Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 18 Apr 2016 18:39:45 +0000 (UTC)
From:      Mathieu Arnold <mat@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r413604 - in head/Mk: . Scripts
Message-ID:  <201604181839.u3IIdjhn065995@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: mat
Date: Mon Apr 18 18:39:44 2016
New Revision: 413604
URL: https://svnweb.freebsd.org/changeset/ports/413604

Log:
  Extract the users/groups creation into a separate shell script.
  
  This adds a few features:
  - it checks that the UID line has the right number of fields [1]
  - it tells the user that there are groups that he may want to remove [2]
  
  PR:		208800, 173318 [1], 157546 [2]
  Submitted by:	mat
  Sponsored by:	Absolight
  Differential Revision:	https://reviews.freebsd.org/D5939

Added:
  head/Mk/Scripts/do-users-groups.sh   (contents, props changed)
Modified:
  head/Mk/bsd.port.mk   (contents, props changed)

Added: head/Mk/Scripts/do-users-groups.sh
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/Mk/Scripts/do-users-groups.sh	Mon Apr 18 18:39:44 2016	(r413604)
@@ -0,0 +1,179 @@
+#!/bin/sh
+# $FreeBSD$
+#
+# MAINTAINER: portmgr@FreeBSD.org
+
+set -e
+
+. "${dp_SCRIPTSDIR}/functions.sh"
+
+validate_env dp_ECHO_MSG dp_GID_FILES dp_GID_OFFSET dp_GROUPS_BLACKLIST \
+	dp_INSTALL dp_OPSYS dp_OSVERSION dp_PREFIX dp_PW dp_SCRIPTSDIR \
+	dp_UG_DEINSTALL dp_UG_INSTALL dp_UID_FILES dp_UID_OFFSET \
+	dp_USERS_BLACKLIST
+
+set -u
+
+USERS=$1
+GROUPS=$2
+
+error() {
+	${dp_ECHO_MSG} "${1}"
+
+	exit 1
+}
+
+rm -f "${dp_UG_INSTALL}" "${dp_UG_DEINSTALL}" || :
+
+# Before FreeBSD 10.2, PW did not have -R support.
+if [ "${dp_OPSYS}" = FreeBSD ] && [ "${dp_OSVERSION}" -ge 1002000 ]; then
+	cat >> "${dp_UG_INSTALL}" <<-eot
+	if [ -n "\${PKG_ROOTDIR}" ] && [ "\${PKG_ROOTDIR}" != "/" ]; then
+	  PW="${dp_PW} -R \${PKG_ROOTDIR}"
+	else
+	  PW=${dp_PW}
+	fi
+	eot
+else
+	echo "PW=${dp_PW}" >> "${dp_UG_INSTALL}"
+fi
+
+# Both scripts need to start the same, so
+cp -f "${dp_UG_INSTALL}" "${dp_UG_DEINSTALL}"
+
+if [ -n "${GROUPS}" ]; then
+	for file in ${dp_GID_FILES}; do
+		if [ ! -f "${file}" ]; then
+			error "** ${file} doesn't exist. Exiting."
+		fi
+	done
+	${dp_ECHO_MSG} "===> Creating groups."
+	echo "echo \"===> Creating groups.\"" >> "${dp_UG_INSTALL}"
+	for group in ${GROUPS}; do
+		# _bgpd:*:130:
+		if ! grep -q "^${group}:" ${dp_GID_FILES}; then \
+			error "** Cannot find any information about group \`${group}' in ${dp_GID_FILES}."
+		fi
+		o_IFS=${IFS}
+		IFS=":"
+		while read -r group _ gid _; do
+			if [ -z "${gid}" ]; then
+				error "Group line for group ${group} has no gid"
+			fi
+			gid=$((gid+dp_GID_OFFSET))
+			cat >> "${dp_UG_INSTALL}" <<-eot2
+			if ! \${PW} groupshow $group >/dev/null 2>&1; then
+			  echo "Creating group '$group' with gid '$gid'."
+			  \${PW} groupadd $group -g $gid
+			else
+			  echo "Using existing group '$group'."
+			fi
+			eot2
+		done <<-eot
+		$(grep -h "^${group}:" ${dp_GID_FILES} | head -n 1)
+		eot
+		IFS=${o_IFS}
+	done
+fi
+
+if [ -n "${USERS}" ]; then
+	for file in ${dp_UID_FILES}; do
+		if [ ! -f "${file}" ]; then
+			error "** ${file} doesn't exist. Exiting."
+		fi
+	done
+
+	${dp_ECHO_MSG} "===> Creating users"
+	echo "echo \"===> Creating users\"" >> "${dp_UG_INSTALL}"
+
+	for user in ${USERS}; do
+		# _bgpd:*:130:130:BGP Daemon:/var/empty:/sbin/nologin
+		if ! grep -q "^${user}:" ${dp_UID_FILES} ; then
+			error "** Cannot find any information about user \`${user}' in ${dp_UID_FILES}."
+		fi
+		o_IFS=${IFS}
+		IFS=":"
+		while read -r login _ uid gid class _ _ gecos homedir shell; do
+			if [ -z "$uid" ] || [ -z "$gid" ] || [ -z "$homedir" ] || [ -z "$shell" ]; then
+				error "User line for ${user} is invalid"
+			fi
+			uid=$((uid+dp_UID_OFFSET))
+			gid=$((gid+dp_GID_OFFSET))
+			if [ -n "$class" ]; then
+				class="-L $class"
+			fi
+			homedir=$(echo "$homedir" | sed "s|^/usr/local|${dp_PREFIX}|")
+			cat >> "${dp_UG_INSTALL}" <<-eot2
+			if ! \${PW} usershow $login >/dev/null 2>&1; then
+			  echo "Creating user '$login' with uid '$uid'."
+			  \${PW} useradd $login -u $uid -g $gid $class -c "$gecos" -d $homedir -s $shell
+			else
+			  echo "Using existing user '$login'."
+			fi
+			eot2
+			case $homedir in
+				/|/nonexistent|/var/empty)
+					;;
+				*)
+					echo "${dp_INSTALL} -d -g $gid -o $uid $homedir" >> "${dp_UG_INSTALL}"
+					;;
+			esac
+		done <<-eot
+		$(grep -h "^${user}:" ${dp_UID_FILES} | head -n 1)
+		eot
+		IFS=${o_IFS}
+	done
+fi
+
+if [ -n "${GROUPS}" ]; then
+	for group in ${GROUPS}; do
+		# mail:*:6:postfix,clamav
+		o_IFS=${IFS}
+		IFS=":"
+		while read -r group _ gid members; do
+			gid=$((gid+dp_GID_OFFSET))
+			oo_IFS=${IFS}
+			IFS=","
+			for login in $members; do
+				for user in ${USERS}; do
+					if [ -n "${user}" ] && [ "${user}" = "${login}" ]; then
+						cat >> "${dp_UG_INSTALL}" <<-eot2
+						if ! \${PW} groupshow ${group} | grep -qw ${login}; then
+						  echo "Adding user '${login}' to group '${group}'."
+						  \${PW} groupmod ${group} -m ${login}
+						fi
+						eot2
+					fi
+				done
+			done
+			IFS=${oo_IFS}
+		done <<-eot
+		$(grep -h "^${group}:" ${dp_GID_FILES} | head -n 1)
+		eot
+		IFS=${o_IFS}
+	done
+fi
+
+if [ -n "${USERS}" ]; then
+	for user in ${USERS}; do
+		if ! echo "${dp_USERS_BLACKLIST}" | grep -qw "${user}"; then
+			cat >> "${dp_UG_DEINSTALL}" <<-eot
+			if \${PW} usershow ${user} >/dev/null 2>&1; then
+			  echo "==> You should manually remove the \"${user}\" user. "
+			fi
+			eot
+		fi
+	done
+fi
+
+if [ -n "${GROUPS}" ]; then
+	for group in ${GROUPS}; do
+		if ! echo "${dp_GROUPS_BLACKLIST}" | grep -qw "${group}"; then
+			cat >> "${dp_UG_DEINSTALL}" <<-eot
+			if \${PW} groupshow ${group} >/dev/null 2>&1; then
+			  echo "==> You should manually remove the \"${group}\" group "
+			fi
+			eot
+		fi
+	done
+fi

Modified: head/Mk/bsd.port.mk
==============================================================================
--- head/Mk/bsd.port.mk	Mon Apr 18 18:17:19 2016	(r413603)
+++ head/Mk/bsd.port.mk	Mon Apr 18 18:39:44 2016	(r413604)
@@ -1245,6 +1245,10 @@ GID_OFFSET?=	0
 # alpha numeric sort order
 USERS_BLACKLIST=	_dhcp _pflogd auditdistd bin bind daemon games hast kmem mailnull man news nobody operator pop proxy root smmsp sshd toor tty uucp www
 
+# predefined accounts from src/etc/group
+# alpha numeric sort order
+GROUPS_BLACKLIST=	_dhcp _pflogd audit authpf bin bind daemon dialer ftp games guest hast kmem mail mailnull man network news nobody nogroup operator proxy smmsp sshd staff sys tty unbound uucp wheel www
+
 LDCONFIG_DIR=	libdata/ldconfig
 LDCONFIG32_DIR=	libdata/ldconfig32
 
@@ -3665,96 +3669,28 @@ install-ldconfig-file:
 
 .if !target(create-users-groups)
 .if defined(GROUPS) || defined(USERS)
-_UG_OUTPUT=	${WRKDIR}/users-groups.sh
-PKGPREINSTALL+=	${_UG_OUTPUT}
+_UG_INSTALL=	${WRKDIR}/users-groups-install.sh
+_UG_DEINSTALL=	${WRKDIR}/users-groups-deinstall.sh
+PKGPREINSTALL+=	${_UG_INSTALL}
+PKGPOSTDEINSTALL+=	${_UG_DEINSTALL}
 create-users-groups:
-	@${RM} -f ${_UG_OUTPUT} || ${TRUE}
-.if ${OPSYS} != FreeBSD || ${OSVERSION} < 1002000
-	@${ECHO_CMD} "PW=${PW}" >> ${_UG_OUTPUT}
-.else
-	@${ECHO_CMD} -e "if [ -n \"\$${PKG_ROOTDIR}\" -a \"\$${PKG_ROOTDIR}\" != \"/\" ]; then PW=\"${PW} -R \$${PKG_ROOTDIR}\"; else PW=${PW}; fi" >> ${_UG_OUTPUT}
-.endif
-.if defined(GROUPS)
-.for _file in ${GID_FILES}
-.if !exists(${_file})
-	@${ECHO_CMD} "** ${_file} doesn't exist. Exiting."; exit 1
-.endif
-.endfor
-	@${ECHO_MSG} "===> Creating users and/or groups."
-	@${ECHO_CMD} "echo \"===> Creating users and/or groups.\"" >> ${_UG_OUTPUT}
-.for _group in ${GROUPS}
-# _bgpd:*:130:
-	@if ! ${GREP} -h ^${_group}: ${GID_FILES} >/dev/null 2>&1; then \
-		${ECHO_CMD} "** Cannot find any information about group \`${_group}' in ${GID_FILES}."; \
-		exit 1; \
-	fi
-	@IFS=":"; ${GREP} -h ^${_group}: ${GID_FILES} | head -n 1 | while read group foo gid members; do \
-		gid=$$(($$gid+${GID_OFFSET})); \
-		${ECHO_CMD} -e "if ! \$${PW} groupshow $$group >/dev/null 2>&1; then \n \
-			echo \"Creating group '$$group' with gid '$$gid'.\" \n \
-			\$${PW} groupadd $$group -g $$gid; else echo \"Using existing group '$$group'.\"\nfi" >> ${_UG_OUTPUT}; \
-	done
-.endfor
-.endif
-.if defined(USERS)
-.for _file in ${UID_FILES}
-.if !exists(${_file})
-	@${ECHO_CMD} "** ${_file} doesn't exist. Exiting."; exit 1
-.endif
-.endfor
-.for _user in ${USERS}
-# _bgpd:*:130:130:BGP Daemon:/var/empty:/sbin/nologin
-	@if ! ${GREP} -h ^${_user}: ${UID_FILES} >/dev/null 2>&1; then \
-		${ECHO_CMD} "** Cannot find any information about user \`${_user}' in ${UID_FILES}."; \
-		exit 1; \
-	fi
-	@IFS=":"; ${GREP} -h ^${_user}: ${UID_FILES} | head -n 1 | while read login passwd uid gid class change expire gecos homedir shell; do \
-		uid=$$(($$uid+${UID_OFFSET})); \
-		gid=$$(($$gid+${GID_OFFSET})); \
-		class="$${class:+-L }$$class"; \
-		homedir=$$(echo $$homedir | sed "s|^/usr/local|${PREFIX}|"); \
-		${ECHO_CMD} -e "if ! \$${PW} usershow $$login >/dev/null 2>&1; then \n \
-			echo \"Creating user '$$login' with uid '$$uid'.\" \n \
-			\$${PW} useradd $$login -u $$uid -g $$gid $$class -c \"$$gecos\" -d $$homedir -s $$shell \n \
-			else \necho \"Using existing user '$$login'.\" \nfi" >> ${_UG_OUTPUT}; \
-		case $$homedir in /|/nonexistent|/var/empty) ;; *) ${ECHO_CMD} "${INSTALL} -d -g $$gid -o $$uid $$homedir" >> ${_UG_OUTPUT};; esac; \
-	done
-.endfor
-.if defined(GROUPS)
-.for _group in ${GROUPS}
-# mail:*:6:postfix,clamav
-	@IFS=":"; ${GREP} -h ^${_group}: ${GID_FILES} | head -n 1 | while read group foo gid members; do \
-		gid=$$(($$gid+${GID_OFFSET})); \
-		IFS=","; for _login in $$members; do \
-			for _user in ${USERS}; do \
-				if [ "x$${_user}" = "x$${_login}" ]; then \
-					${ECHO_CMD} -e "if ! \$${PW} groupshow ${_group} | ${GREP} -qw $${_login}; then \n \
-						echo \"Adding user '$${_login}' to group '${_group}'.\" \n \
-						\$${PW} groupmod ${_group} -m $${_login} \nfi" >> ${_UG_OUTPUT}; \
-				fi; \
-			done; \
-		done; \
-	done
-.endfor
-.endif
-.if defined(USERS)
-.for _user in ${USERS}
-.if ${OPSYS} != FreeBSD || ${OSVERSION} < 1002000
-	@if [ ! ${USERS_BLACKLIST:M${_user}} ]; then \
-		${ECHO_CMD} "@unexec PW=${PW}; \
-			if \$${PW} usershow ${_user} >/dev/null 2>&1; then \
-			echo \"==> You should manually remove the \\\"${_user}\\\" user. \"; fi" >> ${TMPPLIST}; \
-	fi
-.else
-	@if [ ! ${USERS_BLACKLIST:M${_user}} ]; then \
-		${ECHO_CMD} "@unexec if [ -n \"\$${PKG_ROOTDIR}\" -a \"\$${PKG_ROOTDIR}\" != \"/\" ]; then PW=\"${PW} -R \$${PKG_ROOTDIR}\"; else PW=${PW}; fi; \
-			if \$${PW} usershow ${_user} >/dev/null 2>&1; then \
-			echo \"==> You should manually remove the \\\"${_user}\\\" user. \"; fi" >> ${TMPPLIST}; \
-	fi
-.endif
-.endfor
-.endif
-.endif
+	@${SETENV} \
+			dp_ECHO_MSG="${ECHO_MSG}" \
+			dp_GID_FILES="${GID_FILES}" \
+			dp_GID_OFFSET="${GID_OFFSET}" \
+			dp_GROUPS_BLACKLIST="${GROUPS_BLACKLIST}" \
+			dp_INSTALL="${INSTALL}" \
+			dp_OPSYS="${OPSYS}" \
+			dp_OSVERSION="${OSVERSION}" \
+			dp_PREFIX="${PREFIX}" \
+			dp_PW="${PW}" \
+			dp_SCRIPTSDIR="${SCRIPTSDIR}" \
+			dp_UG_DEINSTALL="${_UG_DEINSTALL}" \
+			dp_UG_INSTALL="${_UG_INSTALL}" \
+			dp_UID_FILES="${UID_FILES}" \
+			dp_UID_OFFSET="${UID_OFFSET}" \
+			dp_USERS_BLACKLIST="${USERS_BLACKLIST}" \
+			${SH} ${SCRIPTSDIR}/do-users-groups.sh "${USERS}" "${GROUPS}"
 .endif
 .endif
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201604181839.u3IIdjhn065995>