diff options
Diffstat (limited to 'meta/classes/useradd_base.bbclass')
-rw-r--r-- | meta/classes/useradd_base.bbclass | 60 |
1 files changed, 40 insertions, 20 deletions
diff --git a/meta/classes/useradd_base.bbclass b/meta/classes/useradd_base.bbclass index 0d81accd1a..863cb7b76c 100644 --- a/meta/classes/useradd_base.bbclass +++ b/meta/classes/useradd_base.bbclass @@ -1,3 +1,9 @@ +# +# Copyright OpenEmbedded Contributors +# +# SPDX-License-Identifier: MIT +# + # This bbclass provides basic functionality for user/group settings. # This bbclass is intended to be inherited by useradd.bbclass and # extrausers.bbclass. @@ -17,7 +23,6 @@ perform_groupadd () { local groupname=`echo "$opts" | awk '{ print $NF }'` local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" if test "x$group_exists" = "x"; then - opts=`echo $opts | sed s/\'/\"/g` eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupadd \$opts\" || true group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" if test "x$group_exists" = "x"; then @@ -35,7 +40,6 @@ perform_useradd () { local username=`echo "$opts" | awk '{ print $NF }'` local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" = "x"; then - opts=`echo $opts | sed s/\'/\"/g` eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO useradd \$opts\" || true user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" if test "x$user_exists" = "x"; then @@ -53,28 +57,16 @@ perform_groupmems () { local groupname=`echo "$opts" | awk '{ for (i = 1; i < NF; i++) if ($i == "-g" || $i == "--group") print $(i+1) }'` local username=`echo "$opts" | awk '{ for (i = 1; i < NF; i++) if ($i == "-a" || $i == "--add") print $(i+1) }'` bbnote "${PN}: Running groupmems command with group $groupname and user $username" - # groupmems fails if /etc/gshadow does not exist - local gshadow="" - if [ -f $rootdir${sysconfdir}/gshadow ]; then - gshadow="yes" - else - gshadow="no" - touch $rootdir${sysconfdir}/gshadow - fi - local mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`" + local mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*$" $rootdir/etc/group || true`" if test "x$mem_exists" = "x"; then eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupmems \$opts\" || true - mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $rootdir/etc/group || true`" + mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*$" $rootdir/etc/group || true`" if test "x$mem_exists" = "x"; then bbfatal "${PN}: groupmems command did not succeed." fi else bbnote "${PN}: group $groupname already contains $username, not re-adding it" fi - if test "x$gshadow" = "xno"; then - rm -f $rootdir${sysconfdir}/gshadow - rm -f $rootdir${sysconfdir}/gshadow- - fi } perform_groupdel () { @@ -83,11 +75,21 @@ perform_groupdel () { bbnote "${PN}: Performing groupdel with [$opts]" local groupname=`echo "$opts" | awk '{ print $NF }'` local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" + if test "x$group_exists" != "x"; then - eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupdel \$opts\" || true - group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" - if test "x$group_exists" != "x"; then - bbfatal "${PN}: groupdel command did not succeed." + local awk_input='BEGIN {FS=":"}; $1=="'$groupname'" { print $3 }' + local groupid=`echo "$awk_input" | awk -f- $rootdir/etc/group` + local awk_check_users='BEGIN {FS=":"}; $4=="'$groupid'" {print $1}' + local other_users=`echo "$awk_check_users" | awk -f- $rootdir/etc/passwd` + + if test "x$other_users" = "x"; then + eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupdel \$opts\" || true + group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" + if test "x$group_exists" != "x"; then + bbfatal "${PN}: groupdel command did not succeed." + fi + else + bbnote "${PN}: '$groupname' is primary group for users '$other_users', not removing it" fi else bbnote "${PN}: group $groupname doesn't exist, not removing it" @@ -149,3 +151,21 @@ perform_usermod () { fi set -e } + +perform_passwd_expire () { + local rootdir="$1" + local opts="$2" + bbnote "${PN}: Performing equivalent of passwd --expire with [$opts]" + # Directly set sp_lstchg to 0 without using the passwd command: Only root can do that + local username=`echo "$opts" | awk '{ print $NF }'` + local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" + if test "x$user_exists" != "x"; then + eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO sed -i \''s/^\('$username':[^:]*\):[^:]*:/\1:0:/'\' $rootdir/etc/shadow \" || true + local passwd_lastchanged="`grep "^$username:" $rootdir/etc/shadow | cut -d: -f3`" + if test "x$passwd_lastchanged" != "x0"; then + bbfatal "${PN}: passwd --expire operation did not succeed." + fi + else + bbnote "${PN}: user $username doesn't exist, not expiring its password" + fi +} |