# This eclass does most of the work for the sys-user/ packages that
# supply system user accounts.
+# Needed for egetshell and egethome.
inherit user
-EXPORT_FUNCTIONS pkg_pretend src_unpack src_configure src_compile src_install src_test pkg_preinst pkg_postinst pkg_prerm
+EXPORT_FUNCTIONS pkg_pretend src_unpack src_configure src_compile src_install src_test pkg_preinst pkg_prerm
-: ${HOMEPAGE:="https://www.gentoo.org/"}
+: ${HOMEPAGE:="https://wiki.gentoo.org/wiki/User:Mjo/GLEP:User_packages"}
: ${DESCRIPTION:="The ${PN} system user"}
-: ${LICENSE:="GPL-2"}
+: ${LICENSE="GPL-2"}
# If you want a different username, use a different package name. This
# prevents different people from claiming the same username.
# @ECLASS-VARIABLE: SYS_USER_UID
# @REQUIRED
# @DESCRIPTION:
-# etc.
-
+# This should be set to the "fixed" UID that your user should have.
+# We may have to fall back to an arbitrary UID, but you still need
+# to specify a real, valid UID here. At the very least because our
+# SLOT variable needs it.
+[[ -z "${SYS_USER_UID}" ]] && die "SYS_USER_UID must be set"
# @ECLASS-VARIABLE: SYS_USER_UID_IMPORTANT
# @REQUIRED
sys-user_getuid() {
# Output the real UID of the given user, or the empty string if the
# user does not exist on the system.
- echo $(id --real --user "${1}")
+ [[ $# -eq 1 ]] || die "usage: sys-user_getuid <username>"
+ echo $(id --real --user "${1}" 2>/dev/null)
+}
+
+sys-user_getname() {
+ # Output the username associated with the given UID, or the empty string
+ # if the given UID is still available.
+ [[ $# -eq 1 ]] || die "usage: sys-user_getname <uid>"
+ echo $(egetent passwd "${1}" | cut -f1 -d':')
}
sys-user_create() {
}
-sys-user_pkg_pretend() {
- # Sanity checks that would otherwise run code in global scope.
+sys-user_modify() {
+ # Modify the existing user named $SYS_USER_NAME to match the values
+ # contained in the following variables:
#
- # First ensure that the user didn't say his UID is important and
- # then fail to specify one.
- if [[ -z "${SYS_USER_UID}" ]] &&
- [[ "${SYS_USER_UID_IMPORTANT}" == "true" ]]; then
- # Don't make no damn sense.
- die "arbitrary UID requested with SYS_USER_UID_IMPORTANT=true"
- fi
+ # * SYS_USER_UID
+ # * SYS_USER_SHELL
+ # * SYS_USER_HOME
+ # * SYS_USER_GROUPS
+ #
+ usermod ${SYS_USER_UID:+--uid }"${SYS_USER_UID}" \
+ ${SYS_USER_GROUPS:+--append --groups }"${SYS_USER_GROUPS}" \
+ --shell "${SYS_USER_SHELL}" \
+ --home-dir "${SYS_USER_HOME}" \
+ "${SYS_USER_NAME}"
+}
- # Next ensure that no other username owns an important UID.
+sys-user_pkg_pretend() {
+ # Sanity checks that would otherwise run code in global scope.
if [[ "${SYS_USER_UID_IMPORTANT}" == "true" ]]; then
- # Ok, the UID is important. Make sure nobody else has it. Or
+
+ # The UID is important, so make sure nobody else has it. Or
# rather, nobody else *with a different username* has it.
- local oldname=$(egetent passwd "${SYS_USER_UID}" | cut -f1 -d':')
- if [[ "${SYS_USER_NAME}" != "${oldname}" ]]; then
+ local oldname=$(sys-user_getname "${SYS_USER_UID}")
+ if [[ -n "${oldname}" ]] && \
+ [[ "${SYS_USER_NAME}" != "${oldname}" ]]; then
die "important UID ${SYS_USER_UID} already belongs to ${oldname}"
fi
- fi
- # Finally, ensure that this username doesn't already exist with
- # another UID if its UID is supposedly important.
- local olduid=$(sys-user_getuid "${SYS_USER_NAME}")
- if [[ -n "${olduid}" ]]; then
- if [[ "${SYS_USER_UID_IMPORTANT}" == "true" ]] && \
+ # Ensure that this username doesn't already exist with another
+ # UID if its UID is supposedly important.
+ local olduid=$(sys-user_getuid "${SYS_USER_NAME}")
+ if [[ -n "${olduid}" ]] && \
[[ "${SYS_USER_UID}" != "${olduid}" ]]; then
# The UID is important and specified, but there is already a
# system user with this name and a different UID. Halp.
fi
fi
+ local current_name=$(sys-user_getname "${SYS_USER_UID}")
+ if [[ "${current_name}" != "${SYS_USER_NAME}" ]]; then
+ # This UID is already taken by another user, but this
+ # specific UID was not important (we checked in
+ # pkg_pretend), so fall back to an arbitrary one.
+ unset SYS_USER_UID
+ fi
+
# The "useradd" and "usermod" tools expect a comma-separated list,
# so change our spaces to commas. Having duplicates in the list is
# not a problem for those two tools.
# be possible.
#
# Beware, this only works if SYS_USER_UID is guaranteed to have a
- # real UID and not, for example, -1.
+ # real UID and not be e.g. the empty string.
#
- # TODO: this is a problem now!
+ # Our sys-user_create() function makes sure to set SYS_USER_UID to
+ # something useful, and the only place that sys-user_create() is
+ # called from is sys-user_pkg_preinst(), which takes place before
+ # this sys-user_src_install().
#
- #touch "${T}/${SYS_USER_UID}" || die
- #insinto "/var/lib/sys-user"
- #doins "${T}/${SYS_USER_UID}"
+ # The other way that SYS_USER_UID could be empty is during an
+ # upgrade; however, if you're doing an upgrade and the new UID isn't
+ # important, then you'll get the same old UID that exists on the
+ # system from the old package. That old UID is assigned to SYS_USER_UID
+ # in sys-user_src_configure(), so that case is handled too.
+ touch "${T}/${SYS_USER_UID}" || die
+ insinto "/var/lib/sys-user"
+ doins "${T}/${SYS_USER_UID}"
}
sys-user_pkg_preinst() {
# and create the (new) user.
sys-user_create || die "failed to add user ${SYS_USER_NAME}"
elif [[ -n "${REPLACING_VERSIONS}" ]]; then
- #
- # This case is done in pkg_postint() to avoid clobbering a
- # new user when we remove the old one.
- #
- :
+ # This is an upgrade from a previous version of a sys-user
+ # package. Modify the existing user (who will not be removed; see
+ # sys-user_pkg_prerm) rather than creating a new one.
+ sys-user_modify || die "failed to upgrade user ${SYS_USER_NAME}"
else
# UPGRADE PATH: Ok, the user exists but this isn't an upgrade of
# a sys-user package. This is the upgrade path from the old
fi
# The user already exists, so all we have left to do is to try
- # to append SYS_USER_GROUPS to the existing groups.
- usermod --append --groups "${SYS_USER_GROUPS}" \
+ # to append SYS_USER_GROUPS to the existing groups. The home
+ # dir, shell, and uid should all match already.
+ sys-user_modify \
|| die "failed to append groups to existing user ${SYS_USER_NAME}"
fi
}
-sys-user_pkg_postinst() {
- if [[ -n "${REPLACING_VERSIONS}" ]]; then
- # This is an upgrade from a previous version of a sys-user
- # package. This case has to be handled carefully to make sure
- # that the pkg_prerm() of the old version doesn't remove the user
- # that this new version is going to add. At this point, in our
- # pkg_postinst(), the old version's pkg_prerm() phase should have
- # already happened.
- if [[ -n $(sys-user_getuid "${SYS_USER_NAME}") ]]; then
- die "User ${SYS_USER_NAME} already exists during an upgrade."
- else
- sys-user_create || die "failed to add user ${SYS_USER_NAME}"
- fi
- fi
-}
sys-user_pkg_prerm() {
if [[ -z $(sys-user_getuid "${SYS_USER_NAME}") ]]; then
# We have successfully done nothing.
ewarn "Tried to remove nonexistent user ${SYS_USER_NAME}."
- else
- userdel "${SYS_USER_NAME}" || \
- die "failed to remove user ${SYS_USER_NAME}"
- einfo "Removed user ${SYS_USER_NAME} from the system."
+ elif [[ -z "${REPLACING_VERSIONS}" ]]; then
+ # The user to remove exists, and this is not an upgrade. For
+ # Phase 1, we maintain the status quo and simply refuse to
+ # remove him (unless you know what you are doing).
+ if [[ "${I_KNOW_WHAT_I_AM_DOING}" == "yes" ]]; then
+ userdel "${SYS_USER_NAME}" || \
+ die "failed to remove user ${SYS_USER_NAME}"
+ einfo "Removed user ${SYS_USER_NAME} from the system."
+ else
+ die "refusing to remove package for system user ${SYS_USER_NAME}"
+ fi
+
+ # The missing case: if the user exists and this is an upgrade,
+ # we leave the user alone to be modified in
+ # sys-user_pkg_preinst().
fi
}
projects / mjo-overlay.git / blobdiff