Launching OnDemand when home directory does not exist


#1

Some sites have the home directory auto-create on first ssh login, for example via pam_mkhomedir.so. This introduces a problem if users first access the system through OnDemand, which expects the existence of a user’s home directory.

How can we configure OnDemand to handle this edge case?


#2

I’m going to try this experiment:

  1. Add to an install /etc/ood/profile that sets $HOME to a temporary directory i.e. export $EVENTUAL_HOME=$HOME; export HOME=$(mktemp -d) if home directory doesn’t exist
  2. Add an /etc/ood/config/announcements.d/announcement.yml with erb:
    1. only show the announcement if if ENV['EVENTUAL_HOME'] && (ENV['HOME'] != ENV['EVENTUAL_HOME'])
    2. Explain the problem that your home directory needs created with a link to launch the shell app, if ! File.directory?(ENV['EVENTUAL_HOME'])
  3. Explain the problem that your home directory is created but your OnDemand web server (PUN) needs restarted, with a link to restart web server, if File.directory?(ENV['EVENTUAL_HOME']). Alternatively just display all of these steps in the message.

The theory is that with $HOME set to a valid directory that the user owns, OnDemand will not crash, and the persistent warning/error message at the top of the dashboard will guide the user through the steps necessary to complete the setup process.


#3

That experiment failed. However, there appears to be another solution. A modification to nginx_stage/lib/nginx_stage/views/pun_config_view.rb and nginx_stage/templates/pun.conf.erb to show a warning page if the home directory was not found. Along with this diabeling the check for the existence of the home directory in nginx_stage/lib/nginx_stage/generator_helpers.rb.

The result is this workflow. When launching OnDemand with an account that does not have a home directory created, you would see this page:

  1. Access OnDemand with a user that has no home directory:

  2. Click Open Shell to create home directory which opens the shell app:

  3. Click Restart Web Server:

Since this is not a dynamic page like the “init app page”, we could look into generating a copy of this on the fly and storing it with the pun config, which could provide sites more control over customization.

I will share the code modifications required in a separate comment (or update this one).


#4

One problem with this solution is if users ever try to access OnDemand when the home directory file systems are unavailable they may see this error page!


#5

I think this is a very good solution from our perspective! If home directories are not available, all users will see that message and we’ll have a bigger problem both in OnDemand and with users logging directly in with SSH. I think this is a good work around.


#6

See PRs https://github.com/OSC/ondemand/pull/7 and https://github.com/OSC/ondemand/pull/8

If you want to modify your existing installation to have a solution, you can make these changes to /opt/ood/nginx_stage/ from one of these PRs.

The raw files for 7 are:

  1. https://raw.githubusercontent.com/OSC/ondemand/02fc2d273f171880b57ae2bee07ae0db83b946f3/nginx_stage/lib/nginx_stage/generator_helpers.rb
  2. https://raw.githubusercontent.com/OSC/ondemand/02fc2d273f171880b57ae2bee07ae0db83b946f3/nginx_stage/lib/nginx_stage/views/pun_config_view.rb
  3. https://raw.githubusercontent.com/OSC/ondemand/02fc2d273f171880b57ae2bee07ae0db83b946f3/nginx_stage/templates/pun.conf.erb

And then if you want the configurable option you would update two files with extra changes:

  1. https://raw.githubusercontent.com/OSC/ondemand/50eed7aa1da4187c79f2a3dbceb75800cf4453bc/nginx_stage/lib/nginx_stage.rb
  2. https://raw.githubusercontent.com/OSC/ondemand/50eed7aa1da4187c79f2a3dbceb75800cf4453bc/nginx_stage/lib/nginx_stage/views/pun_config_view.rb

As for the merging of these into the production version for 1.4, I need to let this sit for a while, and revisit after updating OnDemand to Passenger 5. I’m not sure if this is the optimal solution.