/[gentoo-x86]/eclass/user.eclass
Gentoo

Diff of /eclass/user.eclass

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 1.9 Revision 1.21
1# Copyright 1999-2011 Gentoo Foundation 1# Copyright 1999-2012 Gentoo Foundation
2# Distributed under the terms of the GNU General Public License v2 2# Distributed under the terms of the GNU General Public License v2
3# $Header: /var/cvsroot/gentoo-x86/eclass/user.eclass,v 1.9 2011/11/03 15:29:39 vapier Exp $ 3# $Header: /var/cvsroot/gentoo-x86/eclass/user.eclass,v 1.21 2012/06/22 18:57:33 axs Exp $
4 4
5# @ECLASS: user.eclass 5# @ECLASS: user.eclass
6# @MAINTAINER: 6# @MAINTAINER:
7# base-system@gentoo.org (Linux) 7# base-system@gentoo.org (Linux)
8# Joe Jezak <josejx@gmail.com> (OS X) 8# Joe Jezak <josejx@gmail.com> (OS X)
11# @BLURB: user management in ebuilds 11# @BLURB: user management in ebuilds
12# @DESCRIPTION: 12# @DESCRIPTION:
13# The user eclass contains a suite of functions that allow ebuilds 13# The user eclass contains a suite of functions that allow ebuilds
14# to quickly make sure users in the installed system are sane. 14# to quickly make sure users in the installed system are sane.
15 15
16if [[ ${___ECLASS_ONCE_USER} != "recur -_+^+_- spank" ]] ; then
17___ECLASS_ONCE_USER="recur -_+^+_- spank"
18
16# @FUNCTION: _assert_pkg_ebuild_phase 19# @FUNCTION: _assert_pkg_ebuild_phase
17# @INTERNAL 20# @INTERNAL
18# @USAGE: <calling func name> 21# @USAGE: <calling func name>
19_assert_pkg_ebuild_phase() { 22_assert_pkg_ebuild_phase() {
20 case ${EBUILD_PHASE} in 23 case ${EBUILD_PHASE} in
21 unpack|prepare|configure|compile|test|install) 24 setup|preinst|postinst) ;;
25 *)
22 eerror "'$1()' called from '${EBUILD_PHASE}()' which is not a pkg_* function." 26 eerror "'$1()' called from '${EBUILD_PHASE}' phase which is not OK:"
27 eerror "You may only call from pkg_{setup,preinst,postinst} functions."
23 eerror "Package fails at QA and at life. Please file a bug." 28 eerror "Package fails at QA and at life. Please file a bug."
24 die "Bad package! $1 is only for use in pkg_* functions!" 29 die "Bad package! $1 is only for use in some pkg_* functions!"
25 esac 30 esac
26} 31}
27 32
28# @FUNCTION: egetent 33# @FUNCTION: egetent
29# @USAGE: <database> <key> 34# @USAGE: <database> <key>
76 esac 81 esac
77 82
78 # lookup by uid/gid 83 # lookup by uid/gid
79 local opts 84 local opts
80 if [[ ${key} == [[:digit:]]* ]] ; then 85 if [[ ${key} == [[:digit:]]* ]] ; then
81 [[ ${action} == "user" ]] && opts="-u" || opts="-g" 86 [[ ${db} == "user" ]] && opts="-u" || opts="-g"
82 fi 87 fi
83 88
84 pw show ${action} ${opts} "${key}" -q 89 pw show ${db} ${opts} "${key}" -q
85 ;; 90 ;;
86 *-netbsd*|*-openbsd*) 91 *-netbsd*|*-openbsd*)
87 grep "${key}:\*:" /etc/${db} 92 grep "${key}:\*:" /etc/${db}
88 ;; 93 ;;
89 *) 94 *)
100# Same as enewgroup, you are not required to understand how to properly add 105# Same as enewgroup, you are not required to understand how to properly add
101# a user to the system. The only required parameter is the username. 106# a user to the system. The only required parameter is the username.
102# Default uid is (pass -1 for this) next available, default shell is 107# Default uid is (pass -1 for this) next available, default shell is
103# /bin/false, default homedir is /dev/null, and there are no default groups. 108# /bin/false, default homedir is /dev/null, and there are no default groups.
104enewuser() { 109enewuser() {
105 _assert_pkg_ebuild_phase enewuser 110 _assert_pkg_ebuild_phase ${FUNCNAME}
106 111
107 # get the username 112 # get the username
108 local euser=$1; shift 113 local euser=$1; shift
109 if [[ -z ${euser} ]] ; then 114 if [[ -z ${euser} ]] ; then
110 eerror "No username specified !" 115 eerror "No username specified !"
116 return 0 121 return 0
117 fi 122 fi
118 einfo "Adding user '${euser}' to your system ..." 123 einfo "Adding user '${euser}' to your system ..."
119 124
120 # options to pass to useradd 125 # options to pass to useradd
121 local opts= 126 local opts=()
122 127
123 # handle uid 128 # handle uid
124 local euid=$1; shift 129 local euid=$1; shift
125 if [[ -n ${euid} && ${euid} != -1 ]] ; then 130 if [[ -n ${euid} && ${euid} != -1 ]] ; then
126 if [[ ${euid} -gt 0 ]] ; then 131 if [[ ${euid} -gt 0 ]] ; then
137 if [[ ${euid} == "next" ]] ; then 142 if [[ ${euid} == "next" ]] ; then
138 for ((euid = 101; euid <= 999; euid++)); do 143 for ((euid = 101; euid <= 999; euid++)); do
139 [[ -z $(egetent passwd ${euid}) ]] && break 144 [[ -z $(egetent passwd ${euid}) ]] && break
140 done 145 done
141 fi 146 fi
142 opts+=" -u ${euid}" 147 opts+=( -u ${euid} )
143 einfo " - Userid: ${euid}" 148 einfo " - Userid: ${euid}"
144 149
145 # handle shell 150 # handle shell
146 local eshell=$1; shift 151 local eshell=$1; shift
147 if [[ ! -z ${eshell} ]] && [[ ${eshell} != "-1" ]] ; then 152 if [[ ! -z ${eshell} ]] && [[ ${eshell} != "-1" ]] ; then
152 if [[ ${eshell} == */false || ${eshell} == */nologin ]] ; then 157 if [[ ${eshell} == */false || ${eshell} == */nologin ]] ; then
153 eerror "Do not specify ${eshell} yourself, use -1" 158 eerror "Do not specify ${eshell} yourself, use -1"
154 die "Pass '-1' as the shell parameter" 159 die "Pass '-1' as the shell parameter"
155 fi 160 fi
156 else 161 else
157 for shell in /sbin/nologin /usr/sbin/nologin /bin/false /usr/bin/false /dev/null ; do 162 for eshell in /sbin/nologin /usr/sbin/nologin /bin/false /usr/bin/false /dev/null ; do
158 [[ -x ${ROOT}${shell} ]] && break 163 [[ -x ${ROOT}${eshell} ]] && break
159 done 164 done
160 165
161 if [[ ${shell} == "/dev/null" ]] ; then 166 if [[ ${eshell} == "/dev/null" ]] ; then
162 eerror "Unable to identify the shell to use, proceeding with userland default." 167 eerror "Unable to identify the shell to use, proceeding with userland default."
163 case ${USERLAND} in 168 case ${USERLAND} in
164 GNU) shell="/bin/false" ;; 169 GNU) eshell="/bin/false" ;;
165 BSD) shell="/sbin/nologin" ;; 170 BSD) eshell="/sbin/nologin" ;;
166 Darwin) shell="/usr/sbin/nologin" ;; 171 Darwin) eshell="/usr/sbin/nologin" ;;
167 *) die "Unable to identify the default shell for userland ${USERLAND}" 172 *) die "Unable to identify the default shell for userland ${USERLAND}"
168 esac 173 esac
169 fi 174 fi
170
171 eshell=${shell}
172 fi 175 fi
173 einfo " - Shell: ${eshell}" 176 einfo " - Shell: ${eshell}"
174 opts+=" -s ${eshell}" 177 opts+=( -s "${eshell}" )
175 178
176 # handle homedir 179 # handle homedir
177 local ehome=$1; shift 180 local ehome=$1; shift
178 if [[ -z ${ehome} ]] || [[ ${ehome} == "-1" ]] ; then 181 if [[ -z ${ehome} ]] || [[ ${ehome} == "-1" ]] ; then
179 ehome="/dev/null" 182 ehome="/dev/null"
180 fi 183 fi
181 einfo " - Home: ${ehome}" 184 einfo " - Home: ${ehome}"
182 opts+=" -d ${ehome}" 185 opts+=( -d "${ehome}" )
183 186
184 # handle groups 187 # handle groups
185 local egroups=$1; shift 188 local egroups=$1; shift
186 if [[ ! -z ${egroups} ]] ; then 189 local g egroups_arr
187 local oldifs=${IFS} 190 IFS="," read -r -a egroups_arr <<<"${egroups}"
191 shift
192 if [[ ${#egroups_arr[@]} -gt 0 ]] ; then
188 local defgroup="" exgroups="" 193 local defgroup exgroups
189
190 export IFS=","
191 for g in ${egroups} ; do 194 for g in "${egroups_arr[@]}" ; do
192 export IFS=${oldifs}
193 if [[ -z $(egetent group "${g}") ]] ; then 195 if [[ -z $(egetent group "${g}") ]] ; then
194 eerror "You must add group ${g} to the system first" 196 eerror "You must add group ${g} to the system first"
195 die "${g} is not a valid GID" 197 die "${g} is not a valid GID"
196 fi 198 fi
197 if [[ -z ${defgroup} ]] ; then 199 if [[ -z ${defgroup} ]] ; then
198 defgroup=${g} 200 defgroup=${g}
199 else 201 else
200 exgroups="${exgroups},${g}" 202 exgroups+=",${g}"
201 fi 203 fi
202 export IFS=","
203 done 204 done
204 export IFS=${oldifs}
205
206 opts+=" -g ${defgroup}" 205 opts+=( -g "${defgroup}" )
207 if [[ ! -z ${exgroups} ]] ; then 206 if [[ ! -z ${exgroups} ]] ; then
208 opts+=" -G ${exgroups:1}" 207 opts+=( -G "${exgroups:1}" )
209 fi
210 else
211 egroups="(none)"
212 fi 208 fi
209 fi
213 einfo " - Groups: ${egroups}" 210 einfo " - Groups: ${egroups:-(none)}"
214 211
215 # handle extra args 212 # handle extra args
216 if [[ $# -gt 0 ]] ; then 213 if [[ $# -gt 0 ]] ; then
217 die "extra arguments no longer supported; please file a bug" 214 die "extra arguments no longer supported; please file a bug"
218 else 215 else
219 set -- -c "added by portage for ${PN}" 216 local comment="added by portage for ${PN}"
220 einfo " - Extra: $@" 217 opts+=( -c "${comment}" )
218 einfo " - GECOS: ${comment}"
221 fi 219 fi
222 220
223 # add the user 221 # add the user
224 local oldsandbox=${SANDBOX_ON}
225 export SANDBOX_ON="0"
226 case ${CHOST} in 222 case ${CHOST} in
227 *-darwin*) 223 *-darwin*)
228 ### Make the user 224 ### Make the user
229 dscl . create /users/${euser} uid ${euid} 225 dscl . create "/users/${euser}" uid ${euid}
230 dscl . create /users/${euser} shell ${eshell} 226 dscl . create "/users/${euser}" shell "${eshell}"
231 dscl . create /users/${euser} home ${ehome} 227 dscl . create "/users/${euser}" home "${ehome}"
232 dscl . create /users/${euser} realname "added by portage for ${PN}" 228 dscl . create "/users/${euser}" realname "added by portage for ${PN}"
233 ### Add the user to the groups specified 229 ### Add the user to the groups specified
234 local oldifs=${IFS}
235 export IFS=","
236 for g in ${egroups} ; do 230 for g in "${egroups_arr[@]}" ; do
237 dscl . merge /groups/${g} users ${euser} 231 dscl . merge "/groups/${g}" users "${euser}"
238 done 232 done
239 export IFS=${oldifs}
240 ;; 233 ;;
241 234
242 *-freebsd*|*-dragonfly*) 235 *-freebsd*|*-dragonfly*)
243 pw useradd ${euser} ${opts} "$@" || die 236 pw useradd "${euser}" "${opts[@]}" || die
244 ;; 237 ;;
245 238
246 *-netbsd*) 239 *-netbsd*)
247 useradd ${opts} ${euser} "$@" || die 240 useradd "${opts[@]}" "${euser}" || die
248 ;; 241 ;;
249 242
250 *-openbsd*) 243 *-openbsd*)
251 # all ops the same, except the -g vs -g/-G ... 244 # all ops the same, except the -g vs -g/-G ...
252 useradd -u ${euid} -s ${eshell} \ 245 useradd -u ${euid} -s "${eshell}" \
253 -d ${ehome} -g ${egroups} "$@" ${euser} || die 246 -d "${ehome}" -g "${egroups}" "${euser}" || die
254 ;; 247 ;;
255 248
256 *) 249 *)
257 useradd -r ${opts} "$@" ${euser} || die 250 useradd -r "${opts[@]}" "${euser}" || die
258 ;; 251 ;;
259 esac 252 esac
260 253
261 if [[ ! -e ${ROOT}/${ehome} ]] ; then 254 if [[ ! -e ${ROOT}/${ehome} ]] ; then
262 einfo " - Creating ${ehome} in ${ROOT}" 255 einfo " - Creating ${ehome} in ${ROOT}"
263 mkdir -p "${ROOT}/${ehome}" 256 mkdir -p "${ROOT}/${ehome}"
264 chown ${euser} "${ROOT}/${ehome}" 257 chown "${euser}" "${ROOT}/${ehome}"
265 chmod 755 "${ROOT}/${ehome}" 258 chmod 755 "${ROOT}/${ehome}"
266 fi 259 fi
267
268 export SANDBOX_ON=${oldsandbox}
269} 260}
270 261
271# @FUNCTION: enewgroup 262# @FUNCTION: enewgroup
272# @USAGE: <group> [gid] 263# @USAGE: <group> [gid]
273# @DESCRIPTION: 264# @DESCRIPTION:
274# This function does not require you to understand how to properly add a 265# This function does not require you to understand how to properly add a
275# group to the system. Just give it a group name to add and enewgroup will 266# group to the system. Just give it a group name to add and enewgroup will
276# do the rest. You may specify the gid for the group or allow the group to 267# do the rest. You may specify the gid for the group or allow the group to
277# allocate the next available one. 268# allocate the next available one.
278enewgroup() { 269enewgroup() {
279 _assert_pkg_ebuild_phase enewgroup 270 _assert_pkg_ebuild_phase ${FUNCNAME}
280 271
281 # get the group 272 # get the group
282 local egroup="$1"; shift 273 local egroup=$1; shift
283 if [ -z "${egroup}" ] 274 if [[ -z ${egroup} ]] ; then
284 then
285 eerror "No group specified !" 275 eerror "No group specified !"
286 die "Cannot call enewgroup without a group" 276 die "Cannot call enewgroup without a group"
287 fi 277 fi
288 278
289 # see if group already exists 279 # see if group already exists
290 if [[ -n $(egetent group "${egroup}") ]]; then 280 if [[ -n $(egetent group "${egroup}") ]] ; then
291 return 0 281 return 0
292 fi 282 fi
293 einfo "Adding group '${egroup}' to your system ..." 283 einfo "Adding group '${egroup}' to your system ..."
294 284
295 # options to pass to useradd
296 local opts=
297
298 # handle gid 285 # handle gid
299 local egid="$1"; shift 286 local egid=$1; shift
300 if [ ! -z "${egid}" ] 287 if [[ ! -z ${egid} ]] ; then
301 then
302 if [ "${egid}" -gt 0 ] 288 if [[ ${egid} -gt 0 ]] ; then
303 then
304 if [ -z "`egetent group ${egid}`" ] 289 if [[ -n $(egetent group ${egid}) ]] ; then
305 then
306 if [[ "${CHOST}" == *-darwin* ]]; then
307 opts+=" ${egid}"
308 else
309 opts+=" -g ${egid}"
310 fi
311 else
312 egid="next available; requested gid taken" 290 egid="next available; requested gid taken"
313 fi 291 fi
314 else 292 else
315 eerror "Groupid given but is not greater than 0 !" 293 eerror "Groupid given but is not greater than 0 !"
316 die "${egid} is not a valid GID" 294 die "${egid} is not a valid GID"
319 egid="next available" 297 egid="next available"
320 fi 298 fi
321 einfo " - Groupid: ${egid}" 299 einfo " - Groupid: ${egid}"
322 300
323 # handle extra 301 # handle extra
324 if [ $# -gt 0 ] ; then 302 if [[ $# -gt 0 ]] ; then
325 die "extra arguments no longer supported; please file a bug" 303 die "extra arguments no longer supported; please file a bug"
326 fi 304 fi
327 305
328 # add the group 306 # Some targets need to find the next available GID manually
329 local oldsandbox="${SANDBOX_ON}" 307 _enewgroup_next_gid() {
330 export SANDBOX_ON="0" 308 if [[ ${egid} == *[!0-9]* ]] ; then
331 case ${CHOST} in 309 # Non numeric
332 *-darwin*)
333 # If we need the next available
334 case ${egid} in
335 *[!0-9]*) # Non numeric
336 for ((egid = 101; egid <= 999; egid++)); do 310 for ((egid = 101; egid <= 999; egid++)) ; do
337 [[ -z $(egetent group ${egid}) ]] && break 311 [[ -z $(egetent group ${egid}) ]] && break
338 done 312 done
339 esac 313 fi
314 }
315
316 # add the group
317 case ${CHOST} in
318 *-darwin*)
319 _enewgroup_next_gid
340 dscl . create /groups/${egroup} gid ${egid} 320 dscl . create "/groups/${egroup}" gid ${egid}
341 dscl . create /groups/${egroup} passwd '*' 321 dscl . create "/groups/${egroup}" passwd '*'
342 ;; 322 ;;
343 323
344 *-freebsd*|*-dragonfly*) 324 *-freebsd*|*-dragonfly*)
345 case ${egid} in 325 _enewgroup_next_gid
346 *[!0-9]*) # Non numeric
347 for ((egid = 101; egid <= 999; egid++)); do
348 [[ -z $(egetent group ${egid}) ]] && break
349 done
350 esac
351 pw groupadd ${egroup} -g ${egid} || die 326 pw groupadd "${egroup}" -g ${egid} || die
352 ;; 327 ;;
353 328
354 *-netbsd*) 329 *-netbsd*)
355 case ${egid} in 330 _enewgroup_next_gid
356 *[!0-9]*) # Non numeric
357 for ((egid = 101; egid <= 999; egid++)); do
358 [[ -z $(egetent group ${egid}) ]] && break
359 done
360 esac
361 groupadd -g ${egid} ${egroup} || die 331 groupadd -g ${egid} "${egroup}" || die
362 ;; 332 ;;
363 333
364 *) 334 *)
335 local opts
336 if [[ ${egid} == *[!0-9]* ]] ; then
337 # Non numeric; let groupadd figure out a GID for us
338 opts=""
339 else
340 opts="-g ${egid}"
341 fi
365 # We specify -r so that we get a GID in the system range from login.defs 342 # We specify -r so that we get a GID in the system range from login.defs
366 groupadd -r ${opts} ${egroup} || die 343 groupadd -r ${opts} "${egroup}" || die
367 ;; 344 ;;
368 esac 345 esac
369 export SANDBOX_ON="${oldsandbox}"
370} 346}
371 347
372# @FUNCTION: egethome 348# @FUNCTION: egethome
373# @USAGE: <user> 349# @USAGE: <user>
374# @DESCRIPTION: 350# @DESCRIPTION:
385 *) # Linux, NetBSD, OpenBSD, etc... 361 *) # Linux, NetBSD, OpenBSD, etc...
386 pos=6 362 pos=6
387 ;; 363 ;;
388 esac 364 esac
389 365
390 egetent passwd $1 | cut -d: -f${pos} 366 egetent passwd "$1" | cut -d: -f${pos}
391} 367}
392 368
393# @FUNCTION: egetshell 369# @FUNCTION: egetshell
394# @USAGE: <user> 370# @USAGE: <user>
395# @DESCRIPTION: 371# @DESCRIPTION:
408 ;; 384 ;;
409 esac 385 esac
410 386
411 egetent passwd "$1" | cut -d: -f${pos} 387 egetent passwd "$1" | cut -d: -f${pos}
412} 388}
389
390# @FUNCTION: esethome
391# @USAGE: <user> <homedir>
392# @DESCRIPTION:
393# Update the home directory in a platform-agnostic way.
394# Required parameters is the username and the new home directory.
395# Specify -1 if you want to set home to the enewuser default
396# of /dev/null.
397# If the new home directory does not exist, it is created.
398# Any previously existing home directory is NOT moved.
399esethome() {
400 _assert_pkg_ebuild_phase ${FUNCNAME}
401
402 # get the username
403 local euser=$1; shift
404 if [[ -z ${euser} ]] ; then
405 eerror "No username specified !"
406 die "Cannot call esethome without a username"
407 fi
408
409 # lets see if the username already exists
410 if [[ -z $(egetent passwd "${euser}") ]] ; then
411 ewarn "User does not exist, cannot set home dir -- skipping."
412 return 1
413 fi
414
415 # handle homedir
416 local ehome=$1; shift
417 if [[ -z ${ehome} ]] ; then
418 eerror "No home directory specified !"
419 die "Cannot call esethome without a home directory or '-1'"
420 fi
421
422 if [[ ${ehome} == "-1" ]] ; then
423 ehome="/dev/null"
424 fi
425 einfo " - Home: ${ehome}"
426
427 # ensure home directory exists, otherwise update will fail
428 if [[ ! -e ${ROOT}/${ehome} ]] ; then
429 einfo " - Creating ${ehome} in ${ROOT}"
430 mkdir -p "${ROOT}/${ehome}"
431 chown "${euser}" "${ROOT}/${ehome}"
432 chmod 755 "${ROOT}/${ehome}"
433 fi
434
435 # update the home directory
436 case ${CHOST} in
437 *-darwin*)
438 dscl . change "/users/${euser}" home "${ehome}"
439 ;;
440
441 *-freebsd*|*-dragonfly*)
442 pw usermod "${euser}" -d "${ehome}" && return 0
443 [[ $? == 8 ]] && eerror "${euser} is in use, cannot update home"
444 eerror "There was an error when attempting to update the home directory for ${euser}"
445 eerror "Please update it manually on your system:"
446 eerror "\t pw usermod \"${euser}\" -d \"${ehome}\""
447 ;;
448
449 *)
450 usermod -d "${ehome}" "${euser}" && return 0
451 [[ $? == 8 ]] && eerror "${euser} is in use, cannot update home"
452 eerror "There was an error when attempting to update the home directory for ${euser}"
453 eerror "Please update it manually on your system (as root):"
454 eerror "\t usermod -d \"${ehome}\" \"${euser}\""
455 ;;
456 esac
457}
458
459fi

Legend:
Removed from v.1.9  
changed lines
  Added in v.1.21

  ViewVC Help
Powered by ViewVC 1.1.20