diff options
| author | Colin Guthrie <colin@mageia.org> | 2014-11-17 17:28:24 +0000 |
|---|---|---|
| committer | Colin Guthrie <colin@mageia.org> | 2014-11-17 17:44:16 +0000 |
| commit | c120dc6c3b23c927511776a7ab2910047b377169 (patch) | |
| tree | 321ab4d892c4dff0464308e76a1615d218f3378b | |
| parent | 130ce2915743952a8b40e8c3bab4d8bc5848564e (diff) | |
| download | perl-MDK-Common-c120dc6c3b23c927511776a7ab2910047b377169.tar perl-MDK-Common-c120dc6c3b23c927511776a7ab2910047b377169.tar.gz perl-MDK-Common-c120dc6c3b23c927511776a7ab2910047b377169.tar.bz2 perl-MDK-Common-c120dc6c3b23c927511776a7ab2910047b377169.tar.xz perl-MDK-Common-c120dc6c3b23c927511776a7ab2910047b377169.zip | |
Make the is_real_(user|group) functions take just a name
While this may cause a few unnecessary getpwnam/getgrnam calls
this makes the API much simpler for using externally and means
we cannot be called with bogus information for u/gid, homedir
and shell and such like.
mga#14346
| -rw-r--r-- | lib/MDK/Common/System.pm | 29 |
1 files changed, 16 insertions, 13 deletions
diff --git a/lib/MDK/Common/System.pm b/lib/MDK/Common/System.pm index 4319593..c0be561 100644 --- a/lib/MDK/Common/System.pm +++ b/lib/MDK/Common/System.pm @@ -297,7 +297,9 @@ sub list_passwd() { @l; } sub is_real_user { - my ($username, $uid, $homedir, $shell) = @_; + my ($username) = @_; + + return 0 if $username eq "nobody"; # We consider real users to be those users who: # Have a UID >= 1000 @@ -306,32 +308,33 @@ sub is_real_user { # and have a homedir that is not / or does not start with /var or /run # and have a shell that does not end in "nologin" or "false" - ($uid >= 1000 || ($uid >= 500 && $homedir !~ /^\/($|var\/|run\/)/ && $shell !~ /(nologin|false)$/)) && $username ne "nobody"; + my (undef,undef,$uid,undef,undef,undef,undef,$homedir,$shell) = getpwnam($username); + ($uid >= 1000 || ($uid >= 500 && $homedir !~ /^\/($|var\/|run\/)/ && $shell !~ /(nologin|false)$/)); } sub is_real_group { - my ($groupname, $gid) = @_; + my ($groupname) = @_; + + return 0 if $groupname eq "nogroup"; - return 0 if $groupname eq "nogroup" || $gid < 500; + my (undef,undef,$gid,$members) = getgrnam($groupname); + return 0 if $gid < 500; return 1 if $gid >= 1000; # We are in the range 500-1000, so we need some heuristic. # We consider ourselves a "real" group if this is the primary group of a user # with the same name, or we have any member users who are "real" - my ($username,undef,$uid,$egid,undef,undef,undef,$homedir,$shell,undef) = getpwnam($groupname); - return 1 if $username == $groupname && $egid == $gid; - - my (undef,undef,$egid,$members) = getgrnam($groupname); - return 0 if $egid != $gid; + my (undef,undef,undef,$ugid) = getpwnam($groupname); + return 1 if $ugid == $gid && is_real_user($groupname); + # OK we're not a primary group, but perhaps we have some real members? foreach (split(' ', $members)) { - my ($username,undef,$uid,undef,undef,undef,undef,$homedir,$shell,undef) = getpwnam($_); - return 1 if is_real_user($username, $uid, $homedir, $shell); + return 1 if is_real_user($_); } return 0; } sub list_home() { - MDK::Common::DataStructure::uniq(map { $_->[7] } grep { is_real_user($_->[0], $_->[2], $_->[7], $_->[8]) } list_passwd()); + MDK::Common::DataStructure::uniq(map { $_->[7] } grep { is_real_user($_->[0]) } list_passwd()); } sub list_skels { my ($prefix, $suffix) = @_; @@ -339,7 +342,7 @@ sub list_skels { } sub list_users() { - MDK::Common::DataStructure::uniq(map { is_real_user($_->[0], $_->[2], $_->[7], $_->[8]) ? $_->[0] : () } list_passwd()); + MDK::Common::DataStructure::uniq(map { is_real_user($_->[0]) ? $_->[0] : () } list_passwd()); } |