1
0
forked from pool/sysuser-tools
Dominique Leuenberger 2021-01-25 09:30:35 +00:00 committed by Git OBS Bridge
parent 0f53e6b246
commit c35adb65ba
4 changed files with 50 additions and 91 deletions

View File

@ -1,30 +1,3 @@
-------------------------------------------------------------------
Wed Jan 20 15:06:51 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
- Ignore nscd return code
-------------------------------------------------------------------
Tue Jan 19 15:15:41 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
- If systemd-sysusers is used to create a new user/group, invalidate
the nscd passwd and group cache to make the new user/group
visible immediately as workaround [bsc#1181121].
Needs to be removed after sytemd-sysusers get's fixed, since we
invalidate the cache even if the user/group file wasn't changed.
-------------------------------------------------------------------
Sun Jan 17 21:16:25 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
- An "u" in a sysusers.d file will create an user and a group.
Create provides for both, user and group.
-------------------------------------------------------------------
Thu Jan 14 14:30:20 UTC 2021 - Thorsten Kukuk <kukuk@suse.com>
- Use systemd-sysusers as default to create and update the user
account. Fixes the problem that a modified sysusers config file
get's ignored by useradd and adduser [bsc#1180549].
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Dec 4 10:54:00 UTC 2020 - Ludwig Nussel <lnussel@suse.de> Fri Dec 4 10:54:00 UTC 2020 - Ludwig Nussel <lnussel@suse.de>

View File

@ -1,7 +1,7 @@
# #
# spec file for package sysuser-tools # spec file for package sysuser-tools
# #
# Copyright (c) 2021 SUSE LLC # Copyright (c) 2020 SUSE LLC
# #
# All modifications and additions to the file contributed by third parties # All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed # remain the property of their copyright owners, unless otherwise agreed
@ -38,7 +38,7 @@ Generate auto provides for system users.
%package -n sysuser-shadow %package -n sysuser-shadow
Summary: Tool to execute sysusers.d with shadow utilities Summary: Tool to execute sysusers.d with shadow utilities
Group: System/Packages Group: System/Packages
Requires(pre): (/usr/sbin/useradd or busybox or /usr/bin/systemd-sysusers) PreReq: useradd_or_adduser_dep
# prefer original shadow over busybox by default # prefer original shadow over busybox by default
Suggests: shadow Suggests: shadow

View File

@ -11,7 +11,6 @@ parse()
echo "group($2)" echo "group($2)"
elif [ "$1" = 'u' ]; then elif [ "$1" = 'u' ]; then
echo "user($2)" echo "user($2)"
echo "group($2)"
fi fi
done done
} }

View File

@ -7,98 +7,85 @@ run() {
"$@" "$@"
} }
if [ -x /usr/bin/systemd-sysusers ]; then # Absolute path to busybox, if found
busybox=
for i in /bin/busybox /usr/bin/busybox; do [ -x "$i" ] && busybox=$i; done
# Use systemd-sysusers and let it read the input directly from stdin while read LINE
/usr/bin/systemd-sysusers - do
# We need to clear the nscd cache, as systemd-sysusers could have
# triggered a negative cache entry
if [ -x /usr/sbin/nscd ]; then
/usr/sbin/nscd -i passwd ||:
/usr/sbin/nscd -i group ||:
fi
else
# Absolute path to busybox, if found
busybox=
for i in /bin/busybox /usr/bin/busybox; do [ -x "$i" ] && busybox=$i; done
while read LINE
do
# "eval set" to do proper splitting while respecting quotes # "eval set" to do proper splitting while respecting quotes
eval set -- $LINE eval set -- $LINE
case "${1-}" in case "${1-}" in
\#*|"") \#*|"")
;; ;;
g) g)
shift shift
ARGUMENTS="$1" ARGUMENTS="$1"
if [ -n "${2-}" ] && [ "$2" != "-" ]; then if [ -n "${2-}" ] && [ "$2" != "-" ]; then
ARGUMENTS="-g $2 $ARGUMENTS" ARGUMENTS="-g $2 $ARGUMENTS"
fi fi
if ! /usr/bin/getent group "$1" >> /dev/null; then if ! /usr/bin/getent group "$1" >> /dev/null; then
if [ -x "/usr/sbin/groupadd" ]; then if [ -x "/usr/sbin/groupadd" ]; then
run /usr/sbin/groupadd -r $ARGUMENTS run /usr/sbin/groupadd -r $ARGUMENTS
elif [ -x "$busybox" ]; then elif [ -x "$busybox" ]; then
run $busybox addgroup -S $ARGUMENTS run $busybox addgroup -S $ARGUMENTS
else else
echo "ERROR: neither groupadd nor busybox found!" echo "ERROR: neither groupadd nor busybox found!"
exit 1 exit 1
fi fi
fi fi
;; ;;
u) u)
shift shift
ARGUMENTS="$1" ARGUMENTS="$1"
if [ -n "${2-}" ] && [ "$2" != "-" ]; then if [ -n "${2-}" ] && [ "$2" != "-" ]; then
ARGUMENTS="-u $2 $ARGUMENTS" ARGUMENTS="-u $2 $ARGUMENTS"
fi fi
homedir="/" # If null, empty or '-' homedir="/" # If null, empty or '-'
if [ "${4:--}" != "-" ]; then if [ "${4:--}" != "-" ]; then
homedir="$4" homedir="$4"
fi fi
if [ -x /usr/sbin/useradd ]; then if [ -x /usr/sbin/useradd ]; then
if ! /usr/bin/getent passwd "$1" >> /dev/null; then if ! /usr/bin/getent passwd "$1" >> /dev/null; then
# this is useradd/shadow specific # this is useradd/shadow specific
if /usr/bin/getent group "$1" >> /dev/null; then if /usr/bin/getent group "$1" >> /dev/null; then
ARGUMENTS="-g $1 $ARGUMENTS" ARGUMENTS="-g $1 $ARGUMENTS"
else else
ARGUMENTS="-U $ARGUMENTS" ARGUMENTS="-U $ARGUMENTS"
fi
run /usr/sbin/useradd -r -s /sbin/nologin -c "$3" -d "${homedir}" $ARGUMENTS
fi fi
run /usr/sbin/useradd -r -s /sbin/nologin -c "$3" -d "${homedir}" $ARGUMENTS
fi
elif [ -x "$busybox" ]; then elif [ -x "$busybox" ]; then
/usr/bin/getent group "$1" >> /dev/null || $busybox addgroup -S "$1" /usr/bin/getent group "$1" >> /dev/null || $busybox addgroup -S "$1"
if ! /usr/bin/getent passwd "$1" >> /dev/null; then if ! /usr/bin/getent passwd "$1" >> /dev/null; then
run $busybox adduser -S -H -s /sbin/nologin -g "$3" -G "$1" -h "${homedir}" $ARGUMENTS run $busybox adduser -S -H -s /sbin/nologin -g "$3" -G "$1" -h "${homedir}" $ARGUMENTS
fi fi
else else
echo "ERROR: neither useradd nor busybox found!" echo "ERROR: neither useradd nor busybox found!"
exit 1 exit 1
fi fi
;; ;;
m) m)
shift shift
if [ -x /usr/sbin/usermod ] ; then if [ -x /usr/sbin/usermod ] ; then
run /usr/sbin/usermod -a -G $2 $1 run /usr/sbin/usermod -a -G $2 $1
elif [ -x "$busybox" ]; then elif [ -x "$busybox" ]; then
run $busybox addgroup $1 $2 run $busybox addgroup $1 $2
else else
echo "ERROR: neither usermod nor busybox found!" echo "ERROR: neither usermod nor busybox found!"
exit 1 exit 1
fi fi
;; ;;
r) r)
echo "range option ignored: \"$LINE\"" echo "range option ignored: \"$LINE\""
;; ;;
*) *)
echo "Syntax Error: \"$LINE\"" echo "Syntax Error: \"$LINE\""
exit 1 exit 1
;; ;;
esac esac
done done
fi