/[gentoo-x86]/eclass/user.eclass
Gentoo

Diff of /eclass/user.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 Revision 1.11
1# Copyright 1999-2011 Gentoo Foundation 1# Copyright 1999-2011 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License v2 2# Distributed under the terms of the GNU General Public License v2
3# $Header: /var/cvsroot/gentoo-x86/eclass/user.eclass,v 1.1 2011/10/27 07:16:08 vapier Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/user.eclass,v 1.11 2011/11/26 06:42:07 vapier Exp $
4 4
5# @ECLASS: user.eclass 5# @ECLASS: user.eclass
6# @MAINTAINER: 6# @MAINTAINER:
7# base-system@gentoo.org (Linux) 7# base-system@gentoo.org (Linux)
8# Joe Jezak <josejx@gmail.com> (OS X) 8# Joe Jezak <josejx@gmail.com> (OS X)
11# @BLURB: user management in ebuilds 11# @BLURB: user management in ebuilds
12# @DESCRIPTION: 12# @DESCRIPTION:
13# The user eclass contains a suite of functions that allow ebuilds 13# The user eclass contains a suite of functions that allow ebuilds
14# to quickly make sure users in the installed system are sane. 14# to quickly make sure users in the installed system are sane.
15 15
16# @FUNCTION: _assert_pkg_ebuild_phase
17# @INTERNAL
18# @USAGE: <calling func name>
19_assert_pkg_ebuild_phase() {
20 case ${EBUILD_PHASE} in
21 setup|preinst|postinst) ;;
22 *)
23 eerror "'$1()' called from '${EBUILD_PHASE}()' which is not a pkg_* function."
24 eerror "Package fails at QA and at life. Please file a bug."
25 die "Bad package! $1 is only for use in pkg_* functions!"
26 esac
27}
28
16# @FUNCTION: egetent 29# @FUNCTION: egetent
17# @USAGE: <database> <key> 30# @USAGE: <database> <key>
18# @DESCRIPTION: 31# @DESCRIPTION:
19# Small wrapper for getent (Linux), nidump (< Mac OS X 10.5), 32# Small wrapper for getent (Linux), nidump (< Mac OS X 10.5),
20# dscl (Mac OS X 10.5), and pw (FreeBSD) used in enewuser()/enewgroup(). 33# dscl (Mac OS X 10.5), and pw (FreeBSD) used in enewuser()/enewgroup().
34#
35# Supported databases: group passwd
21egetent() { 36egetent() {
37 local db=$1 key=$2
38
39 [[ $# -ge 3 ]] && die "usage: egetent <database> <key>"
40
41 case ${db} in
42 passwd|group) ;;
43 *) die "sorry, database '${db}' not yet supported; file a bug" ;;
44 esac
45
22 case ${CHOST} in 46 case ${CHOST} in
23 *-darwin[678]) 47 *-darwin[678])
24 case "$2" in 48 case ${key} in
25 *[!0-9]*) # Non numeric 49 *[!0-9]*) # Non numeric
26 nidump $1 . | awk -F":" "{ if (\$1 ~ /^$2\$/) {print \$0;exit;} }" 50 nidump ${db} . | awk -F: "(\$1 ~ /^${key}\$/) {print;exit;}"
27 ;; 51 ;;
28 *) # Numeric 52 *) # Numeric
29 nidump $1 . | awk -F":" "{ if (\$3 == $2) {print \$0;exit;} }" 53 nidump ${db} . | awk -F: "(\$3 == ${key}) {print;exit;}"
30 ;; 54 ;;
31 esac 55 esac
32 ;; 56 ;;
33 *-darwin*) 57 *-darwin*)
34 local mytype=$1 58 local mykey
35 [[ "passwd" == $mytype ]] && mytype="Users"
36 [[ "group" == $mytype ]] && mytype="Groups"
37 case "$2" in 59 case ${db} in
60 passwd) db="Users" mykey="UniqueID" ;;
61 group) db="Groups" mykey="PrimaryGroupID" ;;
62 esac
63
64 case ${key} in
38 *[!0-9]*) # Non numeric 65 *[!0-9]*) # Non numeric
39 dscl . -read /$mytype/$2 2>/dev/null |grep RecordName 66 dscl . -read /${db}/${key} 2>/dev/null |grep RecordName
40 ;; 67 ;;
41 *) # Numeric 68 *) # Numeric
42 local mykey="UniqueID"
43 [[ $mytype == "Groups" ]] && mykey="PrimaryGroupID"
44 dscl . -search /$mytype $mykey $2 2>/dev/null 69 dscl . -search /${db} ${mykey} ${key} 2>/dev/null
45 ;; 70 ;;
46 esac 71 esac
47 ;; 72 ;;
48 *-freebsd*|*-dragonfly*) 73 *-freebsd*|*-dragonfly*)
49 local opts action="user" 74 case ${db} in
50 [[ $1 == "passwd" ]] || action="group" 75 passwd) db="user" ;;
76 *) ;;
77 esac
51 78
52 # lookup by uid/gid 79 # lookup by uid/gid
80 local opts
53 if [[ $2 == [[:digit:]]* ]] ; then 81 if [[ ${key} == [[:digit:]]* ]] ; then
54 [[ ${action} == "user" ]] && opts="-u" || opts="-g" 82 [[ ${db} == "user" ]] && opts="-u" || opts="-g"
55 fi 83 fi
56 84
57 pw show ${action} ${opts} "$2" -q 85 pw show ${db} ${opts} "${key}" -q
58 ;; 86 ;;
59 *-netbsd*|*-openbsd*) 87 *-netbsd*|*-openbsd*)
60 grep "$2:\*:" /etc/$1 88 grep "${key}:\*:" /etc/${db}
61 ;; 89 ;;
62 *) 90 *)
63 type -p nscd >& /dev/null && nscd -i "$1" 91 # ignore output if nscd doesn't exist, or we're not running as root
64 getent "$1" "$2" 92 nscd -i "${db}" 2>/dev/null
93 getent "${db}" "${key}"
65 ;; 94 ;;
66 esac 95 esac
67} 96}
68 97
69# @FUNCTION: enewuser 98# @FUNCTION: enewuser
70# @USAGE: <user> [uid] [shell] [homedir] [groups] [params] 99# @USAGE: <user> [uid] [shell] [homedir] [groups]
71# @DESCRIPTION: 100# @DESCRIPTION:
72# Same as enewgroup, you are not required to understand how to properly add 101# Same as enewgroup, you are not required to understand how to properly add
73# a user to the system. The only required parameter is the username. 102# a user to the system. The only required parameter is the username.
74# Default uid is (pass -1 for this) next available, default shell is 103# Default uid is (pass -1 for this) next available, default shell is
75# /bin/false, default homedir is /dev/null, there are no default groups, 104# /bin/false, default homedir is /dev/null, and there are no default groups.
76# and default params sets the comment as 'added by portage for ${PN}'.
77enewuser() { 105enewuser() {
78 case ${EBUILD_PHASE} in 106 _assert_pkg_ebuild_phase enewuser
79 unpack|compile|test|install)
80 eerror "'enewuser()' called from '${EBUILD_PHASE}()' which is not a pkg_* function."
81 eerror "Package fails at QA and at life. Please file a bug."
82 die "Bad package! enewuser is only for use in pkg_* functions!"
83 esac
84 107
85 # get the username 108 # get the username
86 local euser=$1; shift 109 local euser=$1; shift
87 if [[ -z ${euser} ]] ; then 110 if [[ -z ${euser} ]] ; then
88 eerror "No username specified !" 111 eerror "No username specified !"
115 if [[ ${euid} == "next" ]] ; then 138 if [[ ${euid} == "next" ]] ; then
116 for ((euid = 101; euid <= 999; euid++)); do 139 for ((euid = 101; euid <= 999; euid++)); do
117 [[ -z $(egetent passwd ${euid}) ]] && break 140 [[ -z $(egetent passwd ${euid}) ]] && break
118 done 141 done
119 fi 142 fi
120 opts="${opts} -u ${euid}" 143 opts+=" -u ${euid}"
121 einfo " - Userid: ${euid}" 144 einfo " - Userid: ${euid}"
122 145
123 # handle shell 146 # handle shell
124 local eshell=$1; shift 147 local eshell=$1; shift
125 if [[ ! -z ${eshell} ]] && [[ ${eshell} != "-1" ]] ; then 148 if [[ ! -z ${eshell} ]] && [[ ${eshell} != "-1" ]] ; then
147 fi 170 fi
148 171
149 eshell=${shell} 172 eshell=${shell}
150 fi 173 fi
151 einfo " - Shell: ${eshell}" 174 einfo " - Shell: ${eshell}"
152 opts="${opts} -s ${eshell}" 175 opts+=" -s ${eshell}"
153 176
154 # handle homedir 177 # handle homedir
155 local ehome=$1; shift 178 local ehome=$1; shift
156 if [[ -z ${ehome} ]] || [[ ${ehome} == "-1" ]] ; then 179 if [[ -z ${ehome} ]] || [[ ${ehome} == "-1" ]] ; then
157 ehome="/dev/null" 180 ehome="/dev/null"
158 fi 181 fi
159 einfo " - Home: ${ehome}" 182 einfo " - Home: ${ehome}"
160 opts="${opts} -d ${ehome}" 183 opts+=" -d ${ehome}"
161 184
162 # handle groups 185 # handle groups
163 local egroups=$1; shift 186 local egroups=$1; shift
164 if [[ ! -z ${egroups} ]] ; then 187 if [[ ! -z ${egroups} ]] ; then
165 local oldifs=${IFS} 188 local oldifs=${IFS}
179 fi 202 fi
180 export IFS="," 203 export IFS=","
181 done 204 done
182 export IFS=${oldifs} 205 export IFS=${oldifs}
183 206
184 opts="${opts} -g ${defgroup}" 207 opts+=" -g ${defgroup}"
185 if [[ ! -z ${exgroups} ]] ; then 208 if [[ ! -z ${exgroups} ]] ; then
186 opts="${opts} -G ${exgroups:1}" 209 opts+=" -G ${exgroups:1}"
187 fi 210 fi
188 else 211 else
189 egroups="(none)" 212 egroups="(none)"
190 fi 213 fi
191 einfo " - Groups: ${egroups}" 214 einfo " - Groups: ${egroups}"
192 215
193 # handle extra and add the user 216 # handle extra args
217 if [[ $# -gt 0 ]] ; then
218 die "extra arguments no longer supported; please file a bug"
219 else
220 set -- -c "added by portage for ${PN}"
221 einfo " - Extra: $@"
222 fi
223
224 # add the user
194 local oldsandbox=${SANDBOX_ON} 225 local oldsandbox=${SANDBOX_ON}
195 export SANDBOX_ON="0" 226 export SANDBOX_ON="0"
196 case ${CHOST} in 227 case ${CHOST} in
197 *-darwin*) 228 *-darwin*)
198 ### Make the user 229 ### Make the user
199 if [[ -z $@ ]] ; then
200 dscl . create /users/${euser} uid ${euid} 230 dscl . create /users/${euser} uid ${euid}
201 dscl . create /users/${euser} shell ${eshell} 231 dscl . create /users/${euser} shell ${eshell}
202 dscl . create /users/${euser} home ${ehome} 232 dscl . create /users/${euser} home ${ehome}
203 dscl . create /users/${euser} realname "added by portage for ${PN}" 233 dscl . create /users/${euser} realname "added by portage for ${PN}"
204 ### Add the user to the groups specified 234 ### Add the user to the groups specified
205 local oldifs=${IFS} 235 local oldifs=${IFS}
206 export IFS="," 236 export IFS=","
207 for g in ${egroups} ; do 237 for g in ${egroups} ; do
208 dscl . merge /groups/${g} users ${euser} 238 dscl . merge /groups/${g} users ${euser}
209 done 239 done
210 export IFS=${oldifs} 240 export IFS=${oldifs}
211 else
212 einfo "Extra options are not supported on Darwin yet"
213 einfo "Please report the ebuild along with the info below"
214 einfo "eextra: $@"
215 die "Required function missing"
216 fi
217 ;; 241 ;;
242
218 *-freebsd*|*-dragonfly*) 243 *-freebsd*|*-dragonfly*)
219 if [[ -z $@ ]] ; then
220 pw useradd ${euser} ${opts} \ 244 pw useradd ${euser} ${opts} "$@" || die
221 -c "added by portage for ${PN}" \
222 die "enewuser failed"
223 else
224 einfo " - Extra: $@"
225 pw useradd ${euser} ${opts} \
226 "$@" || die "enewuser failed"
227 fi
228 ;; 245 ;;
229 246
230 *-netbsd*) 247 *-netbsd*)
231 if [[ -z $@ ]] ; then
232 useradd ${opts} ${euser} || die "enewuser failed"
233 else
234 einfo " - Extra: $@"
235 useradd ${opts} ${euser} "$@" || die "enewuser failed" 248 useradd ${opts} ${euser} "$@" || die
236 fi
237 ;; 249 ;;
238 250
239 *-openbsd*) 251 *-openbsd*)
240 if [[ -z $@ ]] ; then 252 # all ops the same, except the -g vs -g/-G ...
241 useradd -u ${euid} -s ${eshell} \ 253 useradd -u ${euid} -s ${eshell} \
242 -d ${ehome} -c "Added by portage for ${PN}" \ 254 -d ${ehome} -g ${egroups} "$@" ${euser} || die
243 -g ${egroups} ${euser} || die "enewuser failed"
244 else
245 einfo " - Extra: $@"
246 useradd -u ${euid} -s ${eshell} \
247 -d ${ehome} -c "Added by portage for ${PN}" \
248 -g ${egroups} ${euser} "$@" || die "enewuser failed"
249 fi
250 ;; 255 ;;
251 256
252 *) 257 *)
253 if [[ -z $@ ]] ; then
254 useradd -r ${opts} \
255 -c "added by portage for ${PN}" \
256 ${euser} \
257 || die "enewuser failed"
258 else
259 einfo " - Extra: $@"
260 useradd -r ${opts} "$@" \ 258 useradd -r ${opts} "$@" ${euser} || die
261 ${euser} \
262 || die "enewuser failed"
263 fi
264 ;; 259 ;;
265 esac 260 esac
266 261
267 if [[ ! -e ${ROOT}/${ehome} ]] ; then 262 if [[ ! -e ${ROOT}/${ehome} ]] ; then
268 einfo " - Creating ${ehome} in ${ROOT}" 263 einfo " - Creating ${ehome} in ${ROOT}"
280# This function does not require you to understand how to properly add a 275# This function does not require you to understand how to properly add a
281# group to the system. Just give it a group name to add and enewgroup will 276# group to the system. Just give it a group name to add and enewgroup will
282# do the rest. You may specify the gid for the group or allow the group to 277# do the rest. You may specify the gid for the group or allow the group to
283# allocate the next available one. 278# allocate the next available one.
284enewgroup() { 279enewgroup() {
285 case ${EBUILD_PHASE} in 280 _assert_pkg_ebuild_phase enewgroup
286 unpack|compile|test|install)
287 eerror "'enewgroup()' called from '${EBUILD_PHASE}()' which is not a pkg_* function."
288 eerror "Package fails at QA and at life. Please file a bug."
289 die "Bad package! enewgroup is only for use in pkg_* functions!"
290 esac
291 281
292 # get the group 282 # get the group
293 local egroup="$1"; shift 283 local egroup="$1"; shift
294 if [ -z "${egroup}" ] 284 if [ -z "${egroup}" ]
295 then 285 then
313 if [ "${egid}" -gt 0 ] 303 if [ "${egid}" -gt 0 ]
314 then 304 then
315 if [ -z "`egetent group ${egid}`" ] 305 if [ -z "`egetent group ${egid}`" ]
316 then 306 then
317 if [[ "${CHOST}" == *-darwin* ]]; then 307 if [[ "${CHOST}" == *-darwin* ]]; then
318 opts="${opts} ${egid}" 308 opts+=" ${egid}"
319 else 309 else
320 opts="${opts} -g ${egid}" 310 opts+=" -g ${egid}"
321 fi 311 fi
322 else 312 else
323 egid="next available; requested gid taken" 313 egid="next available; requested gid taken"
324 fi 314 fi
325 else 315 else
330 egid="next available" 320 egid="next available"
331 fi 321 fi
332 einfo " - Groupid: ${egid}" 322 einfo " - Groupid: ${egid}"
333 323
334 # handle extra 324 # handle extra
335 local eextra="$@" 325 if [ $# -gt 0 ] ; then
336 opts="${opts} ${eextra}" 326 die "extra arguments no longer supported; please file a bug"
327 fi
337 328
338 # add the group 329 # add the group
339 local oldsandbox="${SANDBOX_ON}" 330 local oldsandbox="${SANDBOX_ON}"
340 export SANDBOX_ON="0" 331 export SANDBOX_ON="0"
341 case ${CHOST} in 332 case ${CHOST} in
342 *-darwin*) 333 *-darwin*)
343 if [ ! -z "${eextra}" ];
344 then
345 einfo "Extra options are not supported on Darwin/OS X yet"
346 einfo "Please report the ebuild along with the info below"
347 einfo "eextra: ${eextra}"
348 die "Required function missing"
349 fi
350
351 # If we need the next available 334 # If we need the next available
352 case ${egid} in 335 case ${egid} in
353 *[!0-9]*) # Non numeric 336 *[!0-9]*) # Non numeric
354 for ((egid = 101; egid <= 999; egid++)); do 337 for ((egid = 101; egid <= 999; egid++)); do
355 [[ -z $(egetent group ${egid}) ]] && break 338 [[ -z $(egetent group ${egid}) ]] && break
364 *[!0-9]*) # Non numeric 347 *[!0-9]*) # Non numeric
365 for ((egid = 101; egid <= 999; egid++)); do 348 for ((egid = 101; egid <= 999; egid++)); do
366 [[ -z $(egetent group ${egid}) ]] && break 349 [[ -z $(egetent group ${egid}) ]] && break
367 done 350 done
368 esac 351 esac
369 pw groupadd ${egroup} -g ${egid} || die "enewgroup failed" 352 pw groupadd ${egroup} -g ${egid} || die
370 ;; 353 ;;
371 354
372 *-netbsd*) 355 *-netbsd*)
373 case ${egid} in 356 case ${egid} in
374 *[!0-9]*) # Non numeric 357 *[!0-9]*) # Non numeric
375 for ((egid = 101; egid <= 999; egid++)); do 358 for ((egid = 101; egid <= 999; egid++)); do
376 [[ -z $(egetent group ${egid}) ]] && break 359 [[ -z $(egetent group ${egid}) ]] && break
377 done 360 done
378 esac 361 esac
379 groupadd -g ${egid} ${egroup} || die "enewgroup failed" 362 groupadd -g ${egid} ${egroup} || die
380 ;; 363 ;;
381 364
382 *) 365 *)
383 # We specify -r so that we get a GID in the system range from login.defs 366 # We specify -r so that we get a GID in the system range from login.defs
384 groupadd -r ${opts} ${egroup} || die "enewgroup failed" 367 groupadd -r ${opts} ${egroup} || die
385 ;; 368 ;;
386 esac 369 esac
387 export SANDBOX_ON="${oldsandbox}" 370 export SANDBOX_ON="${oldsandbox}"
388} 371}
389 372
373# @FUNCTION: egethome
374# @USAGE: <user>
375# @DESCRIPTION:
390# Gets the home directory for the specified user 376# Gets the home directory for the specified user.
391# it's a wrap around egetent as the position of the home directory in the line
392# varies depending on the os used.
393#
394# To use that, inherit eutils, not portability!
395egethome() { 377egethome() {
396 ent=$(egetent passwd $1) 378 local pos
379
380 [[ $# -eq 1 ]] || die "usage: egethome <user>"
397 381
398 case ${CHOST} in 382 case ${CHOST} in
399 *-darwin*|*-freebsd*|*-dragonfly*) 383 *-darwin*|*-freebsd*|*-dragonfly*)
400 # Darwin, OSX, FreeBSD and DragonFly use position 9 to store homedir 384 pos=9
401 echo ${ent} | cut -d: -f9
402 ;; 385 ;;
403 *) 386 *) # Linux, NetBSD, OpenBSD, etc...
404 # Linux, NetBSD and OpenBSD use position 6 instead 387 pos=6
405 echo ${ent} | cut -d: -f6
406 ;; 388 ;;
407 esac 389 esac
408}
409 390
391 egetent passwd $1 | cut -d: -f${pos}
392}
393
394# @FUNCTION: egetshell
395# @USAGE: <user>
396# @DESCRIPTION:
410# Gets the shell for the specified user 397# Gets the shell for the specified user.
411# it's a wrap around egetent as the position of the home directory in the line
412# varies depending on the os used.
413#
414# To use that, inherit eutils, not portability!
415egetshell() { 398egetshell() {
416 ent=$(egetent passwd "$1") 399 local pos
400
401 [[ $# -eq 1 ]] || die "usage: egetshell <user>"
417 402
418 case ${CHOST} in 403 case ${CHOST} in
419 *-darwin*|*-freebsd*|*-dragonfly*) 404 *-darwin*|*-freebsd*|*-dragonfly*)
420 # Darwin, OSX, FreeBSD and DragonFly use position 9 to store homedir 405 pos=10
421 echo ${ent} | cut -d: -f10
422 ;; 406 ;;
423 *) 407 *) # Linux, NetBSD, OpenBSD, etc...
424 # Linux, NetBSD and OpenBSD use position 6 instead 408 pos=7
425 echo ${ent} cut -d: -f7
426 ;; 409 ;;
427 esac 410 esac
428}
429 411
430# Returns true if specified user has a shell that precludes logins 412 egetent passwd "$1" | cut -d: -f${pos}
431# on whichever operating system.
432is-login-disabled() {
433 shell=$(egetshell "$1")
434
435 case ${shell} in
436 /bin/false|/usr/bin/false|/sbin/nologin|/usr/sbin/nologin)
437 return 0 ;;
438 *)
439 return 1 ;;
440 esac
441} 413}
Legend:
Removed from v.1.1  
changed lines
  Added in v.1.11
  ViewVC Help
Powered by ViewVC 1.1.13