Don't set ATHENA_USER=$USER if user isn't in nss-nonlocal-users

[broder]

It seems a bit presumptuous to assume both that someone is an Athena user, and that their username is the same as their Kerberos principal.

For example, setting ATHENA_USER=root is obviously wrong. In fact, I'm pretty sure that the only time we can guess someone's Athena username conclusively is if they're in nss-nonlocal-users, so I think we should only set ATHENA_USER=$USER when they are.

I don't think this should have any effect on functionality, since we should fall back on $USER everywhere we check $ATHENA_USER, but we should be sure of that before we make this change.

It's possible that this could exacerbate situations like #413 that we wouldn't have noticed before, so we should be on the lookout for those.

[geofft]

I don't see any reason that we shouldn't do this other than that it's "presumptuous". On the other hand, I do see a couple reasons that we should; consider cases like alpine-config before resolving #413 where we only looked for $ATHENA_USER. My laptop's local user is very intentionally named geofft so that I can use Athena services more transparently (apart from Debathena stuff, it's nice for my username for ssh etc. to default to my Athena one), and if I were not a Debathena developer I would probably not know about $ATHENA_USER. If it doesn't "have any effect on functionality" in the common case to not have $ATHENA_USER, it doesn't have an effect in the common case to have it, either, but in the uncommon case it seems more likely to be helpful than not.

For example, setting ATHENA_USER=root is obviously wrong.

So? It's philosophically wrong, but other than that is it a bug?

I could see a stronger argument for not setting $ATHENA_USER if we resolve #276 and finally firmly sever local users from the Athena user account system, and have an explicit category for local users who are supposed to match Athena users. Until then, for the same reasons that we haven't resolved #276 the brutal way yet, it's less confusing to assume that all local users match Athena users than that none of them do.

[andersk]

So? It's philosophically wrong, but other than that is it a bug?

It leads to wrong assumptions about what $ATHENA_USER can be used for. For example, debathena-printing-config sends printing zephyrs to $ATHENA_USER if it is set.

There are times we really do need to distinguish between “this local user geofft might be geofft@…, so you might as well try to log in to Athena services as that” and “we know this local user geofft is geofft@…, so you should spam that with zephyrs”. This should be the distinction between ${ATHENA_USER:-$USER} and $ATHENA_USER. But if we always set $ATHENA_USER there is no such distinction.