From d2afb181655c6c89f17fd7dc184a6dc790bfc099 Mon Sep 17 00:00:00 2001 From: Pascal Rigaux Date: Tue, 30 Nov 2004 10:23:54 +0000 Subject: - rely on adduser(8) to set the users password instead of using write_passwd_user() - use adduser(8) during install (we now use the same code during and after install) --- perl-install/any.pm | 53 ++++++++++++++++++++++++++++++++---- perl-install/install_steps.pm | 40 +-------------------------- perl-install/standalone/adduserdrake | 14 +++------- 3 files changed, 52 insertions(+), 55 deletions(-) diff --git a/perl-install/any.pm b/perl-install/any.pm index 0ffaace15..e37a69bf3 100644 --- a/perl-install/any.pm +++ b/perl-install/any.pm @@ -53,13 +53,49 @@ sub alloc_user_faces { } } -sub addUsers { - my ($users) = @_; +sub create_user { + my ($u, $isMD5) = @_; + + my @existing = stat("$::prefix/home/$u->{name}"); + + if (!getpwnam($u->{name})) { + my $uid = $u->{uid} || $existing[4]; + if ($uid && getpwuid($uid)) { + undef $uid; #- suggested uid already in use + } + my $gid = $u->{gid} || $existing[5] || int getgrnam($u->{name}); + if ($gid) { + if (getgrgid($gid)) { + undef $gid if getgrgid($gid) ne $u->{name}; + } else { + run_program::rooted($::prefix, 'groupadd', '-g', $gid, $u->{name}); + } + } + run_program::rooted($::prefix, + 'adduser', + '-p', user_crypted_passwd($u, $isMD5), + if_($uid, '-u', $uid), if_($gid, '-g', $gid), + $u->{name}); + } + + my (undef, undef, $uid, $gid, undef, undef, undef, $home) = getpwnam($u->{name}); + + if (@existing && $::isInstall && ($uid != $existing[4] || $gid != $existing[5])) { + log::l("chown'ing $home from $existing[4].$existing[5] to $uid.$gid"); + require commands; + eval { commands::chown_("-r", "$uid.$gid", "$::prefix$home") }; + } +} + +sub add_users { + my ($users, $authentication) = @_; alloc_user_faces($users); - foreach my $u (@$users) { - run_program::rooted($::prefix, "usermod", "-G", join(",", @{$u->{groups}}), $u->{name}) if !is_empty_array_ref($u->{groups}); - addKdmIcon($u->{name}, delete $u->{auto_icon} || $u->{icon}); + + foreach (@$users) { + create_user($_, $authentication->{md5}); + run_program::rooted($::prefix, "usermod", "-G", join(",", @{$_->{groups}}), $_->{name}) if !is_empty_array_ref($_->{groups}); + addKdmIcon($_->{name}, delete $_->{auto_icon} || $_->{icon}); } } @@ -790,10 +826,15 @@ sub selectCountry { $locale->{country} = $other || !@best ? $ext_country : $country; } +sub user_crypted_passwd { + my ($u, $isMD5) = @_; + $u->{password} ? &crypt($u->{password}, $isMD5) : $u->{pw} || ''; +} + sub write_passwd_user { my ($u, $isMD5) = @_; - $u->{pw} = $u->{password} ? &crypt($u->{password}, $isMD5) : $u->{pw} || ''; + $u->{pw} = user_crypted_passwd($u, $isMD5); $u->{shell} ||= '/bin/bash'; substInFile { diff --git a/perl-install/install_steps.pm b/perl-install/install_steps.pm index 0752c50d5..b91ac2eed 100644 --- a/perl-install/install_steps.pm +++ b/perl-install/install_steps.pm @@ -777,45 +777,7 @@ sub addUser { symlinkf("$::prefix/etc/group", '/etc/group'); } - my (%uids, %gids); - foreach (glob_("$::prefix/home")) { my ($u, $g) = (stat($_))[4,5]; $uids{$u} = 1; $gids{$g} = 1 } - - foreach (@$users) { - $_->{home} ||= "/home/$_->{name}"; - - my $u = $_->{uid} || ($_->{oldu} = (stat("$::prefix$_->{home}"))[4]) || int getpwnam($_->{name}); - my $g = $_->{gid} || ($_->{oldg} = (stat("$::prefix$_->{home}"))[5]) || int getgrnam($_->{name}); - #- search for available uid above 501 else initscripts may fail to change language for KDE. - if (!$u || getpwuid($u)) { for ($u = 501; getpwuid($u) || $uids{$u}; $u++) {} } - if (!$g) { for ($g = 501; getgrgid($g) || $gids{$g}; $g++) {} } - - $_->{uid} = $u; $uids{$u} = 1; - $_->{gid} = $g; $gids{$g} = 1; - } - - any::write_passwd_user($_, $o->{authentication}{md5}) foreach @$users; - - append_to_file("$::prefix/etc/group", - map { "$_->{name}:x:$_->{gid}:\n" } grep { ! getgrgid($_->{gid}) } @$users); - - foreach my $u (@$users) { - if (! -d "$::prefix$u->{home}") { - my $mode = $o->{security} < 2 ? 0755 : 0750; - eval { cp_af("$::prefix/etc/skel", "$::prefix$u->{home}") }; - if ($@) { - log::l("copying of skel failed: $@"); mkdir("$::prefix$u->{home}", $mode); - } else { - chmod $mode, "$::prefix$u->{home}"; - } - } - require commands; - eval { commands::chown_("-r", "$u->{uid}.$u->{gid}", "$::prefix$u->{home}") } - if $u->{uid} != $u->{oldu} || $u->{gid} != $u->{oldg}; - } - #- since we wrote the password in /etc/passwd, we must convert to shadow - run_program::rooted($::prefix, 'pwconv') if $o->{authentication}{shadow}; - - any::addUsers($users); + any::add_users($users, $o->{authentication}); if ($o->{autologin}) { $o->{desktop} ||= first(any::sessions()); diff --git a/perl-install/standalone/adduserdrake b/perl-install/standalone/adduserdrake index 40659017f..a2d380766 100755 --- a/perl-install/standalone/adduserdrake +++ b/perl-install/standalone/adduserdrake @@ -6,12 +6,10 @@ use standalone; #- warning, standalone must be loaded very first, for 'expla use common; use interactive; +use security::level; +use authentication; use any; -my $isMD5 = cat_("/etc/pam.d/system-auth") =~ /md5/; -my $isShadow = cat_("/etc/pam.d/system-auth") =~ /shadow/; - - my $users = []; my $in; @@ -19,13 +17,9 @@ if (my @l = grep { ! /^-/ } @ARGV) { $users = [ map { { name => $_, realname => $_ } } @l ]; } else { $in = 'interactive'->vnew('su'); - any::ask_users($in, $users, $ENV{SECURE_LEVEL}, []); + any::ask_users($in, $users, security::level::get(), []); } -system("adduser", $_->{name}) foreach @$users; -any::write_passwd_user($_, $isMD5) foreach @$users; -system("pwconv") if $isShadow; - -any::addUsers($users); +any::add_users($users, authentication::get()); $in->exit(0) if $in; -- cgit v1.2.1