backport HEAD changes used by finish-install

7 files changed, 136 insertions, 84 deletions

diff --git a/perl-install/any.pm b/perl-install/any.pm
index 1d9648403..a679ad0af 100644
--- a/perl-install/any.pm
+++ b/perl-install/any.pm
@@ -43,7 +43,7 @@ sub addKdmIcon {
     eval { cp_af(facesdir() . $icon . ".png", $dest) } if $icon;
 }
 
-sub allocUsers {
+sub alloc_user_faces {
     my ($users) = @_;
     my @m = my @l = facesnames();
     foreach (grep { !$_->{icon} || $_->{icon} eq "automagic" } @$users) {
@@ -53,13 +53,50 @@ sub allocUsers {
     }
 }
 
-sub addUsers {
-    my ($users) = @_;
+sub create_user {
+    my ($u, $isMD5) = @_;
+
+    my @existing = stat("$::prefix/home/$u->{name}");
+
+    if (!getpwnam($u->{name})) {
+	my $uid = $u->{uid} || $existing[4];
+	if ($uid && getpwuid($uid)) {
+	    undef $uid; #- suggested uid already in use
+	}
+	my $gid = $u->{gid} || $existing[5] || int getgrnam($u->{name});
+	if ($gid) {
+	    if (getgrgid($gid)) {
+		undef $gid if getgrgid($gid) ne $u->{name};
+	    } else {
+		run_program::rooted($::prefix, 'groupadd', '-g', $gid, $u->{name});
+	    }
+	}
+	require authentication;
+	run_program::rooted($::prefix, 
+			    'adduser', 
+			    '-p', authentication::user_crypted_passwd($u, $isMD5),
+			    if_($uid, '-u', $uid), if_($gid, '-g', $gid), 
+			    $u->{name});
+    }
+
+    my (undef, undef, $uid, $gid, undef, undef, undef, $home) = getpwnam($u->{name});
+
+    if (@existing && $::isInstall && ($uid != $existing[4] || $gid != $existing[5])) {
+	log::l("chown'ing $home from $existing[4].$existing[5] to $uid.$gid");
+	require commands;
+	eval { commands::chown_("-r", "$uid.$gid", "$::prefix$home") };
+    }
+}
+
+sub add_users {
+    my ($users, $authentication) = @_;
+
+    alloc_user_faces($users);
 
-    allocUsers($users);
-    foreach my $u (@$users) {
-	run_program::rooted($::prefix, "usermod", "-G", join(",", @{$u->{groups}}), $u->{name}) if !is_empty_array_ref($u->{groups});
-	addKdmIcon($u->{name}, delete $u->{auto_icon} || $u->{icon});
+    foreach (@$users) {
+	create_user($_, $authentication->{md5});
+	run_program::rooted($::prefix, "usermod", "-G", join(",", @{$_->{groups}}), $_->{name}) if !is_empty_array_ref($_->{groups});
+	addKdmIcon($_->{name}, delete $_->{auto_icon} || $_->{icon});
     }
 }
 
@@ -435,17 +472,6 @@ You can create additional entries or change the existing ones."), [ {
     }
 }
 
-my @etc_pass_fields = qw(name pw uid gid realname home shell);
-sub unpack_passwd {
-    my ($l) = @_;
-    my %l; @l{@etc_pass_fields} = split ':', chomp_($l);
-    \%l;
-}
-sub pack_passwd {
-    my ($l) = @_;
-    join(':', @$l{@etc_pass_fields}) . "\n";
-}
-
 sub get_autologin() {
     my %desktop = getVarsFromSh("$::prefix/etc/sysconfig/desktop");
     my $desktop = $desktop{DESKTOP} || 'KDE';
@@ -783,32 +809,6 @@ sub selectCountry {
     $locale->{country} = $other || !@best ? $ext_country : $country;
 }
 
-sub set_root_passwd {
-    my ($superuser, $authentication) = @_;
-    $superuser->{name} = 'root';
-    write_passwd_user($superuser, $authentication->{md5});    
-    delete $superuser->{name};
-}
-
-sub write_passwd_user {
-    my ($u, $isMD5) = @_;
-
-    $u->{pw} = $u->{password} ? &crypt($u->{password}, $isMD5) : $u->{pw} || '';
-    $u->{shell} ||= '/bin/bash';
-
-    substInFile {
-	my $l = unpack_passwd($_);
-	if ($l->{name} eq $u->{name}) {
-	    add2hash_($u, $l);
-	    $_ = pack_passwd($u);
-	    $u = {};
-	}
-	if (eof && $u->{name}) {
-	    $_ .= pack_passwd($u);
-	}
-    } "$::prefix/etc/passwd";
-}
-
 sub set_login_serial_console {
     my ($port, $speed) = @_;
 
diff --git a/perl-install/authentication.pm b/perl-install/authentication.pm
index 783fadac7..9994de0ad 100644
--- a/perl-install/authentication.pm
+++ b/perl-install/authentication.pm
@@ -135,8 +135,45 @@ The command 'wbinfo -t' will test whether your authentication secrets are good."
     1;
 }
 
+sub ask_root_password_and_authentication {
+    my ($in, $netc, $superuser, $authentication, $meta_class, $security) = @_;
+
+    my $kind = to_kind($authentication);
+
+    $in->ask_from_({
+	 title => N("Set root password and network authentication methods"), 
+	 messages => N("Set root password"),
+	 advanced_messages => kind2description(),
+	 interactive_help_id => "setRootPassword",
+	 cancel => ($security <= 2 ? 
+		    #-PO: keep this short or else the buttons will not fit in the window
+		    N("No password") : ''),
+	 focus_first => 1,
+	 callbacks => { 
+	     complete => sub {
+		 $superuser->{password} eq $superuser->{password2} or $in->ask_warn('', [ N("The passwords do not match"), N("Please try again") ]), return 1,0;
+		 length $superuser->{password} < 2 * $security
+		   and $in->ask_warn('', N("This password is too short (it must be at least %d characters long)", 2 * $security)), return 1,0;
+		 return 0;
+        } } }, [
+{ label => N("Password"), val => \$superuser->{password},  hidden => 1 },
+{ label => N("Password (again)"), val => \$superuser->{password2}, hidden => 1 },
+{ label => N("Authentication"), val => \$kind, type => 'list', list => [ authentication::kinds($meta_class) ], format => \&authentication::kind2name, advanced => 1 },
+        ]) or delete $superuser->{password};
+
+    ask_parameters($in, $netc, $authentication, $kind) or goto &ask_root_password_and_authentication;
+}
+
+
+sub get() {
+    my $system_auth = cat_("/etc/pam.d/system-auth");
+    { md5 => $system_auth =~ /md5/, shadow => $system_auth =~ /shadow/ };
+}
+
 sub set {
-    my ($in, $netc, $authentication, $when_network_is_up) = @_;
+    my ($in, $netc, $authentication, $o_when_network_is_up) = @_;
+
+    my $when_network_is_up = $o_when_network_is_up || sub { my ($f) = @_; $f->() };
 
     any::enableShadow() if $authentication->{shadow};    
 
@@ -537,5 +574,47 @@ sub query_srv_names {
     map { $_->target } $query->answer;
 }
 
+sub user_crypted_passwd {
+    my ($u, $isMD5) = @_;
+    $u->{password} ? &crypt($u->{password}, $isMD5) : $u->{pw} || '';
+}
+
+sub set_root_passwd {
+    my ($superuser, $authentication) = @_;
+    $superuser->{name} = 'root';
+    write_passwd_user($superuser, $authentication->{md5});    
+    delete $superuser->{name};
+}
+
+sub write_passwd_user {
+    my ($u, $isMD5) = @_;
+
+    $u->{pw} = user_crypted_passwd($u, $isMD5);      
+    $u->{shell} ||= '/bin/bash';
+
+    substInFile {
+	my $l = unpack_passwd($_);
+	if ($l->{name} eq $u->{name}) {
+	    add2hash_($u, $l);
+	    $_ = pack_passwd($u);
+	    $u = {};
+	}
+	if (eof && $u->{name}) {
+	    $_ .= pack_passwd($u);
+	}
+    } "$::prefix/etc/passwd";
+}
+
+my @etc_pass_fields = qw(name pw uid gid realname home shell);
+sub unpack_passwd {
+    my ($l) = @_;
+    my %l; @l{@etc_pass_fields} = split ':', chomp_($l);
+    \%l;
+}
+sub pack_passwd {
+    my ($l) = @_;
+    join(':', @$l{@etc_pass_fields}) . "\n";
+}
+
 1;
 
diff --git a/perl-install/install_steps.pm b/perl-install/install_steps.pm
index d6467efea..b27a56382 100644
--- a/perl-install/install_steps.pm
+++ b/perl-install/install_steps.pm
@@ -759,7 +759,8 @@ sub configurePrinter {
 sub setRootPassword {
     my ($o) = @_;
     $o->{superuser} ||= {};
-    any::set_root_passwd($o->{superuser}, $o->{authentication});
+    require authentication;
+    authentication::set_root_passwd($o->{superuser}, $o->{authentication});
     install_any::set_authentication($o);
 }
 
diff --git a/perl-install/install_steps_interactive.pm b/perl-install/install_steps_interactive.pm
index 6b2d4ce0e..40ba786c6 100644
--- a/perl-install/install_steps_interactive.pm
+++ b/perl-install/install_steps_interactive.pm
@@ -1199,30 +1199,7 @@ sub setRootPassword {
 
     if ($o->{security} >= 1 || $clicked) {
 	require authentication;
-        my $authentication_kind = authentication::to_kind($o->{authentication} ||= {});
-
-	$o->ask_from_({
-	 title => N("Set root password and network authentication methods"), 
-	 messages => N("Set root password"),
-	 advanced_messages => authentication::kind2description(),
-	 interactive_help_id => "setRootPassword",
-	 cancel => ($o->{security} <= 2 ? 
-		    #-PO: keep this short or else the buttons will not fit in the window
-		    N("No password") : ''),
-	 focus_first => 1,
-	 callbacks => { 
-	     complete => sub {
-		 $sup->{password} eq $sup->{password2} or $o->ask_warn('', [ N("The passwords do not match"), N("Please try again") ]), return 1,0;
-		 length $sup->{password} < 2 * $o->{security}
-		   and $o->ask_warn('', N("This password is too short (it must be at least %d characters long)", 2 * $o->{security})), return 1,0;
-		 return 0
-        } } }, [
-{ label => N("Password"), val => \$sup->{password},  hidden => 1 },
-{ label => N("Password (again)"), val => \$sup->{password2}, hidden => 1 },
-{ label => N("Authentication"), val => \$authentication_kind, type => 'list', list => [ authentication::kinds($o->{meta_class}) ], format => \&authentication::kind2name, advanced => 1 },
-        ]) or delete $sup->{password};
-
-	authentication::ask_parameters($o, $o->{netc}, $o->{authentication}, $authentication_kind) or goto &setRootPassword;
+	authentication::ask_root_password_and_authentication($o, $o->{netc}, $sup, $o->{authentication} ||= {}, $o->{meta_class}, $o->{security});
     }
     install_steps::setRootPassword($o);
 }
diff --git a/perl-install/network/network.pm b/perl-install/network/network.pm
index 3a99c2f96..febaa632d 100644
--- a/perl-install/network/network.pm
+++ b/perl-install/network/network.pm
@@ -78,7 +78,8 @@ sub read_tmdns_conf() {
 }
 
 sub write_conf {
-    my ($file, $netc) = @_;
+    my ($netc) = @_;
+    my $file = "$::prefix/etc/sysconfig/network";
 
     if ($netc->{HOSTNAME} && $netc->{HOSTNAME} =~ /\.(.+)$/) {
 	$netc->{DOMAINNAME} = $1;
@@ -437,7 +438,7 @@ sub configureNetwork2 {
         network::ethernet::configure_eth_aliases($modules_conf);
 
         $netc->{wireless_eth} and $in->do_pkgs->ensure_binary_is_installed('wireless-tools', 'iwconfig', 'auto');
-        write_conf("$etc/sysconfig/network", $netc);
+        write_conf($netc);
         write_resolv_conf("$etc/resolv.conf", $netc) unless $netc->{DHCP};
         if ($::isInstall && ! -e "/etc/resolv.conf") {
             #- symlink resolv.conf in install root too so that updates and suppl media can be added
diff --git a/perl-install/standalone/adduserdrake b/perl-install/standalone/adduserdrake
index 40659017f..a2d380766 100755
--- a/perl-install/standalone/adduserdrake
+++ b/perl-install/standalone/adduserdrake
@@ -6,12 +6,10 @@ use standalone;     #- warning, standalone must be loaded very first, for 'expla
 
 use common;
 use interactive;
+use security::level;
+use authentication;
 use any;
 
-my $isMD5 = cat_("/etc/pam.d/system-auth") =~ /md5/;
-my $isShadow = cat_("/etc/pam.d/system-auth") =~ /shadow/;
-
-
 my $users = []; 
 my $in;
 
@@ -19,13 +17,9 @@ if (my @l = grep { ! /^-/ } @ARGV) {
     $users = [ map { { name => $_, realname => $_ } } @l ];
 } else {
     $in = 'interactive'->vnew('su');
-    any::ask_users($in, $users, $ENV{SECURE_LEVEL}, []);
+    any::ask_users($in, $users, security::level::get(), []);
 }
 
-system("adduser", $_->{name}) foreach @$users;
-any::write_passwd_user($_, $isMD5) foreach @$users;
-system("pwconv") if $isShadow;
-
-any::addUsers($users);
+any::add_users($users, authentication::get());
 
 $in->exit(0) if $in;
diff --git a/perl-install/standalone/drakauth b/perl-install/standalone/drakauth
index 1d89e08d7..c68a75b84 100755
--- a/perl-install/standalone/drakauth
+++ b/perl-install/standalone/drakauth
@@ -30,8 +30,8 @@ $in->ask_from(N("Authentication"), authentication::kind2description(),
 authentication::ask_parameters($in, $netc, $authentication, $kind) or goto main;
 
 eval { 
-    authentication::set($in, $netc, $authentication, sub { my ($f) = @_; $f->() });
-    network::network::write_conf("$::prefix/etc/sysconfig/network", $netc);
+    authentication::set($in, $netc, $authentication);
+    network::network::write_conf($netc);
 };
 if (my $err = $@) {
     $in->ask_warn(N("Error"), formatError($err));