Line
Link Here
|
0 |
-- a/eclass/acct-user.eclass |
0 |
++ b/eclass/acct-user.eclass |
Lines 194-201
Link Here
|
194 |
*) |
194 |
*) |
195 |
# NB: 'no password' and 'locked' are indistinguishable |
195 |
# NB: 'no password' and 'locked' are indistinguishable |
196 |
# but we also expire the account which is more clear |
196 |
# but we also expire the account which is more clear |
197 |
[[ $(getent shadow "$1" | cut -d: -f2) == '!'* ]] && |
197 |
[[ $(egetent shadow "$1" | cut -d: -f2) == '!'* ]] && |
198 |
[[ $(getent shadow "$1" | cut -d: -f8) == 1 ]] |
198 |
[[ $(egetent shadow "$1" | cut -d: -f8) == 1 ]] |
199 |
;; |
199 |
;; |
200 |
esac |
200 |
esac |
201 |
} |
201 |
} |
Lines 237-243
Link Here
|
237 |
;; |
237 |
;; |
238 |
|
238 |
|
239 |
*) |
239 |
*) |
240 |
usermod -e 1 -L "$1" || die "Locking account $1 failed" |
240 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
241 |
usermod -e 1 -L "$1" || die "Locking account $1 failed" |
242 |
else |
243 |
usermod --prefix "$ROOT" -e 1 -L "$1" || die "Locking account $1 failed" |
244 |
fi |
241 |
;; |
245 |
;; |
242 |
esac |
246 |
esac |
243 |
|
247 |
|
Lines 281-287
Link Here
|
281 |
|
285 |
|
282 |
*) |
286 |
*) |
283 |
# silence warning if account does not have a password |
287 |
# silence warning if account does not have a password |
284 |
usermod -e "" -U "$1" 2>/dev/null || die "Unlocking account $1 failed" |
288 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
289 |
usermod -e "" -U "$1" 2>/dev/null || die "Unlocking account $1 failed" |
290 |
else |
291 |
usermod --prefix "$ROOT" -e "" -U "$1" 2>/dev/null || die "Unlocking account $1 failed" |
292 |
fi |
285 |
;; |
293 |
;; |
286 |
esac |
294 |
esac |
287 |
|
295 |
|
288 |
-- a/eclass/user.eclass |
296 |
++ b/eclass/user.eclass |
Lines 108-114
Link Here
|
108 |
if [[ -n $(egetent passwd "${euser}") ]] ; then |
108 |
if [[ -n $(egetent passwd "${euser}") ]] ; then |
109 |
return 0 |
109 |
return 0 |
110 |
fi |
110 |
fi |
111 |
elog "Adding user '${euser}' to your system ..." |
111 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
112 |
einfo "Adding user '${euser}' to your system ..." |
113 |
else |
114 |
einfo "Adding user '${euser}' to ${ROOT} ..." |
115 |
fi |
112 |
|
116 |
|
113 |
# options to pass to useradd |
117 |
# options to pass to useradd |
114 |
local opts=() |
118 |
local opts=() |
Lines 213-218
Link Here
|
213 |
;; |
217 |
;; |
214 |
|
218 |
|
215 |
*) |
219 |
*) |
|
|
220 |
if [[ "${ROOT}" != "/" ]] ; then |
221 |
opts+=( --prefix "${ROOT}" ) |
222 |
fi |
216 |
useradd -M -N -r "${opts[@]}" "${euser}" || die |
223 |
useradd -M -N -r "${opts[@]}" "${euser}" || die |
217 |
;; |
224 |
;; |
218 |
esac |
225 |
esac |
Lines 220-226
Link Here
|
220 |
if [[ -n ${create_home} && ! -e ${ROOT}/${ehome} ]] ; then |
227 |
if [[ -n ${create_home} && ! -e ${ROOT}/${ehome} ]] ; then |
221 |
elog " - Creating ${ehome} in ${ROOT}" |
228 |
elog " - Creating ${ehome} in ${ROOT}" |
222 |
mkdir -p "${ROOT}/${ehome}" |
229 |
mkdir -p "${ROOT}/${ehome}" |
223 |
chown "${euser}" "${ROOT}/${ehome}" |
230 |
chown "${euid}" "${ROOT}/${ehome}" |
224 |
chmod 755 "${ROOT}/${ehome}" |
231 |
chmod 755 "${ROOT}/${ehome}" |
225 |
fi |
232 |
fi |
226 |
} |
233 |
} |
Lines 262-268
Link Here
|
262 |
if [[ -n $(egetent group "${egroup}") ]] ; then |
269 |
if [[ -n $(egetent group "${egroup}") ]] ; then |
263 |
return 0 |
270 |
return 0 |
264 |
fi |
271 |
fi |
265 |
elog "Adding group '${egroup}' to your system ..." |
272 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
273 |
einfo "Adding group '${egroup}' to your system ..." |
274 |
else |
275 |
einfo "Adding group '${egroup}' to ${ROOT} ..." |
276 |
fi |
266 |
|
277 |
|
267 |
# handle gid |
278 |
# handle gid |
268 |
local egid=$1; shift |
279 |
local egid=$1; shift |
Lines 318-325
Link Here
|
318 |
else |
329 |
else |
319 |
opts="-g ${egid}" |
330 |
opts="-g ${egid}" |
320 |
fi |
331 |
fi |
321 |
# We specify -r so that we get a GID in the system range from login.defs |
332 |
|
322 |
groupadd -r ${opts} "${egroup}" || die |
333 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
334 |
# We specify -r so that we get a GID in the system range from login.defs |
335 |
groupadd -r ${opts} "${egroup}" || die |
336 |
else |
337 |
groupadd --prefix "${ROOT}" -r ${opts} "${egroup}" || die |
338 |
fi |
323 |
;; |
339 |
;; |
324 |
esac |
340 |
esac |
325 |
} |
341 |
} |
Lines 387-393
Link Here
|
387 |
;; |
403 |
;; |
388 |
|
404 |
|
389 |
*) |
405 |
*) |
390 |
usermod -d "${ehome}" "${euser}" && return 0 |
406 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
407 |
usermod -d "${ehome}" "${euser}" && return 0 |
408 |
else |
409 |
usermod --prefix "${ROOT}" -d "${ehome}" "${euser}" && return 0 |
410 |
fi |
391 |
[[ $? == 8 ]] && eerror "${euser} is in use, cannot update home" |
411 |
[[ $? == 8 ]] && eerror "${euser} is in use, cannot update home" |
392 |
eerror "There was an error when attempting to update the home directory for ${euser}" |
412 |
eerror "There was an error when attempting to update the home directory for ${euser}" |
393 |
eerror "Please update it manually on your system (as root):" |
413 |
eerror "Please update it manually on your system (as root):" |
Lines 448-454
Link Here
|
448 |
;; |
468 |
;; |
449 |
|
469 |
|
450 |
*) |
470 |
*) |
451 |
usermod -s "${eshell}" "${euser}" && return 0 |
471 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
472 |
usermod -s "${eshell}" "${euser}" && return 0 |
473 |
else |
474 |
usermod --prefix "${ROOT}" -s "${eshell}" "${euser}" && return 0 |
475 |
fi |
452 |
[[ $? == 8 ]] && eerror "${euser} is in use, cannot update shell" |
476 |
[[ $? == 8 ]] && eerror "${euser} is in use, cannot update shell" |
453 |
eerror "There was an error when attempting to update the shell for ${euser}" |
477 |
eerror "There was an error when attempting to update the shell for ${euser}" |
454 |
eerror "Please update it manually on your system (as root):" |
478 |
eerror "Please update it manually on your system (as root):" |
Lines 574-579
Link Here
|
574 |
;; |
598 |
;; |
575 |
|
599 |
|
576 |
*) |
600 |
*) |
|
|
601 |
if [[ "${ROOT}" != "/" ]] ; then |
602 |
opts+=( --prefix "${ROOT}" ) |
603 |
fi |
577 |
usermod "${opts[@]}" "${euser}" && return 0 |
604 |
usermod "${opts[@]}" "${euser}" && return 0 |
578 |
[[ $? == 8 ]] && eerror "${euser} is in use, cannot update groups" |
605 |
[[ $? == 8 ]] && eerror "${euser} is in use, cannot update groups" |
579 |
eerror "There was an error when attempting to update the groups for ${euser}" |
606 |
eerror "There was an error when attempting to update the groups for ${euser}" |
580 |
-- a/eclass/user-info.eclass |
607 |
++ b/eclass/user-info.eclass |
Lines 16-29
Link Here
|
16 |
# Small wrapper for getent (Linux), nidump (< Mac OS X 10.5), |
16 |
# Small wrapper for getent (Linux), nidump (< Mac OS X 10.5), |
17 |
# dscl (Mac OS X 10.5), and pw (FreeBSD) used in enewuser()/enewgroup(). |
17 |
# dscl (Mac OS X 10.5), and pw (FreeBSD) used in enewuser()/enewgroup(). |
18 |
# |
18 |
# |
19 |
# Supported databases: group passwd |
19 |
# Supported databases: group passwd shadow |
|
|
20 |
# note that shadow may not be supported depending on configuration |
20 |
egetent() { |
21 |
egetent() { |
21 |
local db=$1 key=$2 |
22 |
local db=$1 key=$2 |
22 |
|
23 |
|
23 |
[[ $# -ge 3 ]] && die "usage: egetent <database> <key>" |
24 |
[[ $# -ge 3 ]] && die "usage: egetent <database> <key>" |
24 |
|
25 |
|
25 |
case ${db} in |
26 |
case ${db} in |
26 |
passwd|group) ;; |
27 |
passwd|group|shadow) ;; |
27 |
*) die "sorry, database '${db}' not yet supported; file a bug" ;; |
28 |
*) die "sorry, database '${db}' not yet supported; file a bug" ;; |
28 |
esac |
29 |
esac |
29 |
|
30 |
|
Lines 31-36
Link Here
|
31 |
*-freebsd*|*-dragonfly*) |
32 |
*-freebsd*|*-dragonfly*) |
32 |
case ${db} in |
33 |
case ${db} in |
33 |
passwd) db="user" ;; |
34 |
passwd) db="user" ;; |
|
|
35 |
shadow) die "sorry, database '${db}' not yet supported; file a bug" ;; |
34 |
*) ;; |
36 |
*) ;; |
35 |
esac |
37 |
esac |
36 |
|
38 |
|
Lines 47-54
Link Here
|
47 |
;; |
49 |
;; |
48 |
*) |
50 |
*) |
49 |
# ignore nscd output if we're not running as root |
51 |
# ignore nscd output if we're not running as root |
50 |
type -p nscd >/dev/null && nscd -i "${db}" 2>/dev/null |
52 |
case ${db} in |
51 |
getent "${db}" "${key}" |
53 |
passwd|group) type -p nscd >/dev/null && nscd -i "${db}" 2>/dev/null;; |
|
|
54 |
*) ;; |
55 |
esac |
56 |
|
57 |
if [[ "${ROOT}" == "/" ]] ; then |
58 |
getent "${db}" "${key}" |
59 |
else |
60 |
local euser |
61 |
if [[ ${key} == [[:digit:]]* ]] ; then |
62 |
euser=$(awk -F: '$3 == '"${key}"'{print $1}' "${ROOT}/etc/passwd") |
63 |
else |
64 |
euser=${key} |
65 |
fi |
66 |
if [[ "${euser}" != "" ]] ; then |
67 |
grep --color=never "^${euser}" "${ROOT}/etc/${db}" |
68 |
fi |
69 |
fi |
52 |
;; |
70 |
;; |
53 |
esac |
71 |
esac |
54 |
} |
72 |
} |
Lines 145-151
Link Here
|
145 |
[[ $# -eq 1 ]] || die "usage: egetgroups <user>" |
163 |
[[ $# -eq 1 ]] || die "usage: egetgroups <user>" |
146 |
|
164 |
|
147 |
local egroups_arr |
165 |
local egroups_arr |
148 |
read -r -a egroups_arr < <(id -G -n "$1") |
166 |
if [[ "${ROOT}" == "/" ]] ; then |
|
|
167 |
read -r -a egroups_arr < <(id -G -n "$1") |
168 |
else |
169 |
read -r -a egroups_arr < <(egetent group | grep --color=never -E "$1[^:]*$" | cut -d':' -f1) |
170 |
fi |
149 |
|
171 |
|
150 |
local g groups=${egroups_arr[0]} |
172 |
local g groups=${egroups_arr[0]} |
151 |
# sort supplementary groups to make comparison possible |
173 |
# sort supplementary groups to make comparison possible |