X-Git-Url: http://gitweb.michael.orlitzky.com/?p=mjo-overlay.git;a=blobdiff_plain;f=eclass%2Fsys-user.eclass;fp=eclass%2Fsys-user.eclass;h=0000000000000000000000000000000000000000;hp=7cfffaf123a2e67e82ed41297c94e3a2c2ea2adf;hb=d96d9049a2c43260c040d59e93e90da2f6b854da;hpb=49a2493f92d112d98b9a8484eb453aa0167396eb diff --git a/eclass/sys-user.eclass b/eclass/sys-user.eclass deleted file mode 100644 index 7cfffaf..0000000 --- a/eclass/sys-user.eclass +++ /dev/null @@ -1,287 +0,0 @@ -# Copyright 1999-2017 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -# @ECLASS: sys-user.eclass -# @MAINTAINER: -# Michael Orlitzky -# @BLURB: handle installation and removal of system users. -# @DESCRIPTION: -# This eclass does most of the work for the sys-user/ packages that -# supply system user accounts. - -# Needed for egetshell and egethome. -inherit user - -EXPORT_FUNCTIONS pkg_pretend src_unpack src_configure src_compile src_install src_test pkg_preinst pkg_prerm - -: ${HOMEPAGE:="https://wiki.gentoo.org/wiki/User:Mjo/GLEP:User_packages"} -: ${DESCRIPTION:="The ${PN} system user"} -: ${LICENSE="GPL-2"} - -# If you want a different username, use a different package name. This -# prevents different people from claiming the same username. -SYS_USER_NAME="${PN}" - -# @ECLASS-VARIABLE: SYS_USER_GROUPS -# @DESCRIPTION: -# A space-separated list of groups that the user will belong to. -# Dependencies on the appropriate sys-group packages are generated -# automatically. -: ${SYS_USER_GROUPS:=${PN}} - -# @ECLASS-VARIABLE: SYS_USER_UID -# @REQUIRED -# @DESCRIPTION: -# This should be set to the "fixed" UID that your user should have. -# We may have to fall back to an arbitrary UID, but you still need -# to specify a real, valid UID here. At the very least because our -# SLOT variable needs it. -[[ -z "${SYS_USER_UID}" ]] && die "SYS_USER_UID must be set" - -# @ECLASS-VARIABLE: SYS_USER_UID_IMPORTANT -# @REQUIRED -# @DESCRIPTION: -# Set to "true" if you want to die() if you don't get your desired UID. -: ${SYS_USER_UID_IMPORTANT:=false} - -# In many cases, if the UID of a user changes, packages depending on it -# will want to rebuild. We always use SLOT=0, because you can't install -# the same user twice. Then we use the UID as our subslot so that -# subslot deps can be used to rebuild packages when our UID changes. -SLOT="0/${SYS_USER_UID}" - -# @ECLASS-VARIABLE: SYS_USER_HOME -# @DESCRIPTION: -# etc. -: ${SYS_USER_HOME:=/home/${SYS_USER_NAME}} - -# @ECLASS-VARIABLE: SYS_USER_SHELL -# @DESCRIPTION: -# etc. -: ${SYS_USER_SHELL:=/bin/false} - -case ${EAPI} in - 6) ;; - *) - die "${ECLASS} is not compatible with EAPI=${EAPI}" -esac - -# Depend on any groups we might need. -for _group in ${SYS_USER_GROUPS}; do - DEPEND+=" sys-group/${_group} " - RDEPEND+=" sys-group/${_group}:= " -done -unset _group - -S="${WORKDIR}" - -sys-user_src_unpack() { :; } -sys-user_src_compile() { :; } -sys-user_src_test() { :; } - -sys-user_getuid() { - # Output the real UID of the given user, or the empty string if the - # user does not exist on the system. - [[ $# -eq 1 ]] || die "usage: sys-user_getuid " - echo $(id --real --user "${1}" 2>/dev/null) -} - -sys-user_getname() { - # Output the username associated with the given UID, or the empty string - # if the given UID is still available. - [[ $# -eq 1 ]] || die "usage: sys-user_getname " - echo $(egetent passwd "${1}" | cut -f1 -d':') -} - -sys-user_create() { - # Create the user whose information is contained in the following - # variables: - # - # * SYS_USER_NAME - # * SYS_USER_UID - # * SYS_USER_SHELL - # * SYS_USER_HOME - # * SYS_USER_GROUPS - # - # We don't create a group with the same name; that should be the - # job of the matching sys-group package. - useradd --no-user-group \ - ${SYS_USER_UID:+--uid }"${SYS_USER_UID}" \ - ${SYS_USER_GROUPS:+--groups }"${SYS_USER_GROUPS}" \ - --shell "${SYS_USER_SHELL}" \ - --home-dir "${SYS_USER_HOME}" \ - "${SYS_USER_NAME}" -} - - -sys-user_modify() { - # Modify the existing user named $SYS_USER_NAME to match the values - # contained in the following variables: - # - # * SYS_USER_UID - # * SYS_USER_SHELL - # * SYS_USER_HOME - # * SYS_USER_GROUPS - # - usermod ${SYS_USER_UID:+--uid }"${SYS_USER_UID}" \ - ${SYS_USER_GROUPS:+--append --groups }"${SYS_USER_GROUPS}" \ - --shell "${SYS_USER_SHELL}" \ - --home "${SYS_USER_HOME}" \ - "${SYS_USER_NAME}" -} - -sys-user_pkg_pretend() { - # Sanity checks that would otherwise run code in global scope. - if [[ "${SYS_USER_UID_IMPORTANT}" == "true" ]]; then - - # The UID is important, so make sure nobody else has it. Or - # rather, nobody else *with a different username* has it. - local oldname=$(sys-user_getname "${SYS_USER_UID}") - if [[ -n "${oldname}" ]] && \ - [[ "${SYS_USER_NAME}" != "${oldname}" ]]; then - die "important UID ${SYS_USER_UID} already belongs to ${oldname}" - fi - - # Ensure that this username doesn't already exist with another - # UID if its UID is supposedly important. - local olduid=$(sys-user_getuid "${SYS_USER_NAME}") - if [[ -n "${olduid}" ]] && \ - [[ "${SYS_USER_UID}" != "${olduid}" ]]; then - # The UID is important and specified, but there is already a - # system user with this name and a different UID. Halp. - die "user ${SYS_USER_NAME} already exists with UID ${olduid}" - fi - fi -} - -sys-user_src_configure() { - local current_uid=$(sys-user_getuid "${SYS_USER_NAME}") - if [[ -n "${current_uid}" ]]; then - # UPGRADE PATH: This user already exists, so if the eclass - # consumer doesn't care about some settings, we can reuse the - # pre-existing ones. - # - # This is also useful for sys-user package upgrades, because it - # prevents us from incrementing the UID on a reinstall, and doing - # so would break most packages that need a system user to exist. - if [[ "${SYS_USER_UID_IMPORTANT}" != "true" ]]; then - SYS_USER_UID="${current_uid}" - fi - - if [[ -z "${SYS_USER_HOME}" ]]; then - SYS_USER_HOME=$(egethome "${SYS_USER_NAME}") - fi - - if [[ -z "${SYS_USER_SHELL}" ]]; then - SYS_USER_SHELL=$(egetshell "${SYS_USER_NAME}") - fi - fi - - local current_name=$(sys-user_getname "${SYS_USER_UID}") - if [[ -n "${current_name}" ]] && \ - [[ "${current_name}" != "${SYS_USER_NAME}" ]]; then - # This UID is already taken by another user, but this - # specific UID was not important (we checked in - # pkg_pretend), so fall back to an arbitrary one. - unset SYS_USER_UID - fi - - # The "useradd" and "usermod" tools expect a comma-separated list, - # so change our spaces to commas. Having duplicates in the list is - # not a problem for those two tools. - SYS_USER_GROUPS="${SYS_USER_GROUPS// /,}" -} - -sys-user_src_install() { - # Install a placeholder file to /var/lib/sys-user/$uid. This will - # cause collisions if two packages try to install users with the - # same UID. The same problem potentially exists with the username, - # but as long as SYS_USER_NAME is hard-coded to $PN, that shouldn't - # be possible. - # - # Beware, this only works if SYS_USER_UID is guaranteed to have a - # real UID and not be e.g. the empty string. - # - # Our sys-user_create() function makes sure to set SYS_USER_UID to - # something useful, and the only place that sys-user_create() is - # called from is sys-user_pkg_preinst(), which takes place before - # this sys-user_src_install(). - # - # The other way that SYS_USER_UID could be empty is during an - # upgrade; however, if you're doing an upgrade and the new UID isn't - # important, then you'll get the same old UID that exists on the - # system from the old package. That old UID is assigned to SYS_USER_UID - # in sys-user_src_configure(), so that case is handled too. - touch "${T}/${SYS_USER_UID}" || die - insinto "/var/lib/sys-user" - doins "${T}/${SYS_USER_UID}" -} - -sys-user_pkg_preinst() { - if [[ -z $(sys-user_getuid "${SYS_USER_NAME}") ]]; then - # The user does not already exist. This is the nice and easy - # case because no matter how we got here, we want to go ahead - # and create the (new) user. - sys-user_create || die "failed to add user ${SYS_USER_NAME}" - elif [[ -n "${REPLACING_VERSIONS}" ]]; then - # This is an upgrade from a previous version of a sys-user - # package. Modify the existing user (who will not be removed; see - # sys-user_pkg_prerm) rather than creating a new one. - sys-user_modify || die "failed to upgrade user ${SYS_USER_NAME}" - else - # UPGRADE PATH: Ok, the user exists but this isn't an upgrade of - # a sys-user package. This is the upgrade path from the old - # style of user/group management to the new style. Lets see if - # the new user is compatible with the old one; it usually will be. - # We only bail out if there's a homedir or shell conflict. - # - # We should make it policy that new sys-user packages have the - # same homedir and shell as the existing ones created by - # ebuilds, but it can't hurt to check again here. These checks - # are done here (and not in pkg_pretend, where they would be - # more consistent) because the PMS states that REPLACING_VERSIONS - # may not be defined there. - # - # If a homedir/shell changes during a sys-user upgrade, we don't - # consider that a problem, because the change was knowingly made - # by a developer who just edited an ebuild to make that change. - local oldhome=$(egethome "${SYS_USER_NAME}") - local oldshell=$(egetshell "${SYS_USER_NAME}") - - if [[ "${oldhome}" != "${SYS_USER_HOME}" ]]; then - die "home directory conflict for new user: ${SYS_USER_HOME}" - fi - - if [[ "${oldshell}" != "${SYS_USER_SHELL}" ]]; then - die "shell conflict for new user: ${SYS_USER_SHELL}" - fi - - # The user already exists, so all we have left to do is to try - # to append SYS_USER_GROUPS to the existing groups. The home - # dir, shell, and uid should all match already. - sys-user_modify \ - || die "failed to append groups to existing user ${SYS_USER_NAME}" - fi -} - - -sys-user_pkg_prerm() { - if [[ -z $(sys-user_getuid "${SYS_USER_NAME}") ]]; then - # We have successfully done nothing. - ewarn "Tried to remove nonexistent user ${SYS_USER_NAME}." - elif [[ -z "${REPLACED_BY_VERSION}" ]]; then - # The user to remove exists, and this is not an upgrade. For - # Phase 1, we maintain the status quo and simply refuse to - # remove him (unless you know what you are doing). - if [[ "${I_KNOW_WHAT_I_AM_DOING}" == "yes" ]]; then - userdel "${SYS_USER_NAME}" || \ - die "failed to remove user ${SYS_USER_NAME}" - einfo "Removed user ${SYS_USER_NAME} from the system." - else - die "refusing to remove package for system user ${SYS_USER_NAME}" - fi - - # The missing case: if the user exists and this is an upgrade, - # we leave him alone to be modified in sys-user_pkg_preinst(). - fi -}