Steve Kemp's Blog Writings relating to Debian & Free Software

A transient home-directory?

Wednesday, 25 November 2015

For the past few years all my important work has been stored in git repositories. Thanks to the mr tool I have a single configuration file that allows me to pull/maintain a bunch of repositories with ease.

Having recently wiped & reinstalled a pair of desktop systems I'm now wondering if I can switch to using a totally transient home-directory.

The basic intention is that:

  • Every time I login "rm -rf $HOME/*" will be executed.

I see only three problems with this:

  • Every time I login I'll have to reclone my "dotfiles", passwords, bookmarks, etc.
  • Some programs will need their configuration updated, post-login.
  • SSH key management will be a pain.

My dotfiles contain my my bookmarks, passwords, etc. But they don't contain setup for GNOME, etc.

So there might be some configuration that will become annoying - For example I like "Ctrl-Alt-t" to open a new gnome-terminal command. That's configured on each new system I login to the first time.

My images/videos/books are all stored beneath /srv and not in my home directory - so the only thing I'll be losing is program configuration, caches, and similar.

Ideally I'd be using a smartcard for my SSH keys - but I don't have one - so for the moment I might just have to rsync them into place, but that's grossly bad.

I'll be interesting to see how well this works out, but I see a potential gain in portability and discipline at the very least.

| 10 comments.

 

Comments On This Entry

[gravitar] Sri

Submitted at 12:55:49 on 25 November 2015

I have been doing it for almost 8 years now, with a mix of svn, bzr, git, git-annex and a dozen of scripts being replaced by mr.

Total setup time a working $HOME in a new PC is about 2 minutes + 10 minutes of downloads.

The biggest problem? Applications that do not follow the XDG Base dir spec. They mix cache, data, state and configuration in the same file. Either you ignore those settings or you end up committing a lot of garbage every day. I filed so many bugs in the past years, most have been successfully received.

Private data is all encrypted and pushed to a private repo.

[gravitar] Joel

Submitted at 13:01:31 on 25 November 2015

You could pull down your stuff into $HOME/export and create symlinks in your $HOME to point to the real data. A bit more of a pain initially, but then you don't end up rm'ing your $HOME on every login and you get to keep ssh keys and other local configuration.

[gravitar] Joel

Submitted at 13:01:42 on 25 November 2015

You could pull down your stuff into $HOME/export and create symlinks in your $HOME to point to the real data. A bit more of a pain initially, but then you don't end up rm'ing your $HOME on every login and you get to keep ssh keys and other local configuration.

[gravitar] Joel

Submitted at 13:02:01 on 25 November 2015

You could pull down your stuff into $HOME/export and create symlinks in your $HOME to point to the real data. A bit more of a pain initially, but then you don't end up rm'ing your $HOME on every login and you get to keep ssh keys and other local configuration.

[gravitar] Íñigo

Submitted at 18:58:27 on 25 November 2015

Interesting topic.

You could also mv the home to some timestamped archive with retention. Or use linked copies... (note I just perceive you're not 100% happy doing the rm).

Did you ever evaluate to use a layered filesystem (like aufs)?

Best regards and good luck! Iñigo


[gravitar] cargill

Submitted at 19:19:11 on 25 November 2015

For authorized_keys, the right way would be to set up an AuthorizedKeysCommand grabbing them from LDAP or another source. Makes management of keys simpler as well. Or using x.509 certificates.

[gravitar] Íñigo

Submitted at 23:05:43 on 25 November 2015

@cargill even if managed authorized_keys, the new in Jessie AuthorizedKeysCommand and things like managed known_hosts .are really interesting topics, I think Steve is worrying here about the private keys mostly.

There is no PrivateKeyCommand. Still.

[gravitar] Steve Kemp

Submitted at 06:36:43 on 26 November 2015

Thanks for the interest! So far things are working well, but as I suspected the ~/.ssh directory, along with ~/.gnupg, are the main pain-points.

To ensure I have the bindings I want I've reverted back to using xbindkeys, and added that to my dotfiles setup - along with ~/.config/autostart/ to launch it on login.

I'm using ext4 on this system now, so there's no snapshots, frustratingly I used to use LVM so I had a separate /home directory which could have served as a snapshot-base, or been configured with btrfs. As thing stand though I can't do anything fancy.


[gravitar] Inkerman

Submitted at 08:30:20 on 26 November 2015

You may consider running something like

git pull --ff-only; git status -s

on login instead. This is slightly faster and, more importantly, you are informed of unexpected changes, instead of them being silently discarded.

[gravitar] valhalla

Submitted at 12:44:58 on 26 November 2015

You could add vcsh to the set of tools in use, and save the important dotfile bits with it.

I'm moving in a similar direction, and right now my procedure to recover my home is quite close to:

vcsh clone $MR_CONFIG mr mr checkout

The only obstacle to a complete solution is that:

a) I need my auth key to clone the repositories b) I now have my keys on a smartcard (the FSFE one), but that requires a specific gnupg configuration (which would arrive via mr)

One could keep an additional remote on something like an usb key (or maybe in your case locally in srv?) for the gnupg and ssh configuration, and pull it via vcsh before the rest.

 

Comments are closed on posts which are more than ten days old.

Spiral Logo

Search

Recent Posts

Recent Tags

Links

RSS Feed

  • Subscribe to feed