FreeBSD Bugzilla – Attachment 169313 Details for
Bug 208800
extract user/group creation into an outside script
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch-v1
script-u-g.diff (text/plain), 10.12 KB, created by
Mathieu Arnold
on 2016-04-14 13:12:12 UTC
(
hide
)
Description:
patch-v1
Filename:
MIME Type:
Creator:
Mathieu Arnold
Created:
2016-04-14 13:12:12 UTC
Size:
10.12 KB
patch
obsolete
>diff --git a/Mk/Scripts/do-users-groups.sh b/Mk/Scripts/do-users-groups.sh >new file mode 100644 >index 0000000..c8833d0 >--- /dev/null >+++ b/Mk/Scripts/do-users-groups.sh >@@ -0,0 +1,179 @@ >+#!/bin/sh >+# $FreeBSD$ >+# >+# MAINTAINER: portmgr@FreeBSD.org >+ >+set -e >+ >+. "${dp_SCRIPTSDIR}/functions.sh" >+ >+validate_env dp_ECHO_MSG dp_GID_FILES dp_GID_OFFSET dp_GROUPS_BLACKLIST \ >+ dp_INSTALL dp_OPSYS dp_OSVERSION dp_PREFIX dp_PW dp_SCRIPTSDIR \ >+ dp_UG_DEINSTALL dp_UG_INSTALL dp_UID_FILES dp_UID_OFFSET \ >+ dp_USERS_BLACKLIST >+ >+set -u >+ >+USERS=$1 >+GROUPS=$2 >+ >+error() { >+ ${dp_ECHO_MSG} "${1}" >+ >+ exit 1 >+} >+ >+rm -f "${dp_UG_INSTALL}" "${dp_UG_DEINSTALL}" || : >+ >+# Before FreeBSD 10.2, PW did not have -R support. >+if [ "${dp_OPSYS}" = FreeBSD ] && [ "${dp_OSVERSION}" -ge 1002000 ]; then >+ cat >> "${dp_UG_INSTALL}" <<-eot >+ if [ -n "\${PKG_ROOTDIR}" ] && [ "\${PKG_ROOTDIR}" != "/" ]; then >+ PW="${dp_PW} -R \${PKG_ROOTDIR}" >+ else >+ PW=${dp_PW} >+ fi >+ eot >+else >+ echo "PW=${dp_PW}" >> "${dp_UG_INSTALL}" >+fi >+ >+# Both scripts need to start the same, so >+cp -f "${dp_UG_INSTALL}" "${dp_UG_DEINSTALL}" >+ >+if [ -n "${GROUPS}" ]; then >+ for file in ${dp_GID_FILES}; do >+ if [ ! -f "${file}" ]; then >+ error "** ${file} doesn't exist. Exiting." >+ fi >+ done >+ ${dp_ECHO_MSG} "===> Creating groups." >+ echo "echo \"===> Creating groups.\"" >> "${dp_UG_INSTALL}" >+ for group in ${GROUPS}; do >+ # _bgpd:*:130: >+ if ! grep -q "^${group}:" ${dp_GID_FILES}; then \ >+ error "** Cannot find any information about group \`${group}' in ${dp_GID_FILES}." >+ fi >+ o_IFS=${IFS} >+ IFS=":" >+ while read -r group _ gid _; do >+ if [ -z "${gid}" ]; then >+ error "Group line for group ${group} has no gid" >+ fi >+ gid=$((gid+dp_GID_OFFSET)) >+ cat >> "${dp_UG_INSTALL}" <<-eot2 >+ if ! \${PW} groupshow $group >/dev/null 2>&1; then >+ echo "Creating group '$group' with gid '$gid'." >+ \${PW} groupadd $group -g $gid >+ else >+ echo "Using existing group '$group'." >+ fi >+ eot2 >+ done <<-eot >+ $(grep -h "^${group}:" ${dp_GID_FILES} | head -n 1) >+ eot >+ IFS=${o_IFS} >+ done >+fi >+ >+if [ -n "${USERS}" ]; then >+ for file in ${dp_UID_FILES}; do >+ if [ ! -f "${file}" ]; then >+ error "** ${file} doesn't exist. Exiting." >+ fi >+ done >+ >+ ${dp_ECHO_MSG} "===> Creating users" >+ echo "echo \"===> Creating users\"" >> "${dp_UG_INSTALL}" >+ >+ for user in ${USERS}; do >+ # _bgpd:*:130:130:BGP Daemon:/var/empty:/sbin/nologin >+ if ! grep -q "^${user}:" ${dp_UID_FILES} ; then >+ error "** Cannot find any information about user \`${user}' in ${dp_UID_FILES}." >+ fi >+ o_IFS=${IFS} >+ IFS=":" >+ while read -r login _ uid gid class _ _ gecos homedir shell; do >+ if [ -z "$uid" ] || [ -z "$gid" ] || [ -z "$homedir" ] || [ -z "$shell" ]; then >+ error "User line for ${user} is invalid" >+ fi >+ uid=$((uid+dp_UID_OFFSET)) >+ gid=$((gid+dp_GID_OFFSET)) >+ if [ -n "$class" ]; then >+ class="-L $class" >+ fi >+ homedir=$(echo "$homedir" | sed "s|^/usr/local|${dp_PREFIX}|") >+ cat >> "${dp_UG_INSTALL}" <<-eot2 >+ if ! \${PW} usershow $login >/dev/null 2>&1; then >+ echo "Creating user '$login' with uid '$uid'." >+ \${PW} useradd $login -u $uid -g $gid $class -c "$gecos" -d $homedir -s $shell >+ else >+ echo "Using existing user '$login'." >+ fi >+ eot2 >+ case $homedir in >+ /|/nonexistent|/var/empty) >+ ;; >+ *) >+ echo "${dp_INSTALL} -d -g $gid -o $uid $homedir" >> "${dp_UG_INSTALL}" >+ ;; >+ esac >+ done <<-eot >+ $(grep -h "^${user}:" ${dp_UID_FILES} | head -n 1) >+ eot >+ IFS=${o_IFS} >+ done >+fi >+ >+if [ -n "${GROUPS}" ]; then >+ for group in ${GROUPS}; do >+ # mail:*:6:postfix,clamav >+ o_IFS=${IFS} >+ IFS=":" >+ while read -r group _ gid members; do >+ gid=$((gid+dp_GID_OFFSET)) >+ oo_IFS=${IFS} >+ IFS="," >+ for login in $members; do >+ for user in ${USERS}; do >+ if [ -n "${user}" ] && [ "${user}" = "${login}" ]; then >+ cat >> "${dp_UG_INSTALL}" <<-eot2 >+ if ! \${PW} groupshow ${group} | grep -qw ${login}; then >+ echo "Adding user '${login}' to group '${group}'." >+ \${PW} groupmod ${group} -m ${login} >+ fi >+ eot2 >+ fi >+ done >+ done >+ IFS=${oo_IFS} >+ done <<-eot >+ $(grep -h "^${group}:" ${dp_GID_FILES} | head -n 1) >+ eot >+ IFS=${o_IFS} >+ done >+fi >+ >+if [ -n "${USERS}" ]; then >+ for user in ${USERS}; do >+ if ! echo "${dp_USERS_BLACKLIST}" | grep -qw "${user}"; then >+ cat >> "${dp_UG_DEINSTALL}" <<-eot >+ if \${PW} usershow ${user} >/dev/null 2>&1; then >+ echo "==> You should manually remove the \"${user}\" user. " >+ fi >+ eot >+ fi >+ done >+fi >+ >+if [ -n "${GROUPS}" ]; then >+ for group in ${GROUPS}; do >+ if ! echo "${dp_GROUPS_BLACKLIST}" | grep -qw "${group}"; then >+ cat >> "${dp_UG_DEINSTALL}" <<-eot >+ if \${PW} groupshow ${group} >/dev/null 2>&1; then >+ echo "==> You should manually remove the \"${group}\" group " >+ fi >+ eot >+ fi >+ done >+fi >diff --git a/Mk/bsd.port.mk b/Mk/bsd.port.mk >index 10771fa..24badd2 100644 >--- a/Mk/bsd.port.mk >+++ b/Mk/bsd.port.mk >@@ -1245,6 +1245,10 @@ GID_OFFSET?= 0 > # alpha numeric sort order > USERS_BLACKLIST= _dhcp _pflogd auditdistd bin bind daemon games hast kmem mailnull man news nobody operator pop proxy root smmsp sshd toor tty uucp www > >+# predefined accounts from src/etc/group >+# alpha numeric sort order >+GROUPS_BLACKLIST= _dhcp _pflogd audit authpf bin bind daemon dialer ftp games guest hast kmem mail mailnull man network news nobody nogroup operator proxy smmsp sshd staff sys tty unbound uucp wheel www >+ > LDCONFIG_DIR= libdata/ldconfig > LDCONFIG32_DIR= libdata/ldconfig32 > >@@ -3651,96 +3655,28 @@ install-ldconfig-file: > > .if !target(create-users-groups) > .if defined(GROUPS) || defined(USERS) >-_UG_OUTPUT= ${WRKDIR}/users-groups.sh >-PKGPREINSTALL+= ${_UG_OUTPUT} >+_UG_INSTALL= ${WRKDIR}/users-groups-install.sh >+_UG_DEINSTALL= ${WRKDIR}/users-groups-deinstall.sh >+PKGPREINSTALL+= ${_UG_INSTALL} >+PKGPOSTDEINSTALL+= ${_UG_DEINSTALL} > create-users-groups: >- @${RM} -f ${_UG_OUTPUT} || ${TRUE} >-.if ${OPSYS} != FreeBSD || ${OSVERSION} < 1002000 >- @${ECHO_CMD} "PW=${PW}" >> ${_UG_OUTPUT} >-.else >- @${ECHO_CMD} -e "if [ -n \"\$${PKG_ROOTDIR}\" -a \"\$${PKG_ROOTDIR}\" != \"/\" ]; then PW=\"${PW} -R \$${PKG_ROOTDIR}\"; else PW=${PW}; fi" >> ${_UG_OUTPUT} >-.endif >-.if defined(GROUPS) >-.for _file in ${GID_FILES} >-.if !exists(${_file}) >- @${ECHO_CMD} "** ${_file} doesn't exist. Exiting."; exit 1 >-.endif >-.endfor >- @${ECHO_MSG} "===> Creating users and/or groups." >- @${ECHO_CMD} "echo \"===> Creating users and/or groups.\"" >> ${_UG_OUTPUT} >-.for _group in ${GROUPS} >-# _bgpd:*:130: >- @if ! ${GREP} -h ^${_group}: ${GID_FILES} >/dev/null 2>&1; then \ >- ${ECHO_CMD} "** Cannot find any information about group \`${_group}' in ${GID_FILES}."; \ >- exit 1; \ >- fi >- @IFS=":"; ${GREP} -h ^${_group}: ${GID_FILES} | head -n 1 | while read group foo gid members; do \ >- gid=$$(($$gid+${GID_OFFSET})); \ >- ${ECHO_CMD} -e "if ! \$${PW} groupshow $$group >/dev/null 2>&1; then \n \ >- echo \"Creating group '$$group' with gid '$$gid'.\" \n \ >- \$${PW} groupadd $$group -g $$gid; else echo \"Using existing group '$$group'.\"\nfi" >> ${_UG_OUTPUT}; \ >- done >-.endfor >-.endif >-.if defined(USERS) >-.for _file in ${UID_FILES} >-.if !exists(${_file}) >- @${ECHO_CMD} "** ${_file} doesn't exist. Exiting."; exit 1 >-.endif >-.endfor >-.for _user in ${USERS} >-# _bgpd:*:130:130:BGP Daemon:/var/empty:/sbin/nologin >- @if ! ${GREP} -h ^${_user}: ${UID_FILES} >/dev/null 2>&1; then \ >- ${ECHO_CMD} "** Cannot find any information about user \`${_user}' in ${UID_FILES}."; \ >- exit 1; \ >- fi >- @IFS=":"; ${GREP} -h ^${_user}: ${UID_FILES} | head -n 1 | while read login passwd uid gid class change expire gecos homedir shell; do \ >- uid=$$(($$uid+${UID_OFFSET})); \ >- gid=$$(($$gid+${GID_OFFSET})); \ >- class="$${class:+-L }$$class"; \ >- homedir=$$(echo $$homedir | sed "s|^/usr/local|${PREFIX}|"); \ >- ${ECHO_CMD} -e "if ! \$${PW} usershow $$login >/dev/null 2>&1; then \n \ >- echo \"Creating user '$$login' with uid '$$uid'.\" \n \ >- \$${PW} useradd $$login -u $$uid -g $$gid $$class -c \"$$gecos\" -d $$homedir -s $$shell \n \ >- else \necho \"Using existing user '$$login'.\" \nfi" >> ${_UG_OUTPUT}; \ >- case $$homedir in /|/nonexistent|/var/empty) ;; *) ${ECHO_CMD} "${INSTALL} -d -g $$gid -o $$uid $$homedir" >> ${_UG_OUTPUT};; esac; \ >- done >-.endfor >-.if defined(GROUPS) >-.for _group in ${GROUPS} >-# mail:*:6:postfix,clamav >- @IFS=":"; ${GREP} -h ^${_group}: ${GID_FILES} | head -n 1 | while read group foo gid members; do \ >- gid=$$(($$gid+${GID_OFFSET})); \ >- IFS=","; for _login in $$members; do \ >- for _user in ${USERS}; do \ >- if [ "x$${_user}" = "x$${_login}" ]; then \ >- ${ECHO_CMD} -e "if ! \$${PW} groupshow ${_group} | ${GREP} -qw $${_login}; then \n \ >- echo \"Adding user '$${_login}' to group '${_group}'.\" \n \ >- \$${PW} groupmod ${_group} -m $${_login} \nfi" >> ${_UG_OUTPUT}; \ >- fi; \ >- done; \ >- done; \ >- done >-.endfor >-.endif >-.if defined(USERS) >-.for _user in ${USERS} >-.if ${OPSYS} != FreeBSD || ${OSVERSION} < 1002000 >- @if [ ! ${USERS_BLACKLIST:M${_user}} ]; then \ >- ${ECHO_CMD} "@unexec PW=${PW}; \ >- if \$${PW} usershow ${_user} >/dev/null 2>&1; then \ >- echo \"==> You should manually remove the \\\"${_user}\\\" user. \"; fi" >> ${TMPPLIST}; \ >- fi >-.else >- @if [ ! ${USERS_BLACKLIST:M${_user}} ]; then \ >- ${ECHO_CMD} "@unexec if [ -n \"\$${PKG_ROOTDIR}\" -a \"\$${PKG_ROOTDIR}\" != \"/\" ]; then PW=\"${PW} -R \$${PKG_ROOTDIR}\"; else PW=${PW}; fi; \ >- if \$${PW} usershow ${_user} >/dev/null 2>&1; then \ >- echo \"==> You should manually remove the \\\"${_user}\\\" user. \"; fi" >> ${TMPPLIST}; \ >- fi >-.endif >-.endfor >-.endif >-.endif >+ @${SETENV} \ >+ dp_ECHO_MSG="${ECHO_MSG}" \ >+ dp_GID_FILES="${GID_FILES}" \ >+ dp_GID_OFFSET="${GID_OFFSET}" \ >+ dp_GROUPS_BLACKLIST="${GROUPS_BLACKLIST}" \ >+ dp_INSTALL="${INSTALL}" \ >+ dp_OPSYS="${OPSYS}" \ >+ dp_OSVERSION="${OSVERSION}" \ >+ dp_PREFIX="${PREFIX}" \ >+ dp_PW="${PW}" \ >+ dp_SCRIPTSDIR="${SCRIPTSDIR}" \ >+ dp_UG_DEINSTALL="${_UG_DEINSTALL}" \ >+ dp_UG_INSTALL="${_UG_INSTALL}" \ >+ dp_UID_FILES="${UID_FILES}" \ >+ dp_UID_OFFSET="${UID_OFFSET}" \ >+ dp_USERS_BLACKLIST="${USERS_BLACKLIST}" \ >+ ${SH} ${SCRIPTSDIR}/do-users-groups.sh "${USERS}" "${GROUPS}" > .endif > .endif >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=169313">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 208800
: 169313