From nobody Tue Oct 7 06:51:37 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cgmyK6zT6z69b7R; Tue, 07 Oct 2025 06:51:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cgmyK68ykz3k3C; Tue, 07 Oct 2025 06:51:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759819897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+NO36mK84CPm1HIw9ESVICbs2HM8deNXRX+o2uFaqZE=; b=QyA54nhVcXdJPXNSIFPULU1JakVCNWaw1n29z4nIdicPxMkpBDJvdqKgGdhNcD+4I+Rg1X oHmVshPWojk11b+Mmh0xyrnGbvISLFIxZcip0poKLfjuoaJEd8XMGcbTM7rTNAaI6kq1/q iHtY/s/FQt2fSzAFPDFhyYsI5urSsMH3lcaF6/G0tfX1TocZ4ubDynsLm/XW5+UMpImkUk Xm0JA0ECR/XNarv3ZsncV54zRoH1ZlxvdsN+mkoEohdhq/oxz/655zoVYkg/5YwGgQ3a0m EsVgX+MRGOG2BY7vXR5L+eVXX64my1Jvm/tVQdTnBiaHgMP9p32u0aTocVoFfQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759819897; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=+NO36mK84CPm1HIw9ESVICbs2HM8deNXRX+o2uFaqZE=; b=rKX/zI1yRiKlT7iWrOVsoSljdd6ta0QPc8B50Oc3K317sdHj9WQaITkidHbBqAFQDvzeVK o0l94dUGBnx0xsYVugeiagPLMaKqt7zHWqtZZBpyw0+CaU9bXAy6X7UCRBQ6HwdfLT7Vba +GFBdX0G+LXOSRG+bygwqpitnk6jac8Vp0BE/nGeDlWll67fCQZPQ5P46cw3kgyhFVzT4g yXAyAe1xDCMx143wGefPSyxq1aBXjNlnpKNkqWvk/GbVP4KOt2cAEaRBjgNSoKX5rKbHQb qlCr04QPmVSLWdl7r1gSNfTt76ye/6d4iQWzbl0Mj3ol+gJJ5szumuF8LDSYCQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1759819897; a=rsa-sha256; cv=none; b=rhVGJEpWY1EP8bLpI9a7qP0nJlYeB1GS4rZDFIORTBv/LK9c8l6xhqa58SDxT3uCFcyHfs 35FqNBKC4Sn2ol2L23ytNXlFz76Z+716Sj1ozEccFh0YOsbs4ZMLSbl0fodJDWALD3Bjee fMHs0Yw4M1YzZpdtam3//Fpk+1VU3C8rdLU+6JKvgCBDOIARyLpV8odGnzcuqSEKGyni7l aJsu3RMzVNyCbwKYzSR3m20UpF6YoAoUpgHTnwAvkd3zDqOJpTRM7e9bB+H31rJutVDcP5 s+IgakGKbbSfB6t5MUY9sSE3nfVVjlGsfK/4fFcvn3aq4gdhehM/rlq/H/1Tiw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cgmyK5GZVzZqc; Tue, 07 Oct 2025 06:51:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5976pbjd095603; Tue, 7 Oct 2025 06:51:37 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5976pbKD095600; Tue, 7 Oct 2025 06:51:37 GMT (envelope-from git) Date: Tue, 7 Oct 2025 06:51:37 GMT Message-Id: <202510070651.5976pbKD095600@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Baptiste Daroussin Subject: git: 6c6b157a9fb7 - stable/15 - nuageinit: Ignore non-existent groups List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/stable/15 X-Git-Reftype: branch X-Git-Commit: 6c6b157a9fb7be8782ab798fe2d229502253a07b Auto-Submitted: auto-generated The branch stable/15 has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=6c6b157a9fb7be8782ab798fe2d229502253a07b commit 6c6b157a9fb7be8782ab798fe2d229502253a07b Author: Jesús Daniel Colmenares Oviedo AuthorDate: 2025-09-27 22:03:09 +0000 Commit: Baptiste Daroussin CommitDate: 2025-10-07 06:51:18 +0000 nuageinit: Ignore non-existent groups In cloud-init, when a group specified in the 'users.{index}.groups' parameter does not exist, it is ignored, but the user is created anyway. In the case of nuageinit, it exits with an exception, since pw(8) expects each group to exist. Reviewed by: bapt@ Approved by: bapt@ Differential Revision: https://reviews.freebsd.org/D52718 (cherry picked from commit 68691160f41bf6ce9ab70ddeeb7eeec2a7bff245) --- libexec/nuageinit/nuage.lua | 61 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 60 insertions(+), 1 deletion(-) diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua index ef3cfd994fe1..3eeb2ea0b44c 100644 --- a/libexec/nuageinit/nuage.lua +++ b/libexec/nuageinit/nuage.lua @@ -139,6 +139,58 @@ local function splitlist(list) return ret end +local function splitlines(s) + local ret = {} + + for line in string.gmatch(s, "[^\n]+") do + ret[#ret + 1] = line + end + + return ret +end + +local function getgroups() + local ret = {} + + local root = os.getenv("NUAGE_FAKE_ROOTDIR") + local cmd = "pw " + if root then + cmd = cmd .. "-R " .. root .. " " + end + + local f = io.popen(cmd .. "groupshow -a 2> /dev/null | cut -d: -f1") + local groups = f:read("*a") + f:close() + + return splitlines(groups) +end + +local function checkgroup(group) + local groups = getgroups() + + for _, group2chk in ipairs(groups) do + if group == group2chk then + return true + end + end + + return false +end + +local function purge_group(groups) + local ret = {} + + for _, group in ipairs(groups) do + if checkgroup(group) then + ret[#ret + 1] = group + else + warnmsg("ignoring non-existent group '" .. group .. "'") + end + end + + return ret +end + local function adduser(pwd) if (type(pwd) ~= "table") then warnmsg("Argument should be a table") @@ -164,7 +216,14 @@ local function adduser(pwd) local extraargs = "" if pwd.groups then local list = splitlist(pwd.groups) - extraargs = " -G " .. table.concat(list, ",") + -- pw complains if the group does not exist, so if the user + -- specifies one that cannot be found, nuageinit will generate + -- an exception and exit, unlike cloud-init, which only issues + -- a warning but creates the user anyway. + list = purge_group(list) + if #list > 0 then + extraargs = " -G " .. table.concat(list, ",") + end end -- pw will automatically create a group named after the username -- do not add a -g option in this case