]> gitweb.michael.orlitzky.com - mjo-overlay.git/blob - eclass/sys-user.eclass
projects / mjo-overlay.git / blob
? search:


bf2f7a7a61419c8ab104e842762157d7742bd1b1
[mjo-overlay.git] / eclass / sys-user.eclass
1 # Copyright 1999-2017 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
3
4 # @ECLASS: sys-user.eclass
5 # @MAINTAINER:
6 # Michael Orlitzky <mjo@gentoo.org>
7 # @BLURB: handle installation and removal of system users.
8 # @DESCRIPTION:
9 # This eclass does most of the work for the sys-user/ packages that
10 # supply system user accounts.
11
12 # Needed for egetshell and egethome.
13 inherit user
14
15 EXPORT_FUNCTIONS pkg_pretend src_unpack src_configure src_compile src_install src_test pkg_preinst pkg_postinst pkg_prerm
16
17 : ${HOMEPAGE:="https://wiki.gentoo.org/wiki/User:Mjo/GLEP:User_packages"}
18 : ${DESCRIPTION:="The ${PN} system user"}
19
20 # If you want a different username, use a different package name. This
21 # prevents different people from claiming the same username.
22 SYS_USER_NAME="${PN}"
23
24 # @ECLASS-VARIABLE: SYS_USER_GROUPS
25 # @DESCRIPTION:
26 # A space-separated list of groups that the user will belong to.
27 # Dependencies on the appropriate sys-group packages are generated
28 # automatically.
29 : ${SYS_USER_GROUPS:=${PN}}
30
31 # @ECLASS-VARIABLE: SYS_USER_UID
32 # @REQUIRED
33 # @DESCRIPTION:
34 # This should be set to the "fixed" UID that your user should have.
35 # We may have to fall back to an arbitrary UID, but you still need
36 # to specify a real, valid UID here. At the very least because our
37 # SLOT variable needs it.
38 [[ -z "${SYS_USER_UID}" ]] && die "SYS_USER_UID must be set"
39
40 # @ECLASS-VARIABLE: SYS_USER_UID_IMPORTANT
41 # @REQUIRED
42 # @DESCRIPTION:
43 # Set to "true" if you want to die() if you don't get your desired UID.
44 : ${SYS_USER_UID_IMPORTANT:=false}
45
46 # In many cases, if the UID of a user changes, packages depending on it
47 # will want to rebuild. We always use SLOT=0, because you can't install
48 # the same user twice. Then we use the UID as our subslot so that
49 # subslot deps can be used to rebuild packages when our UID changes.
50 SLOT="0/${SYS_USER_UID}"
51
52 # @ECLASS-VARIABLE: SYS_USER_HOME
53 # @DESCRIPTION:
54 # etc.
55 : ${SYS_USER_HOME:=/home/${SYS_USER_NAME}}
56
57 # @ECLASS-VARIABLE: SYS_USER_SHELL
58 # @DESCRIPTION:
59 # etc.
60 : ${SYS_USER_SHELL:=/bin/false}
61
62 case ${EAPI} in
63 6) ;;
64 *)
65 die "${ECLASS} is not compatible with EAPI=${EAPI}"
66 esac
67
68 # Depend on any groups we might need.
69 for _group in ${SYS_USER_GROUPS}; do
70 DEPEND+=" sys-group/${_group} "
71 RDEPEND+=" sys-group/${_group}:= "
72 done
73 unset _group
74
75 S="${WORKDIR}"
76
77 sys-user_src_unpack() { :; }
78 sys-user_src_compile() { :; }
79 sys-user_src_test() { :; }
80
81 sys-user_getuid() {
82 # Output the real UID of the given user, or the empty string if the
83 # user does not exist on the system.
84 [[ $# -eq 1 ]] || die "usage: sys-user_getuid <username>"
85 echo $(id --real --user "${1}")
86 }
87
88 sys-user_getname() {
89 # Output the username associated with the given UID, or the empty string
90 # if the given UID is still available.
91 [[ $# -eq 1 ]] || die "usage: sys-user_getname <uid>"
92 echo $(egetent passwd "${1}" | cut -f1 -d':')
93 }
94
95 sys-user_create() {
96 # Create the user whose information is contained in the following
97 # variables:
98 #
99 # * SYS_USER_NAME
100 # * SYS_USER_UID
101 # * SYS_USER_SHELL
102 # * SYS_USER_HOME
103 # * SYS_USER_GROUPS
104 #
105 # We don't create a group with the same name; that should be the
106 # job of the matching sys-group package.
107 useradd --no-user-group \
108 ${SYS_USER_UID:+--uid }"${SYS_USER_UID}" \
109 ${SYS_USER_GROUPS:+--groups }"${SYS_USER_GROUPS}" \
110 --shell "${SYS_USER_SHELL}" \
111 --home-dir "${SYS_USER_HOME}" \
112 "${SYS_USER_NAME}"
113 }
114
115
116 sys-user_modify() {
117 # Modify the existing user named $SYS_USER_NAME to match the values
118 # contained in the following variables:
119 #
120 # * SYS_USER_UID
121 # * SYS_USER_SHELL
122 # * SYS_USER_HOME
123 # * SYS_USER_GROUPS
124 #
125 usermod ${SYS_USER_UID:+--uid }"${SYS_USER_UID}" \
126 ${SYS_USER_GROUPS:+--append --groups }"${SYS_USER_GROUPS}" \
127 --shell "${SYS_USER_SHELL}" \
128 --home-dir "${SYS_USER_HOME}" \
129 "${SYS_USER_NAME}"
130 }
131
132 sys-user_pkg_pretend() {
133 # Sanity checks that would otherwise run code in global scope.
134
135 # Next ensure that no other username owns an important UID.
136 if [[ "${SYS_USER_UID_IMPORTANT}" == "true" ]]; then
137 # Ok, the UID is important. Make sure nobody else has it. Or
138 # rather, nobody else *with a different username* has it.
139 local oldname=$(sys-user_getname "${SYS_USER_UID}")
140 if [[ "${SYS_USER_NAME}" != "${oldname}" ]]; then
141 die "important UID ${SYS_USER_UID} already belongs to ${oldname}"
142 fi
143 fi
144
145 # Finally, ensure that this username doesn't already exist with
146 # another UID if its UID is supposedly important.
147 local olduid=$(sys-user_getuid "${SYS_USER_NAME}")
148 if [[ -n "${olduid}" ]]; then
149 if [[ "${SYS_USER_UID_IMPORTANT}" == "true" ]] && \
150 [[ "${SYS_USER_UID}" != "${olduid}" ]]; then
151 # The UID is important and specified, but there is already a
152 # system user with this name and a different UID. Halp.
153 die "user ${SYS_USER_NAME} already exists with UID ${olduid}"
154 fi
155 fi
156 }
157
158 sys-user_src_configure() {
159 local current_uid=$(sys-user_getuid "${SYS_USER_NAME}")
160 if [[ -n "${current_uid}" ]]; then
161 # UPGRADE PATH: This user already exists, so if the eclass
162 # consumer doesn't care about some settings, we can reuse the
163 # pre-existing ones.
164 #
165 # This is also useful for sys-user package upgrades, because it
166 # prevents us from incrementing the UID on a reinstall, and doing
167 # so would break most packages that need a system user to exist.
168 if [[ "${SYS_USER_UID_IMPORTANT}" != "true" ]]; then
169 SYS_USER_UID="${current_uid}"
170 fi
171
172 if [[ -z "${SYS_USER_HOME}" ]]; then
173 SYS_USER_HOME=$(egethome "${SYS_USER_NAME}")
174 fi
175
176 if [[ -z "${SYS_USER_SHELL}" ]]; then
177 SYS_USER_SHELL=$(egetshell "${SYS_USER_NAME}")
178 fi
179 fi
180
181 local current_name=$(sys-user_getname "${SYS_USER_UID}")
182 if [[ "${current_name}" != "${SYS_USER_NAME}" ]]; then
183 # This UID is already taken by another user, but this
184 # specific UID was not important (we checked in
185 # pkg_pretend), so fall back to an arbitrary one.
186 unset SYS_USER_UID
187 fi
188
189 # The "useradd" and "usermod" tools expect a comma-separated list,
190 # so change our spaces to commas. Having duplicates in the list is
191 # not a problem for those two tools.
192 SYS_USER_GROUPS="${SYS_USER_GROUPS// /,}"
193 }
194
195 sys-user_src_install() {
196 # Install a placeholder file to /var/lib/sys-user/$uid. This will
197 # cause collisions if two packages try to install users with the
198 # same UID. The same problem potentially exists with the username,
199 # but as long as SYS_USER_NAME is hard-coded to $PN, that shouldn't
200 # be possible.
201 #
202 # Beware, this only works if SYS_USER_UID is guaranteed to have a
203 # real UID and not be e.g. the empty string.
204 #
205 # Our sys-user_create() function makes sure to set SYS_USER_UID to
206 # something useful, and the only place that sys-user_create() is
207 # called from is sys-user_pkg_preinst(), which takes place before
208 # this sys-user_src_install().
209 #
210 # The other way that SYS_USER_UID could be empty is during an
211 # upgrade; however, if you're doing an upgrade and the new UID isn't
212 # important, then you'll get the same old UID that exists on the
213 # system from the old package. That old UID is assigned to SYS_USER_UID
214 # in sys-user_src_configure(), so that case is handled too.
215 touch "${T}/${SYS_USER_UID}" || die
216 insinto "/var/lib/sys-user"
217 doins "${T}/${SYS_USER_UID}"
218 }
219
220 sys-user_pkg_preinst() {
221 if [[ -z $(sys-user_getuid "${SYS_USER_NAME}") ]]; then
222 # The user does not already exist. This is the nice and easy
223 # case because no matter how we got here, we want to go ahead
224 # and create the (new) user.
225 sys-user_create || die "failed to add user ${SYS_USER_NAME}"
226 elif [[ -n "${REPLACING_VERSIONS}" ]]; then
227 #
228 # This case is done in pkg_postint() to avoid clobbering a
229 # new user when we remove the old one.
230 #
231 :
232 else
233 # UPGRADE PATH: Ok, the user exists but this isn't an upgrade of
234 # a sys-user package. This is the upgrade path from the old
235 # style of user/group management to the new style. Lets see if
236 # the new user is compatible with the old one; it usually will be.
237 # We only bail out if there's a homedir or shell conflict.
238 #
239 # We should make it policy that new sys-user packages have the
240 # same homedir and shell as the existing ones created by
241 # ebuilds, but it can't hurt to check again here. These checks
242 # are done here (and not in pkg_pretend, where they would be
243 # more consistent) because the PMS states that REPLACING_VERSIONS
244 # may not be defined there.
245 #
246 # If a homedir/shell changes during a sys-user upgrade, we don't
247 # consider that a problem, because the change was knowingly made
248 # by a developer who just edited an ebuild to make that change.
249 local oldhome=$(egethome "${SYS_USER_NAME}")
250 local oldshell=$(egetshell "${SYS_USER_NAME}")
251
252 if [[ "${oldhome}" != "${SYS_USER_HOME}" ]]; then
253 die "home directory conflict for new user: ${SYS_USER_HOME}"
254 fi
255
256 if [[ "${oldhshell}" != "${SYS_USER_SHELL}" ]]; then
257 die "shell conflict for new user: ${SYS_USER_SHELL}"
258 fi
259
260 # The user already exists, so all we have left to do is to try
261 # to append SYS_USER_GROUPS to the existing groups. The home
262 # dir, shell, and uid should all match already.
263 sys-user_modify \
264 || die "failed to append groups to existing user ${SYS_USER_NAME}"
265 fi
266 }
267
268 sys-user_pkg_postinst() {
269 if [[ -n "${REPLACING_VERSIONS}" ]]; then
270 # This is an upgrade from a previous version of a sys-user
271 # package. This case has to be handled carefully to make sure
272 # that the pkg_prerm() of the old version doesn't remove the user
273 # that this new version is going to add. At this point, in our
274 # pkg_postinst(), the old version's pkg_prerm() phase should have
275 # already happened.
276 if [[ -n $(sys-user_getuid "${SYS_USER_NAME}") ]]; then
277 die "User ${SYS_USER_NAME} already exists during an upgrade."
278 else
279 sys-user_modify || die "failed to add user ${SYS_USER_NAME}"
280 fi
281 fi
282 }
283
284 sys-user_pkg_prerm() {
285 if [[ -z $(sys-user_getuid "${SYS_USER_NAME}") ]]; then
286 # We have successfully done nothing.
287 ewarn "Tried to remove nonexistent user ${SYS_USER_NAME}."
288 elif [[ -z "${REPLACING_VERSIONS}" ]]; then
289 # The user to remove exists, and this is not an upgrade, so
290 # we really do remove him.
291 userdel "${SYS_USER_NAME}" || \
292 die "failed to remove user ${SYS_USER_NAME}"
293 einfo "Removed user ${SYS_USER_NAME} from the system."
294
295 # The missing case: if the user exista and this is an upgrade,
296 # we leave the user alone to be modified in
297 # sys-user_pkg_postinst().
298 fi
299 }
A Gentoo overlay containing whatever I feel like at the moment.