[bug] Remove jovyan user from Jupyter Dockerfile

[magsol]

Describe the bug

QHub uses actual usernames instead of the conventional jovyan user, but that user still exists in the base Jupyterlab Dockerfile and has its own home directory in addition to the actual username: https://github.com/Quansight/qhub/blob/main/qhub/template/image/Dockerfile.jupyterlab#L11

This results in some unexpected behavior when running basic commands:

• creation of ssh keys appear exclusively in /home/jovyan folder, irrespective of user
• other commands e.g. ls hit the /home/{username} folder instead

Expected behaviour

Any and all commands should be run inside the user's /home/{username} folder, and /home/jovyan should not exist.

[magsol]

Alternative: have all users just be jovyan with their own UIDs. This would be a reversion to older behavior.

[viniciusdc]

@costrouc @danlester about this, haven't we moved to keycloak for managing user files, and then we used the username as an alias in the terminal? As result, everyone would be jovyan with the same uids and different aliases...

What should we do regarding cases as follow?

/home/jovyan and /home/user both exist at the same time. Creating ssh keys goes to the jovyan folder while ls etc hits the
user folder.

[costrouc]

We can remove jovyan from the Dockerfile and still keep the home at /home/jovyan if we want. Removing jovyan from the image will simplify the dockerfile build.

My thoughts where I'd eventually like this to go. I want this to "feel" like the user is on a genuine linux system.

We run each user as a unique uid, with proper primary gid, and secondary group ids, along with a home directory in the expected location that matches their username. This is the expected "linux" behavior. We have the tooling the QHub to achieve this now (except for populating /etc/group). This brings a lot of benefits to security and redhat has some articles on this. Right now we run all users as the same uid.

My take on why /home/joyvan became a convention is due to jupyterhub not having the tooling to support dynamic users with different uids/gids.

[costrouc]

The main issue right now is that there are two home folders /home/jovyan and /home/<username> that exist at the moment. We only need one. By removing /home/jovyan we will only have one. If we would prefer to keep jovyan then we could just set username to jovyan.

[dharhas]

having /home/<username> is nice but only if we can do it without causing problems.

[magsol]

We discussed this at our stand-up this morning and it sounds like it's a fairly straightforward fix to remove jovyan entirely. I believe @tylerpotts @iameskild are tasked with it, and @costrouc will review the resulting PR.

[costrouc]

Closes by PR #1089