When installing acct-user/root, the login shell of the root user is reset to /bin/bash, overriding the system administrator's choice of a login shell.
That's the default behavior provided by the eclass. It may be overridden. # @ECLASS-VARIABLE: ACCT_USER_NO_MODIFY # @DEFAULT_UNSET # @DESCRIPTION: # If set to a non-null value, the eclass will not make any changes # to an already existing user. : ${ACCT_USER_NO_MODIFY:=} This variable was introduced to allow users to disable the eclass behavior. It could be set in an ebuild to override it. However, I don't see a reason to treat the root user specially in this case.
Why do we need packages for acct-user/root and acct-group/root in the first place? What problem does it solve? The difference between the root user and any random user created by a package is that root is regularly used for interactive login, so it should be fully under control for the system manager. The package manager should neither change its password, shell, nor GECOS information.
(In reply to Ulrich Müller from comment #2) > Why do we need packages for acct-user/root and acct-group/root in the first > place? What problem does it solve? It's mainly there for the sysusers.d file. This allows systemd-sysusers to generate /etc/passwd and /etc/group when building a chroot or container environment, or when /etc is non-persistent. > The difference between the root user and any random user created by a > package is that root is regularly used for interactive login, so it should > be fully under control for the system manager. The package manager should > neither change its password, shell, nor GECOS information. The root user is also a system account that is used to run services. It makes some sense that we should ensure that it has a sane shell and home directory. However, given that the main purpose is the sysusers.d file, I guess it would not hurt to set ACCT_USER_NO_MODIFY.
(In reply to Mike Gilbert from comment #3) > However, given that the main purpose is the sysusers.d file, I guess it > would not hurt to set ACCT_USER_NO_MODIFY. Sounds good.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7bdbc2e00e7f475f36d69eb13a523398800b569c commit 7bdbc2e00e7f475f36d69eb13a523398800b569c Author: Mike Gilbert <floppym@gentoo.org> AuthorDate: 2021-12-01 20:30:45 +0000 Commit: Mike Gilbert <floppym@gentoo.org> CommitDate: 2021-12-01 20:30:45 +0000 acct-user/root: set ACCT_USER_NO_MODIFY Closes: https://bugs.gentoo.org/827813 Signed-off-by: Mike Gilbert <floppym@gentoo.org> acct-user/root/root-0-r1.ebuild | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
