diff options
| author | Simon Rettberg | 2013-09-02 15:57:26 +0200 |
|---|---|---|
| committer | Jonathan Bauer | 2013-09-30 13:22:03 +0200 |
| commit | ac031b9ed75c50a10d1973aab48be17e9265a59b (patch) | |
| tree | 711115ae0f262089104167facbfebe5b9ded6fc0 | |
| parent | [dnbd3] cmake / opensuse (diff) | |
| download | tm-scripts-ac031b9ed75c50a10d1973aab48be17e9265a59b.tar.gz tm-scripts-ac031b9ed75c50a10d1973aab48be17e9265a59b.tar.xz tm-scripts-ac031b9ed75c50a10d1973aab48be17e9265a59b.zip | |
[helper/useradd] Make sure /etc/shadow has group shadow
(Also fix indentation on the file)
| -rw-r--r-- | helper/useradd.inc | 52 |
1 files changed, 27 insertions, 25 deletions
diff --git a/helper/useradd.inc b/helper/useradd.inc index 3f54a24a..1e35c571 100644 --- a/helper/useradd.inc +++ b/helper/useradd.inc @@ -106,7 +106,7 @@ add_user() { # do the same for the group local _GID=$(grep -E "^${GROUP}:[^:]*:[0-9]+:" "${_GROUP}" | head -1 | awk -F ':' '{print $3}') [ ! -z "${_GID}" ] && [ "x${_GID}" != "x${GROUPID}" ] && perror "Group ${GROUP}(${GROUPID}) already exists with GID ${_GID}" - # if user already exists, check if he is in another group than the one requested. if so, bail out + # if user already exists, check if he is in another group than the one requested. if so, bail out # (TODO: don't bail out and add user to the new group) if [ ! -z "${_UID}" ] then @@ -183,31 +183,33 @@ add_group () { } init_users_and_groups() { - [ -z "${TARGET_BUILD_DIR}" ] && perror "Almost wrecked your local passwd, group and shadow file. phew." - local PASSWD=${TARGET_BUILD_DIR}/etc/passwd - local GROUP=${TARGET_BUILD_DIR}/etc/group - local SHADOW=${TARGET_BUILD_DIR}/etc/shadow + [ -z "$TARGET_BUILD_DIR" -o "$TARGET_BUILD_DIR" == "/" ] && perror "Almost wrecked your local passwd, group and shadow file. phew." + local PASSWD="$TARGET_BUILD_DIR/etc/passwd" + local GROUP="$TARGET_BUILD_DIR/etc/group" + local SHADOW="$TARGET_BUILD_DIR/etc/shadow" [ -s "${PASSWD}" -a -s "${GROUP}" -a -s "${SHADOW}" ] && return pinfo "Creating users and groups based on local system...." - cp "/etc/passwd" "$PASSWD" - cp "/etc/group" "$GROUP" - cp "/etc/shadow" "$SHADOW" - # remove local users from group file (TODO: currently assumes users have ids 1000-1999) - local LOCALUSERS=$(grep -E '^[^:]+:x?:1[0-9]{3}:' "${PASSWD}" | awk -F ':' '{print $1}') - for USER in $LOCALUSERS; do - sed -r -i "s/([:,])${USER}/\1/g" "${GROUP}" - done - # fix syntax: remove trailing ',' in group file - sed -r -i 's/,+$//g' "${GROUP}" - sed -r -i 's/,+/,/g' "${GROUP}" - sed -i 's/:,/:/g' "${GROUP}" - # remove all non-system groups (also assumes users have 1000-1999, so nogroup will be kept) - grep -v -E '^[^:]+:x?:1[0-9]{3}:' "${GROUP}" > "${GROUP}.tmp" - mv "${GROUP}.tmp" "${GROUP}" - # same for users... - grep -v -E '^[^:]+:x?:1[0-9]{3}:' "${PASSWD}" > "${PASSWD}.tmp" - mv "${PASSWD}.tmp" "${PASSWD}" - # generate fresh shadow file - awk -F ':' '{print $1":*:15555:0:99999:7:::"}' "${PASSWD}" > "${SHADOW}" + cp -a "/etc/passwd" "$PASSWD" || perror "Could not copy /etc/passwd" + cp -a "/etc/group" "$GROUP" || perror "Could not copy /etc/group" + cp -a "/etc/shadow" "$SHADOW" || perror "Could not copy /etc/shadow" + # make sure shadow has group shadow (should be handled by cp -a but hey) + chgrp shadow "$SHADOW" + # remove local users from group file (TODO: currently assumes users have ids 1000-1999) + local LOCALUSERS=$(grep -E '^[^:]+:x?:1[0-9]{3}:' "${PASSWD}" | awk -F ':' '{print $1}') + for USER in $LOCALUSERS; do + sed -r -i "s/([:,])${USER}/\1/g" "${GROUP}" + done + # fix syntax: remove trailing ',' in group file + sed -r -i 's/,+$//g' "${GROUP}" + sed -r -i 's/,+/,/g' "${GROUP}" + sed -i 's/:,/:/g' "${GROUP}" + # remove all non-system groups (also assumes users have 1000-1999, so nogroup will be kept) + grep -v -E '^[^:]+:x?:1[0-9]{3}:' "${GROUP}" > "${GROUP}.tmp" + mv "${GROUP}.tmp" "${GROUP}" + # same for users... + grep -v -E '^[^:]+:x?:1[0-9]{3}:' "${PASSWD}" > "${PASSWD}.tmp" + mv "${PASSWD}.tmp" "${PASSWD}" + # generate fresh shadow file + awk -F ':' '{print $1":*:15555:0:99999:7:::"}' "${PASSWD}" > "${SHADOW}" } |