/system-auth

Owner


Current status

  • Targeted release: Fedora Linux 36
  • Last updated: 2022-01-18
  • devel thread
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

These files are used by authselect to detect changes to the system nsswitch and PAM configurations when the configuration is updated with an updated profile using 'authselect apply-changes'. There are two reasons for the move:

1. The current location conflicts with ostree model where /var is not writable during rpm transaction and this currently blocks compose of ostree systems. BZ#2034360

2. Removing these files would reduce authselect functionality, user would need to run 'authselect select --force' to restore it. Since /var should contain only files that can be safely removed, /etc is a better place for them.

Feedback

This change is accepted by ostree system maintainers, see BZ#2034360.

Benefit to Fedora

This makes authselect more compatible with ostree model.

Scope

  • Proposal owners: Build authselect with --statedir=/etc/authselect/.state and move files from /var/lib/authselect to the new location. Spec file changes only.
  • Other developers: N/A (not needed for this Change)
  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives: N/A

Upgrade/compatibility impact

No impact. Files will be moved automatically during update and everything will keep working as prior.

How To Test

1. Authselect keeps working as expected after the upgrade

User Experience

This change is only under the hood, it does not affect user experience.

Dependencies

No dependencies.

Contingency Plan

  • Contingency mechanism: N/A (not a System Wide Change)
  • Contingency deadline: N/A (not a System Wide Change)
  • Blocks release? N/A (not a System Wide Change), Yes/No

Documentation

N/A (not a System Wide Change)

Release Notes

Authselect state files moved from /var/lib/authselect to /etc/authselect/.state.