1# 2# Copyright OpenEmbedded Contributors 3# 4# SPDX-License-Identifier: MIT 5# 6 7# This bbclass provides basic functionality for user/group settings. 8# This bbclass is intended to be inherited by useradd.bbclass and 9# extrausers.bbclass. 10 11# The following functions basically have similar logic. 12# *) Perform necessary checks before invoking the actual command 13# *) Invoke the actual command with flock 14# *) Error out if an error occurs. 15 16# Note that before invoking these functions, make sure the global variable 17# PSEUDO is set up correctly. 18 19perform_groupadd () { 20 local rootdir="$1" 21 local opts="$2" 22 bbnote "${PN}: Performing groupadd with [$opts]" 23 local groupname=`echo "$opts" | awk '{ print $NF }'` 24 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 25 if test "x$group_exists" = "x"; then 26 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupadd \$opts\" || true 27 group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 28 if test "x$group_exists" = "x"; then 29 bbfatal "${PN}: groupadd command did not succeed." 30 fi 31 else 32 bbnote "${PN}: group $groupname already exists, not re-creating it" 33 fi 34} 35 36perform_useradd () { 37 local rootdir="$1" 38 local opts="$2" 39 bbnote "${PN}: Performing useradd with [$opts]" 40 local username=`echo "$opts" | awk '{ print $NF }'` 41 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 42 if test "x$user_exists" = "x"; then 43 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO useradd \$opts\" || true 44 user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 45 if test "x$user_exists" = "x"; then 46 bbfatal "${PN}: useradd command did not succeed." 47 fi 48 else 49 bbnote "${PN}: user $username already exists, not re-creating it" 50 fi 51} 52 53perform_groupmems () { 54 local rootdir="$1" 55 local opts="$2" 56 bbnote "${PN}: Performing groupmems with [$opts]" 57 local groupname=`echo "$opts" | awk '{ for (i = 1; i < NF; i++) if ($i == "-g" || $i == "--group") print $(i+1) }'` 58 local username=`echo "$opts" | awk '{ for (i = 1; i < NF; i++) if ($i == "-a" || $i == "--add") print $(i+1) }'` 59 bbnote "${PN}: Running groupmems command with group $groupname and user $username" 60 local mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*$" $rootdir/etc/group || true`" 61 if test "x$mem_exists" = "x"; then 62 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupmems \$opts\" || true 63 mem_exists="`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*$" $rootdir/etc/group || true`" 64 if test "x$mem_exists" = "x"; then 65 bbfatal "${PN}: groupmems command did not succeed." 66 fi 67 else 68 bbnote "${PN}: group $groupname already contains $username, not re-adding it" 69 fi 70} 71 72perform_groupdel () { 73 local rootdir="$1" 74 local opts="$2" 75 bbnote "${PN}: Performing groupdel with [$opts]" 76 local groupname=`echo "$opts" | awk '{ print $NF }'` 77 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 78 79 if test "x$group_exists" != "x"; then 80 local awk_input='BEGIN {FS=":"}; $1=="'$groupname'" { print $3 }' 81 local groupid=`echo "$awk_input" | awk -f- $rootdir/etc/group` 82 local awk_check_users='BEGIN {FS=":"}; $4=="'$groupid'" {print $1}' 83 local other_users=`echo "$awk_check_users" | awk -f- $rootdir/etc/passwd` 84 85 if test "x$other_users" = "x"; then 86 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupdel \$opts\" || true 87 group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 88 if test "x$group_exists" != "x"; then 89 bbfatal "${PN}: groupdel command did not succeed." 90 fi 91 else 92 bbnote "${PN}: '$groupname' is primary group for users '$other_users', not removing it" 93 fi 94 else 95 bbnote "${PN}: group $groupname doesn't exist, not removing it" 96 fi 97} 98 99perform_userdel () { 100 local rootdir="$1" 101 local opts="$2" 102 bbnote "${PN}: Performing userdel with [$opts]" 103 local username=`echo "$opts" | awk '{ print $NF }'` 104 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 105 if test "x$user_exists" != "x"; then 106 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO userdel \$opts\" || true 107 user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 108 if test "x$user_exists" != "x"; then 109 bbfatal "${PN}: userdel command did not succeed." 110 fi 111 else 112 bbnote "${PN}: user $username doesn't exist, not removing it" 113 fi 114} 115 116perform_groupmod () { 117 # Other than the return value of groupmod, there's no simple way to judge whether the command 118 # succeeds, so we disable -e option temporarily 119 set +e 120 local rootdir="$1" 121 local opts="$2" 122 bbnote "${PN}: Performing groupmod with [$opts]" 123 local groupname=`echo "$opts" | awk '{ print $NF }'` 124 local group_exists="`grep "^$groupname:" $rootdir/etc/group || true`" 125 if test "x$group_exists" != "x"; then 126 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO groupmod \$opts\" 127 if test $? != 0; then 128 bbwarn "${PN}: groupmod command did not succeed." 129 fi 130 else 131 bbwarn "${PN}: group $groupname doesn't exist, unable to modify it" 132 fi 133 set -e 134} 135 136perform_usermod () { 137 # Same reason with groupmod, temporarily disable -e option 138 set +e 139 local rootdir="$1" 140 local opts="$2" 141 bbnote "${PN}: Performing usermod with [$opts]" 142 local username=`echo "$opts" | awk '{ print $NF }'` 143 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 144 if test "x$user_exists" != "x"; then 145 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO usermod \$opts\" 146 if test $? != 0; then 147 bbfatal "${PN}: usermod command did not succeed." 148 fi 149 else 150 bbwarn "${PN}: user $username doesn't exist, unable to modify it" 151 fi 152 set -e 153} 154 155perform_passwd_expire () { 156 local rootdir="$1" 157 local opts="$2" 158 bbnote "${PN}: Performing equivalent of passwd --expire with [$opts]" 159 # Directly set sp_lstchg to 0 without using the passwd command: Only root can do that 160 local username=`echo "$opts" | awk '{ print $NF }'` 161 local user_exists="`grep "^$username:" $rootdir/etc/passwd || true`" 162 if test "x$user_exists" != "x"; then 163 eval flock -x $rootdir${sysconfdir} -c \"$PSEUDO sed -i \''s/^\('$username':[^:]*\):[^:]*:/\1:0:/'\' $rootdir/etc/shadow \" || true 164 local passwd_lastchanged="`grep "^$username:" $rootdir/etc/shadow | cut -d: -f3`" 165 if test "x$passwd_lastchanged" != "x0"; then 166 bbfatal "${PN}: passwd --expire operation did not succeed." 167 fi 168 else 169 bbnote "${PN}: user $username doesn't exist, not expiring its password" 170 fi 171} 172