kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/mk/pkginstall/usergroup-check

127 lines
4 KiB
Text
Raw Normal View History

Add two new capabilities to the pkginstall framework: (1) Allow specifying the numeric UID and GID for users and groups in /etc/mk.conf by setting PKG_UID.<user> and PKG_GID.<group> to those values. If these values are specified, then the +USERGROUP script will verify that existing users and groups match the requested UIDs and GIDs for the package, and otherwise create them with these UIDs and GIDs. For example: PKG_UID.courier= 10001 PKG_GID.mail= 6 In this example, the courier-authlib binary package will be created to use uid 10001 for the "courier" user and gid 6 for the "mail" group. (2) Allow a package to request that users and groups be created prior to configuring or building a package by setting USERGROUP_PHASE to "configure" or "build". Because the reason for this is typically to hardcode the UIDs and GIDs of requested users and groups directly into the package's executables, these hardcoded values will be automatically determined and put into the +USERGROUP script. For example: USERGROUP_PHASE= configure PKG_GROUPS= qmail nofiles PKG_USERS+= qmaill:nofiles PKG_USERS+= qmailq:qmail In this example, the users and groups are created before the configure phase when building qmail, and the qmail binary package's +INSTALL script will try to create (or verify) users and groups with the same UIDs and GIDs that were used during the build. As part of these changes, the format for PKG_USERS and PKG_GROUPS has changed -- the optional parts of the corresponding entries are no longer used and cannot be specified. Instead, the following variables should be set: PKG_GID.<group> is the group's numeric GID. PKG_UID.<user> is the user's numeric UID. PKG_GECOS.<user> is the user's description. PKG_HOME.<user> is the user's home directory. PKG_SHELL.<user> is the user's login shell. A separate commit will follow which will fix all packages that set PKG_USERS and PKG_GROUPS to use the new syntax and variables.
2006-04-23 02:00:43 +02:00
#!/bin/sh
#
Remove trailing spaces.
2006-12-15 13:46:23 +01:00
# $NetBSD: usergroup-check,v 1.2 2006/12/15 12:46:24 martti Exp $
Add two new capabilities to the pkginstall framework: (1) Allow specifying the numeric UID and GID for users and groups in /etc/mk.conf by setting PKG_UID.<user> and PKG_GID.<group> to those values. If these values are specified, then the +USERGROUP script will verify that existing users and groups match the requested UIDs and GIDs for the package, and otherwise create them with these UIDs and GIDs. For example: PKG_UID.courier= 10001 PKG_GID.mail= 6 In this example, the courier-authlib binary package will be created to use uid 10001 for the "courier" user and gid 6 for the "mail" group. (2) Allow a package to request that users and groups be created prior to configuring or building a package by setting USERGROUP_PHASE to "configure" or "build". Because the reason for this is typically to hardcode the UIDs and GIDs of requested users and groups directly into the package's executables, these hardcoded values will be automatically determined and put into the +USERGROUP script. For example: USERGROUP_PHASE= configure PKG_GROUPS= qmail nofiles PKG_USERS+= qmaill:nofiles PKG_USERS+= qmailq:qmail In this example, the users and groups are created before the configure phase when building qmail, and the qmail binary package's +INSTALL script will try to create (or verify) users and groups with the same UIDs and GIDs that were used during the build. As part of these changes, the format for PKG_USERS and PKG_GROUPS has changed -- the optional parts of the corresponding entries are no longer used and cannot be specified. Instead, the following variables should be set: PKG_GID.<group> is the group's numeric GID. PKG_UID.<user> is the user's numeric UID. PKG_GECOS.<user> is the user's description. PKG_HOME.<user> is the user's home directory. PKG_SHELL.<user> is the user's login shell. A separate commit will follow which will fix all packages that set PKG_USERS and PKG_GROUPS to use the new syntax and variables.
2006-04-23 02:00:43 +02:00
#
# Copyright (c) 2006 The NetBSD Foundation, Inc.
# All rights reserved.
#
# This code is derived from software contributed to The NetBSD Foundation
# by Johnny C. Lam.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
# must display the following acknowledgement:
# This product includes software developed by the NetBSD
# Foundation, Inc. and its contributors.
# 4. Neither the name of The NetBSD Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
######################################################################
#
# NAME
Remove trailing spaces.
2006-12-15 13:46:23 +01:00
# usergroup-check -- verify that users/groups match numeric IDs
Add two new capabilities to the pkginstall framework: (1) Allow specifying the numeric UID and GID for users and groups in /etc/mk.conf by setting PKG_UID.<user> and PKG_GID.<group> to those values. If these values are specified, then the +USERGROUP script will verify that existing users and groups match the requested UIDs and GIDs for the package, and otherwise create them with these UIDs and GIDs. For example: PKG_UID.courier= 10001 PKG_GID.mail= 6 In this example, the courier-authlib binary package will be created to use uid 10001 for the "courier" user and gid 6 for the "mail" group. (2) Allow a package to request that users and groups be created prior to configuring or building a package by setting USERGROUP_PHASE to "configure" or "build". Because the reason for this is typically to hardcode the UIDs and GIDs of requested users and groups directly into the package's executables, these hardcoded values will be automatically determined and put into the +USERGROUP script. For example: USERGROUP_PHASE= configure PKG_GROUPS= qmail nofiles PKG_USERS+= qmaill:nofiles PKG_USERS+= qmailq:qmail In this example, the users and groups are created before the configure phase when building qmail, and the qmail binary package's +INSTALL script will try to create (or verify) users and groups with the same UIDs and GIDs that were used during the build. As part of these changes, the format for PKG_USERS and PKG_GROUPS has changed -- the optional parts of the corresponding entries are no longer used and cannot be specified. Instead, the following variables should be set: PKG_GID.<group> is the group's numeric GID. PKG_UID.<user> is the user's numeric UID. PKG_GECOS.<user> is the user's description. PKG_HOME.<user> is the user's home directory. PKG_SHELL.<user> is the user's login shell. A separate commit will follow which will fix all packages that set PKG_USERS and PKG_GROUPS to use the new syntax and variables.
2006-04-23 02:00:43 +02:00
#
# SYNOPSIS
# usergroup-check -g [group_entry ...]
# usergroup-check -u [user_entry ...]
#
# DESCRIPTION
# usergroup-check checks for the existence of users and groups
# and verifies that they match the requested numeric IDs if
# given. The group_entry format matches that of /etc/group and
# the user_entry format matches that of /etc/passwd, though the
# field contents may be empty.
#
# usergroup-check exits 0 if the users and groups exist and match
# the numeric IDs, and >0 otherwise.
#
# OPTIONS
# The following command line arguments are supported.
#
# -g Indicates that the subsequent arguments are group entries.
#
# -u Indicates that the subsequent arguments are user entries.
#
######################################################################
: ${PERL5=perl}
self="${0##*/}"
usage() {
echo 1>&2 "usage: $self -g [group_entry ...]"
echo 1>&2 " $self -u [user_entry ...]"
}
if test $# -lt 1; then
usage; exit 1
fi
check=
case "$1" in
-g) check=groups ;;
-u) check=users ;;
*) usage; exit 1 ;;
esac
shift
missing_groups=
missing_users=
case $check in
groups)
while test $# -gt 0; do
entry="$1"; shift
( SAVEIFS="$IFS"; IFS=":"
set -- $entry; group="$1"; groupid="$2"
IFS="$SAVEIFS"
gid=`${PERL5} -le 'print scalar getgrnam shift' $group`
test -n "$gid" || exit 1
case "$groupid" in
""|$gid) exit 0 ;;
*) exit 1 ;;
esac ) || missing_groups="$missing_groups $i"
done
;;
users)
missing_users=
while test $# -gt 0; do
entry="$1"; shift
( SAVEIFS="$IFS"; IFS=":"
set -- $entry; user="$1"; userid="$3"
IFS="$SAVEIFS"
gid=`${PERL5} -le 'print scalar getpwnam shift' $user`
test -n "$gid" || exit 1
case "$userid" in
""|$gid) exit 0 ;;
*) exit 1 ;;
esac ) || missing_users="$missing_users $i"
done
;;
esac
test -z "$missing_groups" -a -z "$missing_users" || exit 1
exit 0
Reference in a new issue Copy permalink