From 5d3b7a8e0262b3548f65df035db77f3eacf4ef964bf34492ed25514e59e7354b Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Mon, 2 Nov 2020 15:56:45 +0000 Subject: [PATCH] bsc#1178296 OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=95 --- shadow.changes | 8 +++++++ useradd-script.patch | 54 ++++++++++++++++++++++++++++---------------- useradd.local | 47 +++++++++++++++++++------------------- 3 files changed, 65 insertions(+), 44 deletions(-) diff --git a/shadow.changes b/shadow.changes index d00a2b9..f66d131 100644 --- a/shadow.changes +++ b/shadow.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Mon Nov 2 15:54:02 UTC 2020 - Dr. Werner Fink + +- Change again useradd.local script to let it work even for system + accounts and work together with SELinux (bsc#1178296) +- Change patch useradd-script.patch to support the four arguments + used by the useradd.local script (bsc#1178296) + ------------------------------------------------------------------- Fri Oct 9 13:12:11 UTC 2020 - Dr. Werner Fink diff --git a/useradd-script.patch b/useradd-script.patch index cca957e..c7289de 100644 --- a/useradd-script.patch +++ b/useradd-script.patch @@ -1,8 +1,12 @@ -Index: etc/login.defs -=================================================================== ---- etc/login.defs.orig -+++ etc/login.defs -@@ -212,6 +212,13 @@ CHFN_RESTRICT rwh +--- + etc/login.defs | 7 +++++++ + lib/getdef.c | 1 + + src/useradd.c | 41 ++++++++++++++++++++++++++++++++++++++++- + 3 files changed, 48 insertions(+), 1 deletion(-) + +--- etc/login.defs ++++ etc/login.defs 2020-10-30 12:54:38.117849829 +0000 +@@ -242,6 +242,13 @@ CHFN_RESTRICT rwh DEFAULT_HOME yes # @@ -16,11 +20,9 @@ Index: etc/login.defs # If defined, this command is run when removing a user. # It should remove any at/cron/print jobs etc. owned by # the user to be removed (passed as the first argument). -Index: lib/getdef.c -=================================================================== ---- lib/getdef.c.orig -+++ lib/getdef.c -@@ -126,6 +126,7 @@ static struct itemdef def_table[] = { +--- lib/getdef.c ++++ lib/getdef.c 2020-10-30 12:54:38.117849829 +0000 +@@ -134,6 +134,7 @@ static struct itemdef def_table[] = { {"UID_MAX", NULL}, {"UID_MIN", NULL}, {"UMASK", NULL}, @@ -28,11 +30,9 @@ Index: lib/getdef.c {"USERDEL_CMD", NULL}, {"USERDEL_PRECMD", NULL}, {"USERDEL_POSTCMD", NULL}, -Index: src/useradd.c -=================================================================== ---- src/useradd.c.orig -+++ src/useradd.c -@@ -2216,6 +2216,30 @@ static void create_mail (void) +--- src/useradd.c ++++ src/useradd.c 2020-10-30 13:08:17.378336989 +0000 +@@ -2238,6 +2238,44 @@ static void create_mail (void) } /* @@ -42,20 +42,34 @@ Index: src/useradd.c + * account. + */ + -+static void call_script (const char *user) ++static void call_script (const char *user, const uid_t uid, const gid_t gid, const char *home) +{ + const char *cmd; -+ const char *argv[3]; ++ const char *argv[6]; ++ char *strgid, *struid; + int status; + + cmd = getdef_str ("USERADD_CMD"); + if (NULL == cmd) { + return; + } ++ if (asprintf(&struid, "%lu", (long unsigned)uid) < 0) { ++ (void) fprintf (stderr, _("%s: out of memory\n"), Prog); ++ exit(1); ++ } ++ if (asprintf(&strgid, "%lu", (long unsigned)gid) < 0) { ++ (void) fprintf (stderr, _("%s: out of memory\n"), Prog); ++ exit(1); ++ } + argv[0] = cmd; + argv[1] = user; -+ argv[2] = (char *)0; ++ argv[2] = struid; ++ argv[3] = strgid; ++ argv[4] = home; ++ argv[5] = (char *)0; + (void) run_command (cmd, argv, NULL, &status); ++ free(strgid); ++ free(struid); +} + + @@ -63,11 +77,11 @@ Index: src/useradd.c * main - useradd command */ int main (int argc, char **argv) -@@ -2492,6 +2516,7 @@ int main (int argc, char **argv) +@@ -2514,6 +2552,7 @@ int main (int argc, char **argv) nscd_flush_cache ("group"); sssd_flush_cache (SSSD_DB_PASSWD | SSSD_DB_GROUP); -+ call_script (user_name); ++ call_script (user_name, user_id, user_gid, user_home); + return E_SUCCESS; } diff --git a/useradd.local b/useradd.local index 8bc049f..32656f4 100644 --- a/useradd.local +++ b/useradd.local @@ -21,44 +21,43 @@ if [ $# -lt 1 -o $# -gt 4 ]; then exit 1 fi -# definition of "root" $HOME for users -. /etc/default/useradd - USER=$1 -GID=$(id -g $USER) -HOMEDIR=$HOME/$USER -if [ $# -lt 4 ]; then - HOMEDIR=$HOME/$USER -else +if [ $# -eq 4 ]; then + GID=$3 HOMEDIR=$4 +else + GID=$(id -g $USER) + HOMEDIR=$(grep -E "^${USER}:" /etc/passwd| cut -d: -f6,6) fi # Update NIS database # make -C /var/yp +# Main useradd tool creates this if specified on command line +[ -d $HOMEDIR ] || exit 0 + +# +# Copy also skeleton files from /usr/etc/skel (boo#1173321) +# +USRSKELDIR=/usr/etc/skel +if [ -d $USRSKELDIR ] ; then + for file in $(ls -A $USRSKELDIR); do + # Only copy if not exist yet, i.e. does *not* exist in /etc/skel, which is still + # being preferred ... + test -e $HOMEDIR/$file && continue + cp -a $USRSKELDIR/$file $HOMEDIR + chown -R $USER.$GID $HOMEDIR/$file + done +fi + # If SELinux is enabled, we have to run restorecon to assign # appropriate fcontexts to the respective $HOME and files under it if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled ; then test -x /sbin/restorecon || exit 2 - if [ -d $HOMEDIR ]; then - /sbin/restorecon -R $HOMEDIR - fi + /sbin/restorecon -R $HOMEDIR fi -# -# Copy also skeleton files from /usr/etc/skel (boo#1173321) -# - -USRSKELDIR=/usr/etc/skel -for file in $(ls -A $USRSKELDIR); do - # Only copy if not exist yet, i.e. does *not* exist in /etc/skel, which is still - # being preferred ... - test -e $HOMEDIR/$file && continue - cp -a $USRSKELDIR/$file $HOMEDIR - chown -R $USER.$GID $HOMEDIR/$file -done - # All done. exit 0