/[gentoo-x86]/eclass/user.eclass
Gentoo

Diff of /eclass/user.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.1 Revision 1.12
1# Copyright 1999-2011 Gentoo Foundation 1# Copyright 1999-2011 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License v2 2# Distributed under the terms of the GNU General Public License v2
3# $Header: /var/cvsroot/gentoo-x86/eclass/user.eclass,v 1.1 2011/10/27 07:16:08 vapier Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/user.eclass,v 1.12 2011/11/26 06:45:38 vapier Exp $
4 4
5# @ECLASS: user.eclass 5# @ECLASS: user.eclass
6# @MAINTAINER: 6# @MAINTAINER:
7# base-system@gentoo.org (Linux) 7# base-system@gentoo.org (Linux)
8# Joe Jezak <josejx@gmail.com> (OS X) 8# Joe Jezak <josejx@gmail.com> (OS X)
11# @BLURB: user management in ebuilds 11# @BLURB: user management in ebuilds
12# @DESCRIPTION: 12# @DESCRIPTION:
13# The user eclass contains a suite of functions that allow ebuilds 13# The user eclass contains a suite of functions that allow ebuilds
14# to quickly make sure users in the installed system are sane. 14# to quickly make sure users in the installed system are sane.
15 15
16# @FUNCTION: _assert_pkg_ebuild_phase
17# @INTERNAL
18# @USAGE: <calling func name>
19_assert_pkg_ebuild_phase() {
20 case ${EBUILD_PHASE} in
21 setup|preinst|postinst) ;;
22 *)
23 eerror "'$1()' called from '${EBUILD_PHASE}()' which is not a pkg_* function."
24 eerror "Package fails at QA and at life. Please file a bug."
25 die "Bad package! $1 is only for use in pkg_* functions!"
26 esac
27}
28
16# @FUNCTION: egetent 29# @FUNCTION: egetent
17# @USAGE: <database> <key> 30# @USAGE: <database> <key>
18# @DESCRIPTION: 31# @DESCRIPTION:
19# Small wrapper for getent (Linux), nidump (< Mac OS X 10.5), 32# Small wrapper for getent (Linux), nidump (< Mac OS X 10.5),
20# dscl (Mac OS X 10.5), and pw (FreeBSD) used in enewuser()/enewgroup(). 33# dscl (Mac OS X 10.5), and pw (FreeBSD) used in enewuser()/enewgroup().
34#
35# Supported databases: group passwd
21egetent() { 36egetent() {
37 local db=$1 key=$2
38
39 [[ $# -ge 3 ]] && die "usage: egetent <database> <key>"
40
41 case ${db} in
42 passwd|group) ;;
43 *) die "sorry, database '${db}' not yet supported; file a bug" ;;
44 esac
45
22 case ${CHOST} in 46 case ${CHOST} in
23 *-darwin[678]) 47 *-darwin[678])
24 case "$2" in 48 case ${key} in
25 *[!0-9]*) # Non numeric 49 *[!0-9]*) # Non numeric
26 nidump $1 . | awk -F":" "{ if (\$1 ~ /^$2\$/) {print \$0;exit;} }" 50 nidump ${db} . | awk -F: "(\$1 ~ /^${key}\$/) {print;exit;}"
27 ;; 51 ;;
28 *) # Numeric 52 *) # Numeric
29 nidump $1 . | awk -F":" "{ if (\$3 == $2) {print \$0;exit;} }" 53 nidump ${db} . | awk -F: "(\$3 == ${key}) {print;exit;}"
30 ;; 54 ;;
31 esac 55 esac
32 ;; 56 ;;
33 *-darwin*) 57 *-darwin*)
34 local mytype=$1 58 local mykey
35 [[ "passwd" == $mytype ]] && mytype="Users"
36 [[ "group" == $mytype ]] && mytype="Groups"
37 case "$2" in 59 case ${db} in
60 passwd) db="Users" mykey="UniqueID" ;;
61 group) db="Groups" mykey="PrimaryGroupID" ;;
62 esac
63
64 case ${key} in
38 *[!0-9]*) # Non numeric 65 *[!0-9]*) # Non numeric
39 dscl . -read /$mytype/$2 2>/dev/null |grep RecordName 66 dscl . -read /${db}/${key} 2>/dev/null |grep RecordName
40 ;; 67 ;;
41 *) # Numeric 68 *) # Numeric
42 local mykey="UniqueID"
43 [[ $mytype == "Groups" ]] && mykey="PrimaryGroupID"
44 dscl . -search /$mytype $mykey $2 2>/dev/null 69 dscl . -search /${db} ${mykey} ${key} 2>/dev/null
45 ;; 70 ;;
46 esac 71 esac
47 ;; 72 ;;
48 *-freebsd*|*-dragonfly*) 73 *-freebsd*|*-dragonfly*)
49 local opts action="user" 74 case ${db} in
50 [[ $1 == "passwd" ]] || action="group" 75 passwd) db="user" ;;
76 *) ;;
77 esac
51 78
52 # lookup by uid/gid 79 # lookup by uid/gid
80 local opts
53 if [[ $2 == [[:digit:]]* ]] ; then 81 if [[ ${key} == [[:digit:]]* ]] ; then
54 [[ ${action} == "user" ]] && opts="-u" || opts="-g" 82 [[ ${db} == "user" ]] && opts="-u" || opts="-g"
55 fi 83 fi
56 84
57 pw show ${action} ${opts} "$2" -q 85 pw show ${db} ${opts} "${key}" -q
58 ;; 86 ;;
59 *-netbsd*|*-openbsd*) 87 *-netbsd*|*-openbsd*)
60 grep "$2:\*:" /etc/$1 88 grep "${key}:\*:" /etc/${db}
61 ;; 89 ;;
62 *) 90 *)
63 type -p nscd >& /dev/null && nscd -i "$1" 91 # ignore output if nscd doesn't exist, or we're not running as root
64 getent "$1" "$2" 92 nscd -i "${db}" 2>/dev/null
93 getent "${db}" "${key}"
65 ;; 94 ;;
66 esac 95 esac
67} 96}
68 97
69# @FUNCTION: enewuser 98# @FUNCTION: enewuser
70# @USAGE: <user> [uid] [shell] [homedir] [groups] [params] 99# @USAGE: <user> [uid] [shell] [homedir] [groups]
71# @DESCRIPTION: 100# @DESCRIPTION:
72# Same as enewgroup, you are not required to understand how to properly add 101# Same as enewgroup, you are not required to understand how to properly add
73# a user to the system. The only required parameter is the username. 102# a user to the system. The only required parameter is the username.
74# Default uid is (pass -1 for this) next available, default shell is 103# Default uid is (pass -1 for this) next available, default shell is
75# /bin/false, default homedir is /dev/null, there are no default groups, 104# /bin/false, default homedir is /dev/null, and there are no default groups.
76# and default params sets the comment as 'added by portage for ${PN}'.
77enewuser() { 105enewuser() {
78 case ${EBUILD_PHASE} in 106 _assert_pkg_ebuild_phase enewuser
79 unpack|compile|test|install)
80 eerror "'enewuser()' called from '${EBUILD_PHASE}()' which is not a pkg_* function."
81 eerror "Package fails at QA and at life. Please file a bug."
82 die "Bad package! enewuser is only for use in pkg_* functions!"
83 esac
84 107
85 # get the username 108 # get the username
86 local euser=$1; shift 109 local euser=$1; shift
87 if [[ -z ${euser} ]] ; then 110 if [[ -z ${euser} ]] ; then
88 eerror "No username specified !" 111 eerror "No username specified !"
115 if [[ ${euid} == "next" ]] ; then 138 if [[ ${euid} == "next" ]] ; then
116 for ((euid = 101; euid <= 999; euid++)); do 139 for ((euid = 101; euid <= 999; euid++)); do
117 [[ -z $(egetent passwd ${euid}) ]] && break 140 [[ -z $(egetent passwd ${euid}) ]] && break
118 done 141 done
119 fi 142 fi
120 opts="${opts} -u ${euid}" 143 opts+=" -u ${euid}"
121 einfo " - Userid: ${euid}" 144 einfo " - Userid: ${euid}"
122 145
123 # handle shell 146 # handle shell
124 local eshell=$1; shift 147 local eshell=$1; shift
125 if [[ ! -z ${eshell} ]] && [[ ${eshell} != "-1" ]] ; then 148 if [[ ! -z ${eshell} ]] && [[ ${eshell} != "-1" ]] ; then
147 fi 170 fi
148 171
149 eshell=${shell} 172 eshell=${shell}
150 fi 173 fi
151 einfo " - Shell: ${eshell}" 174 einfo " - Shell: ${eshell}"
152 opts="${opts} -s ${eshell}" 175 opts+=" -s ${eshell}"
153 176
154 # handle homedir 177 # handle homedir
155 local ehome=$1; shift 178 local ehome=$1; shift
156 if [[ -z ${ehome} ]] || [[ ${ehome} == "-1" ]] ; then 179 if [[ -z ${ehome} ]] || [[ ${ehome} == "-1" ]] ; then
157 ehome="/dev/null" 180 ehome="/dev/null"
158 fi 181 fi
159 einfo " - Home: ${ehome}" 182 einfo " - Home: ${ehome}"
160 opts="${opts} -d ${ehome}" 183 opts+=" -d ${ehome}"
161 184
162 # handle groups 185 # handle groups
163 local egroups=$1; shift 186 local egroups=$1; shift
164 if [[ ! -z ${egroups} ]] ; then 187 if [[ ! -z ${egroups} ]] ; then
165 local oldifs=${IFS} 188 local oldifs=${IFS}
179 fi 202 fi
180 export IFS="," 203 export IFS=","
181 done 204 done
182 export IFS=${oldifs} 205 export IFS=${oldifs}
183 206
184 opts="${opts} -g ${defgroup}" 207 opts+=" -g ${defgroup}"
185 if [[ ! -z ${exgroups} ]] ; then 208 if [[ ! -z ${exgroups} ]] ; then
186 opts="${opts} -G ${exgroups:1}" 209 opts+=" -G ${exgroups:1}"
187 fi 210 fi
188 else 211 else
189 egroups="(none)" 212 egroups="(none)"
190 fi 213 fi
191 einfo " - Groups: ${egroups}" 214 einfo " - Groups: ${egroups}"
192 215
193 # handle extra and add the user 216 # handle extra args
194 local oldsandbox=${SANDBOX_ON} 217 if [[ $# -gt 0 ]] ; then
195 export SANDBOX_ON="0" 218 die "extra arguments no longer supported; please file a bug"
219 else
220 set -- -c "added by portage for ${PN}"
221 einfo " - Extra: $@"
222 fi
223
224 # add the user
196 case ${CHOST} in 225 case ${CHOST} in
197 *-darwin*) 226 *-darwin*)
198 ### Make the user 227 ### Make the user
199 if [[ -z $@ ]] ; then
200 dscl . create /users/${euser} uid ${euid} 228 dscl . create /users/${euser} uid ${euid}
201 dscl . create /users/${euser} shell ${eshell} 229 dscl . create /users/${euser} shell ${eshell}
202 dscl . create /users/${euser} home ${ehome} 230 dscl . create /users/${euser} home ${ehome}
203 dscl . create /users/${euser} realname "added by portage for ${PN}" 231 dscl . create /users/${euser} realname "added by portage for ${PN}"
204 ### Add the user to the groups specified 232 ### Add the user to the groups specified
205 local oldifs=${IFS} 233 local oldifs=${IFS}
206 export IFS="," 234 export IFS=","
207 for g in ${egroups} ; do 235 for g in ${egroups} ; do
208 dscl . merge /groups/${g} users ${euser} 236 dscl . merge /groups/${g} users ${euser}
209 done 237 done
210 export IFS=${oldifs} 238 export IFS=${oldifs}
211 else
212 einfo "Extra options are not supported on Darwin yet"
213 einfo "Please report the ebuild along with the info below"
214 einfo "eextra: $@"
215 die "Required function missing"
216 fi
217 ;; 239 ;;
240
218 *-freebsd*|*-dragonfly*) 241 *-freebsd*|*-dragonfly*)
219 if [[ -z $@ ]] ; then
220 pw useradd ${euser} ${opts} \ 242 pw useradd ${euser} ${opts} "$@" || die
221 -c "added by portage for ${PN}" \
222 die "enewuser failed"
223 else
224 einfo " - Extra: $@"
225 pw useradd ${euser} ${opts} \
226 "$@" || die "enewuser failed"
227 fi
228 ;; 243 ;;
229 244
230 *-netbsd*) 245 *-netbsd*)
231 if [[ -z $@ ]] ; then
232 useradd ${opts} ${euser} || die "enewuser failed"
233 else
234 einfo " - Extra: $@"
235 useradd ${opts} ${euser} "$@" || die "enewuser failed" 246 useradd ${opts} ${euser} "$@" || die
236 fi
237 ;; 247 ;;
238 248
239 *-openbsd*) 249 *-openbsd*)
240 if [[ -z $@ ]] ; then 250 # all ops the same, except the -g vs -g/-G ...
241 useradd -u ${euid} -s ${eshell} \ 251 useradd -u ${euid} -s ${eshell} \
242 -d ${ehome} -c "Added by portage for ${PN}" \ 252 -d ${ehome} -g ${egroups} "$@" ${euser} || die
243 -g ${egroups} ${euser} || die "enewuser failed"
244 else
245 einfo " - Extra: $@"
246 useradd -u ${euid} -s ${eshell} \
247 -d ${ehome} -c "Added by portage for ${PN}" \
248 -g ${egroups} ${euser} "$@" || die "enewuser failed"
249 fi
250 ;; 253 ;;
251 254
252 *) 255 *)
253 if [[ -z $@ ]] ; then
254 useradd -r ${opts} \
255 -c "added by portage for ${PN}" \
256 ${euser} \
257 || die "enewuser failed"
258 else
259 einfo " - Extra: $@"
260 useradd -r ${opts} "$@" \ 256 useradd -r ${opts} "$@" ${euser} || die
261 ${euser} \
262 || die "enewuser failed"
263 fi
264 ;; 257 ;;
265 esac 258 esac
266 259
267 if [[ ! -e ${ROOT}/${ehome} ]] ; then 260 if [[ ! -e ${ROOT}/${ehome} ]] ; then
268 einfo " - Creating ${ehome} in ${ROOT}" 261 einfo " - Creating ${ehome} in ${ROOT}"
269 mkdir -p "${ROOT}/${ehome}" 262 mkdir -p "${ROOT}/${ehome}"
270 chown ${euser} "${ROOT}/${ehome}" 263 chown ${euser} "${ROOT}/${ehome}"
271 chmod 755 "${ROOT}/${ehome}" 264 chmod 755 "${ROOT}/${ehome}"
272 fi 265 fi
273
274 export SANDBOX_ON=${oldsandbox}
275} 266}
276 267
277# @FUNCTION: enewgroup 268# @FUNCTION: enewgroup
278# @USAGE: <group> [gid] 269# @USAGE: <group> [gid]
279# @DESCRIPTION: 270# @DESCRIPTION:
280# This function does not require you to understand how to properly add a 271# This function does not require you to understand how to properly add a
281# group to the system. Just give it a group name to add and enewgroup will 272# group to the system. Just give it a group name to add and enewgroup will
282# do the rest. You may specify the gid for the group or allow the group to 273# do the rest. You may specify the gid for the group or allow the group to
283# allocate the next available one. 274# allocate the next available one.
284enewgroup() { 275enewgroup() {
285 case ${EBUILD_PHASE} in 276 _assert_pkg_ebuild_phase enewgroup
286 unpack|compile|test|install)
287 eerror "'enewgroup()' called from '${EBUILD_PHASE}()' which is not a pkg_* function."
288 eerror "Package fails at QA and at life. Please file a bug."
289 die "Bad package! enewgroup is only for use in pkg_* functions!"
290 esac
291 277
292 # get the group 278 # get the group
293 local egroup="$1"; shift 279 local egroup="$1"; shift
294 if [ -z "${egroup}" ] 280 if [ -z "${egroup}" ]
295 then 281 then
313 if [ "${egid}" -gt 0 ] 299 if [ "${egid}" -gt 0 ]
314 then 300 then
315 if [ -z "`egetent group ${egid}`" ] 301 if [ -z "`egetent group ${egid}`" ]
316 then 302 then
317 if [[ "${CHOST}" == *-darwin* ]]; then 303 if [[ "${CHOST}" == *-darwin* ]]; then
318 opts="${opts} ${egid}" 304 opts+=" ${egid}"
319 else 305 else
320 opts="${opts} -g ${egid}" 306 opts+=" -g ${egid}"
321 fi 307 fi
322 else 308 else
323 egid="next available; requested gid taken" 309 egid="next available; requested gid taken"
324 fi 310 fi
325 else 311 else
330 egid="next available" 316 egid="next available"
331 fi 317 fi
332 einfo " - Groupid: ${egid}" 318 einfo " - Groupid: ${egid}"
333 319
334 # handle extra 320 # handle extra
335 local eextra="$@" 321 if [ $# -gt 0 ] ; then
336 opts="${opts} ${eextra}" 322 die "extra arguments no longer supported; please file a bug"
323 fi
337 324
338 # add the group 325 # add the group
339 local oldsandbox="${SANDBOX_ON}"
340 export SANDBOX_ON="0"
341 case ${CHOST} in 326 case ${CHOST} in
342 *-darwin*) 327 *-darwin*)
343 if [ ! -z "${eextra}" ];
344 then
345 einfo "Extra options are not supported on Darwin/OS X yet"
346 einfo "Please report the ebuild along with the info below"
347 einfo "eextra: ${eextra}"
348 die "Required function missing"
349 fi
350
351 # If we need the next available 328 # If we need the next available
352 case ${egid} in 329 case ${egid} in
353 *[!0-9]*) # Non numeric 330 *[!0-9]*) # Non numeric
354 for ((egid = 101; egid <= 999; egid++)); do 331 for ((egid = 101; egid <= 999; egid++)); do
355 [[ -z $(egetent group ${egid}) ]] && break 332 [[ -z $(egetent group ${egid}) ]] && break
364 *[!0-9]*) # Non numeric 341 *[!0-9]*) # Non numeric
365 for ((egid = 101; egid <= 999; egid++)); do 342 for ((egid = 101; egid <= 999; egid++)); do
366 [[ -z $(egetent group ${egid}) ]] && break 343 [[ -z $(egetent group ${egid}) ]] && break
367 done 344 done
368 esac 345 esac
369 pw groupadd ${egroup} -g ${egid} || die "enewgroup failed" 346 pw groupadd ${egroup} -g ${egid} || die
370 ;; 347 ;;
371 348
372 *-netbsd*) 349 *-netbsd*)
373 case ${egid} in 350 case ${egid} in
374 *[!0-9]*) # Non numeric 351 *[!0-9]*) # Non numeric
375 for ((egid = 101; egid <= 999; egid++)); do 352 for ((egid = 101; egid <= 999; egid++)); do
376 [[ -z $(egetent group ${egid}) ]] && break 353 [[ -z $(egetent group ${egid}) ]] && break
377 done 354 done
378 esac 355 esac
379 groupadd -g ${egid} ${egroup} || die "enewgroup failed" 356 groupadd -g ${egid} ${egroup} || die
380 ;; 357 ;;
381 358
382 *) 359 *)
383 # We specify -r so that we get a GID in the system range from login.defs 360 # We specify -r so that we get a GID in the system range from login.defs
384 groupadd -r ${opts} ${egroup} || die "enewgroup failed" 361 groupadd -r ${opts} ${egroup} || die
385 ;; 362 ;;
386 esac 363 esac
387 export SANDBOX_ON="${oldsandbox}"
388} 364}
389 365
366# @FUNCTION: egethome
367# @USAGE: <user>
368# @DESCRIPTION:
390# Gets the home directory for the specified user 369# Gets the home directory for the specified user.
391# it's a wrap around egetent as the position of the home directory in the line
392# varies depending on the os used.
393#
394# To use that, inherit eutils, not portability!
395egethome() { 370egethome() {
396 ent=$(egetent passwd $1) 371 local pos
372
373 [[ $# -eq 1 ]] || die "usage: egethome <user>"
397 374
398 case ${CHOST} in 375 case ${CHOST} in
399 *-darwin*|*-freebsd*|*-dragonfly*) 376 *-darwin*|*-freebsd*|*-dragonfly*)
400 # Darwin, OSX, FreeBSD and DragonFly use position 9 to store homedir 377 pos=9
401 echo ${ent} | cut -d: -f9
402 ;; 378 ;;
403 *) 379 *) # Linux, NetBSD, OpenBSD, etc...
404 # Linux, NetBSD and OpenBSD use position 6 instead 380 pos=6
405 echo ${ent} | cut -d: -f6
406 ;; 381 ;;
407 esac 382 esac
408}
409 383
384 egetent passwd $1 | cut -d: -f${pos}
385}
386
387# @FUNCTION: egetshell
388# @USAGE: <user>
389# @DESCRIPTION:
410# Gets the shell for the specified user 390# Gets the shell for the specified user.
411# it's a wrap around egetent as the position of the home directory in the line
412# varies depending on the os used.
413#
414# To use that, inherit eutils, not portability!
415egetshell() { 391egetshell() {
416 ent=$(egetent passwd "$1") 392 local pos
393
394 [[ $# -eq 1 ]] || die "usage: egetshell <user>"
417 395
418 case ${CHOST} in 396 case ${CHOST} in
419 *-darwin*|*-freebsd*|*-dragonfly*) 397 *-darwin*|*-freebsd*|*-dragonfly*)
420 # Darwin, OSX, FreeBSD and DragonFly use position 9 to store homedir 398 pos=10
421 echo ${ent} | cut -d: -f10
422 ;; 399 ;;
423 *) 400 *) # Linux, NetBSD, OpenBSD, etc...
424 # Linux, NetBSD and OpenBSD use position 6 instead 401 pos=7
425 echo ${ent} cut -d: -f7
426 ;; 402 ;;
427 esac 403 esac
428}
429 404
430# Returns true if specified user has a shell that precludes logins 405 egetent passwd "$1" | cut -d: -f${pos}
431# on whichever operating system.
432is-login-disabled() {
433 shell=$(egetshell "$1")
434
435 case ${shell} in
436 /bin/false|/usr/bin/false|/sbin/nologin|/usr/sbin/nologin)
437 return 0 ;;
438 *)
439 return 1 ;;
440 esac
441} 406}

Legend:
Removed from v.1.1  
changed lines
  Added in v.1.12

  ViewVC Help
Powered by ViewVC 1.1.20