void-packages

Void Source Packages
git clone git://ezup.dev/void-packages.git
Log | Files | Refs | README | LICENSE

system-accounts (4450B)

      1#!/bin/sh
      2#
      3# (Un)registers systems accounts (users/groups).
      4#
      5# Arguments:	$ACTION = [run/targets]
      6#		$TARGET = [post-install/pre-remove]
      7#		$PKGNAME
      8#		$VERSION
      9#		$UPDATE = [yes/no]
     10#
     11ACTION="$1"
     12TARGET="$2"
     13PKGNAME="$3"
     14VERSION="$4"
     15UPDATE="$5"
     16
     17export PATH="usr/sbin:usr/bin:/usr/sbin:/usr/bin:/sbin:/bin"
     18
     19# Determine whether useradd/groupadd/usermod need a prefix argument
     20if [ "$(readlink -f . 2>/dev/null || echo .)" != "/" ]; then
     21	prefix="-P ."
     22else
     23	prefix=
     24fi
     25
     26# show_acct_details <username> <description> <homedir> <shell> [groups]
     27show_acct_details() {
     28	echo "   Account: $1"
     29	echo "   Description: '$2'"
     30	echo "   Homedir: '$3'"
     31	echo "   Shell: '$4'"
     32	[ -n "$5" ] && echo "   Additional groups: '$5'"
     33}
     34
     35group_add() {
     36	local _pretty_grname _grname _gid _prefix
     37
     38	if ! command -v groupadd >/dev/null 2>&1; then
     39		echo "WARNING: cannot create $1 system group (missing groupadd)"
     40		echo "The following group must be created manually: $1"
     41		return
     42	fi
     43
     44	_grname="${1%:*}"
     45	_gid="${1##*:}"
     46
     47	[ "${_grname}" = "${_gid}" ] && _gid=
     48
     49	_pretty_grname="${_grname}${_gid:+ (gid: ${_gid})}"
     50
     51	groupadd ${prefix} -r ${_grname} ${_gid:+-g ${_gid}} >/dev/null 2>&1
     52
     53	case $? in
     54		0) echo "Created ${_pretty_grname} system group." ;;
     55		9) ;;
     56		*) echo "ERROR: failed to create system group ${_pretty_grname}!"; exit 1;;
     57	esac
     58}
     59
     60case "$ACTION" in
     61targets)
     62	echo "post-install pre-remove"
     63	;;
     64run)
     65	[ -z "$system_accounts" -a -z "$system_groups" ] && exit 0
     66
     67	if command -v useradd >/dev/null 2>&1; then
     68		USERADD="useradd ${prefix}"
     69	fi
     70
     71	if command -v usermod >/dev/null 2>&1; then
     72		USERMOD="usermod ${prefix}"
     73	fi
     74
     75	case "$TARGET" in
     76	post-install)
     77		# System groups required by a package.
     78		for grp in ${system_groups}; do
     79			group_add $grp
     80		done
     81
     82		# System user/group required by a package.
     83		for acct in ${system_accounts}; do
     84			_uname="${acct%:*}"
     85			_uid="${acct##*:}"
     86
     87			[ "${_uname}" = "${_uid}" ] && _uid=
     88
     89			eval homedir="\$${_uname}_homedir"
     90			eval shell="\$${_uname}_shell"
     91			eval descr="\$${_uname}_descr"
     92			eval groups="\$${_uname}_groups"
     93			eval pgroup="\$${_uname}_pgroup"
     94
     95			[ -z "$homedir" ] && homedir="/var/empty"
     96			[ -z "$shell" ] && shell="/sbin/nologin"
     97			[ -z "$descr" ] && descr="${_uname} unprivileged user"
     98			[ -n "$groups" ] && user_groups="-G $groups"
     99
    100			if [ -n "${_uid}" ]; then
    101				use_id="-u ${_uid} -g ${pgroup:-${_uid}}"
    102				_pretty_uname="${_uname} (uid: ${_uid})"
    103			else
    104				use_id="-g ${pgroup:-${_uname}}"
    105				_pretty_uname="${_uname}"
    106			fi
    107
    108			if [ -z "$USERADD" -o -z "$USERMOD" ]; then
    109				echo "WARNING: cannot create ${_uname} system account (missing useradd or usermod)"
    110				echo "The following system account must be created:"
    111				show_acct_details "${_pretty_uname}" "${descr}" "${homedir}" "${shell}" "${groups}"
    112				continue
    113			fi
    114
    115			group_add ${pgroup:-${acct}}
    116
    117			${USERADD} -c "${descr}" -d "${homedir}" \
    118				${use_id} ${pgroup:+-N} -s "${shell}" \
    119				${user_groups} -r ${_uname} >/dev/null 2>&1
    120
    121			case $? in
    122				0)
    123					echo "Created ${_pretty_uname} system user."
    124					${USERMOD} -L ${_uname} >/dev/null 2>&1
    125					if [ $? -ne 0 ]; then
    126						echo "WARNING: unable to lock password for ${_uname} system account"
    127					fi
    128					;;
    129				9)
    130					${USERMOD} -c "${descr}" -d "${homedir}" \
    131						-s "${shell}" -g "${pgroup:-${_uname}}" \
    132						${user_groups} ${_uname} >/dev/null 2>&1
    133					if [ $? -eq 0 ]; then
    134						echo "Updated ${_uname} system user."
    135					else
    136						echo "WARNING: unable to modify ${_uname} system account"
    137						echo "Please verify that account is compatible with these settings:"
    138						show_acct_details "${_pretty_uname}" \
    139							"${descr}" "${homedir}" "${shell}" "${groups}"
    140						continue
    141					fi
    142					;;
    143				*)
    144					echo "ERROR: failed to create system user ${_pretty_uname}!"
    145					exit 1
    146					;;
    147			esac
    148		done
    149		;;
    150	pre-remove)
    151		if [ "$UPDATE" = "no" ]; then
    152			for acct in ${system_accounts}; do
    153				_uname="${acct%:*}"
    154
    155				comment="$( (getent passwd "${_uname}" | cut -d: -f5 | head -n1) 2>/dev/null )"
    156				comment="${comment:-unprivileged user} - for uninstalled package ${PKGNAME}"
    157
    158				if [ -z "$USERMOD" ]; then
    159					echo "WARNING: cannot disable ${_uname} system user (missing usermod)"
    160					continue
    161				fi
    162
    163				${USERMOD} -L -d /var/empty -s /bin/false \
    164					-c "${comment}" ${_uname} >/dev/null 2>&1
    165				if [ $? -eq 0 ]; then
    166					echo "Disabled ${_uname} system user."
    167				fi
    168			done
    169		fi
    170		;;
    171	esac
    172	;;
    173*)
    174	exit 1
    175	;;
    176esac
    177
    178exit 0