Properly handle ACCOUNT_TYPE_STANDARD and ACCOUNT_TYPE_ADMINISTRATOR.
This commit is contained in:
ajacoutot
parent
195ffe85c1
commit
3790ee1e99
@ -1,10 +1,10 @@
|
||||
# $OpenBSD: Makefile,v 1.17 2011/12/02 17:55:00 ajacoutot Exp $
|
||||
# $OpenBSD: Makefile,v 1.18 2011/12/02 20:07:26 ajacoutot Exp $
|
||||
|
||||
COMMENT= D-Bus interface for user account query and manipulation
|
||||
|
||||
DISTNAME= accountsservice-0.6.15
|
||||
EXTRACT_SUFX= .tar.xz
|
||||
REVISION= 1
|
||||
REVISION= 2
|
||||
|
||||
SHARED_LIBS += accountsservice 0.0 # 0.0
|
||||
|
||||
|
||||
@ -1,12 +1,9 @@
|
||||
$OpenBSD: patch-src_daemon_c,v 1.10 2011/12/02 17:55:00 ajacoutot Exp $
|
||||
$OpenBSD: patch-src_daemon_c,v 1.11 2011/12/02 20:07:26 ajacoutot Exp $
|
||||
--- src/daemon.c.orig Mon Oct 17 21:30:22 2011
|
||||
+++ src/daemon.c Fri Dec 2 18:54:10 2011
|
||||
@@ -52,13 +52,17 @@
|
||||
#define PATH_PASSWD "/etc/passwd"
|
||||
#define PATH_SHADOW "/etc/shadow"
|
||||
+++ src/daemon.c Fri Dec 2 21:00:47 2011
|
||||
@@ -54,11 +54,15 @@
|
||||
#define PATH_LOGIN_DEFS "/etc/login.defs"
|
||||
-#define PATH_GDM_CUSTOM "/etc/gdm/custom.conf"
|
||||
+#define PATH_GDM_CUSTOM "${SYSCONFDIR}/gdm/custom.conf"
|
||||
#define PATH_GDM_CUSTOM "${SYSCONFDIR}/gdm/custom.conf"
|
||||
|
||||
+#if defined(__FreeBSD__) || defined(__OpenBSD__)
|
||||
+#define FALLBACK_MINIMAL_UID 1000
|
||||
@ -21,53 +18,30 @@ $OpenBSD: patch-src_daemon_c,v 1.10 2011/12/02 17:55:00 ajacoutot Exp $
|
||||
|
||||
static const char *default_excludes[] = {
|
||||
"bin",
|
||||
@@ -1023,7 +1027,12 @@ daemon_create_user_authorized_cb (Daemon
|
||||
@@ -1023,7 +1027,11 @@ daemon_create_user_authorized_cb (Daemon
|
||||
CreateUserData *cd = data;
|
||||
User *user;
|
||||
GError *error;
|
||||
+#ifndef __OpenBSD__
|
||||
gchar *argv[9];
|
||||
+#else
|
||||
+ gchar *argv[12];
|
||||
+ gchar *gargv[3];
|
||||
+ gchar *argv[13];
|
||||
+#endif
|
||||
|
||||
if (getpwnam (cd->user_name) != NULL) {
|
||||
throw_error (context, ERROR_USER_EXISTS, "A user with name '%s' already exists", cd->user_name);
|
||||
@@ -1031,6 +1040,22 @@ daemon_create_user_authorized_cb (Daemon
|
||||
return;
|
||||
}
|
||||
|
||||
+#ifdef __OpenBSD__
|
||||
+ GError *gerror;
|
||||
+ sys_log (context, "create group '%s'", cd->user_name);
|
||||
+
|
||||
+ gargv[0] = "/usr/sbin/groupadd";
|
||||
+ gargv[1] = cd->user_name;
|
||||
+ gargv[2] = NULL;
|
||||
+
|
||||
+ gerror = NULL;
|
||||
+ if (!spawn_with_login_uid (context, gargv, &gerror)) {
|
||||
+ throw_error (context, ERROR_FAILED, "running '%s' failed: %s", gargv[0], gerror->message);
|
||||
+ g_error_free (gerror);
|
||||
+ return;
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
sys_log (context, "create user '%s'", cd->user_name);
|
||||
|
||||
argv[0] = "/usr/sbin/useradd";
|
||||
@@ -1040,14 +1065,30 @@ daemon_create_user_authorized_cb (Daemon
|
||||
@@ -1040,14 +1048,31 @@ daemon_create_user_authorized_cb (Daemon
|
||||
if (cd->account_type == ACCOUNT_TYPE_ADMINISTRATOR) {
|
||||
argv[4] = "-G";
|
||||
argv[5] = "wheel";
|
||||
+#ifdef __OpenBSD__
|
||||
+ argv[6] = "-g";
|
||||
+ argv[7] = cd->user_name;
|
||||
+ argv[7] = "=uid";
|
||||
+ argv[8] = "-L";
|
||||
+ argv[9] = "staff";
|
||||
+ argv[10] = cd->user_name;
|
||||
+ argv[11] = NULL;
|
||||
+ argv[10] = "--";
|
||||
+ argv[11] = cd->user_name;
|
||||
+ argv[12] = NULL;
|
||||
+#else
|
||||
argv[6] = "--";
|
||||
argv[7] = cd->user_name;
|
||||
@ -77,7 +51,7 @@ $OpenBSD: patch-src_daemon_c,v 1.10 2011/12/02 17:55:00 ajacoutot Exp $
|
||||
else if (cd->account_type == ACCOUNT_TYPE_STANDARD) {
|
||||
+#ifdef __OpenBSD__
|
||||
+ argv[4] = "-g";
|
||||
+ argv[5] = cd->user_name;
|
||||
+ argv[5] = "=uid";
|
||||
+ argv[6] = cd->user_name;
|
||||
+ argv[7] = NULL;
|
||||
+#else
|
||||
@ -88,24 +62,29 @@ $OpenBSD: patch-src_daemon_c,v 1.10 2011/12/02 17:55:00 ajacoutot Exp $
|
||||
}
|
||||
else {
|
||||
throw_error (context, ERROR_FAILED, "Don't know how to add user of type %d", cd->account_type);
|
||||
@@ -1117,6 +1158,23 @@ daemon_delete_user_authorized_cb (Daemon
|
||||
@@ -1117,6 +1142,28 @@ daemon_delete_user_authorized_cb (Daemon
|
||||
|
||||
return;
|
||||
}
|
||||
+
|
||||
+/*
|
||||
+ * Under OpenBSD there is no /etc/login.defs (for USERGROUPS_ENAB), so
|
||||
+ * we need to explicitely remove the user's group if it contains no more
|
||||
+ * members.
|
||||
+ */
|
||||
+#ifdef __OpenBSD__
|
||||
+ GError *gerror;
|
||||
+ gchar *gargv[2];
|
||||
+ GError *grperror;
|
||||
+ gchar *grpargv[2];
|
||||
+
|
||||
+ sys_log (context, "delete group '%d'", pwent->pw_gid);
|
||||
+
|
||||
+ gargv[0] = "/usr/sbin/groupdel";
|
||||
+ gargv[1] = pwent->pw_name;
|
||||
+ grpargv[0] = "/usr/sbin/groupdel";
|
||||
+ grpargv[1] = pwent->pw_name;
|
||||
+
|
||||
+ gerror = NULL;
|
||||
+ if (!spawn_with_login_uid (context, gargv, &gerror)) {
|
||||
+ throw_error (context, ERROR_FAILED, "running '%s' failed: %s", argv[0], gerror->message);
|
||||
+ g_error_free (gerror);
|
||||
+ grperror = NULL;
|
||||
+ if (!spawn_with_login_uid (context, grpargv, &grperror)) {
|
||||
+ throw_error (context, ERROR_FAILED, "running '%s' failed: %s", grpargv[0], grperror->message);
|
||||
+ g_error_free (grperror);
|
||||
+ return;
|
||||
+ }
|
||||
+#endif
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
$OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
$OpenBSD: patch-src_user_c,v 1.11 2011/12/02 20:07:26 ajacoutot Exp $
|
||||
--- src/user.c.orig Mon Oct 17 21:30:21 2011
|
||||
+++ src/user.c Fri Dec 2 18:36:45 2011
|
||||
+++ src/user.c Fri Dec 2 21:01:04 2011
|
||||
@@ -48,7 +48,7 @@
|
||||
#include "user-glue.h"
|
||||
#include "util.h"
|
||||
@ -96,11 +96,15 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
new_name, NULL);
|
||||
|
||||
g_rename (old_filename, new_filename);
|
||||
@@ -1574,14 +1601,27 @@ user_change_locked_authorized_cb (Daemon
|
||||
@@ -1572,17 +1599,33 @@ user_change_locked_authorized_cb (Daemon
|
||||
{
|
||||
gboolean locked = GPOINTER_TO_INT (data);
|
||||
GError *error;
|
||||
+#ifndef __OpenBSD__
|
||||
gchar *argv[5];
|
||||
|
||||
+#ifdef __OpenBSD__
|
||||
-
|
||||
+#else
|
||||
+ gchar *argv[6];
|
||||
+ gchar *lockshell, *nolockshell;
|
||||
+ lockshell = g_strjoin (NULL, user->shell, "-", NULL);
|
||||
+ nolockshell = g_strdup (user->shell);
|
||||
@ -115,16 +119,19 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
+#ifdef __OpenBSD__
|
||||
+ argv[1] = "-s";
|
||||
+ argv[2] = locked ? lockshell : nolockshell;
|
||||
+ argv[3] = user->user_name;
|
||||
+ argv[3] = "--";
|
||||
+ argv[4] = user->user_name;
|
||||
+ argv[5] = NULL;
|
||||
+#else
|
||||
argv[1] = locked ? "-L" : "-U";
|
||||
argv[2] = "--";
|
||||
argv[3] = user->user_name;
|
||||
+#endif
|
||||
argv[4] = NULL;
|
||||
+#endif
|
||||
|
||||
error = NULL;
|
||||
@@ -1591,6 +1631,11 @@ user_change_locked_authorized_cb (Daemon
|
||||
if (!spawn_with_login_uid (context, argv, &error)) {
|
||||
@@ -1591,6 +1634,11 @@ user_change_locked_authorized_cb (Daemon
|
||||
return;
|
||||
}
|
||||
|
||||
@ -136,7 +143,7 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
user->locked = locked;
|
||||
|
||||
g_signal_emit (user, signals[CHANGED], 0);
|
||||
@@ -1627,7 +1672,12 @@ user_change_account_type_authorized_cb (Daemon
|
||||
@@ -1627,13 +1675,23 @@ user_change_account_type_authorized_cb (Daemon
|
||||
{
|
||||
gint account_type = GPOINTER_TO_INT (data);
|
||||
GError *error;
|
||||
@ -149,7 +156,18 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
gint ngroups;
|
||||
GString *str;
|
||||
gid_t wheel;
|
||||
@@ -1647,27 +1697,46 @@ user_change_account_type_authorized_cb (Daemon
|
||||
struct group *grp;
|
||||
gint i;
|
||||
+#ifndef __OpenBSD__
|
||||
gchar *argv[6];
|
||||
+#else
|
||||
+ gchar *argv[8];
|
||||
+ gchar *class;
|
||||
+#endif
|
||||
|
||||
if (user->account_type != account_type) {
|
||||
sys_log (context,
|
||||
@@ -1647,31 +1705,65 @@ user_change_account_type_authorized_cb (Daemon
|
||||
}
|
||||
wheel = grp->gr_gid;
|
||||
|
||||
@ -157,7 +175,7 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
+ ngroups = sizeof(groups) / sizeof(gid_t);
|
||||
+ if (getgrouplist (user->user_name, user->gid, groups, &ngroups) == -1) {
|
||||
+ g_warning ("too many groups");
|
||||
+ return ACCOUNT_TYPE_STANDARD;
|
||||
+ account_type = ACCOUNT_TYPE_STANDARD;
|
||||
+ }
|
||||
+#else
|
||||
ngroups = get_user_groups (user->user_name, user->gid, &groups);
|
||||
@ -167,6 +185,7 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
for (i = 0; i < ngroups; i++) {
|
||||
if (groups[i] == wheel)
|
||||
continue;
|
||||
+
|
||||
+#ifdef __OpenBSD__
|
||||
+ obsdgrp = getgrgid(groups[i]);
|
||||
+ g_string_append_printf (str, "%s,", obsdgrp->gr_name);
|
||||
@ -178,6 +197,7 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
case ACCOUNT_TYPE_ADMINISTRATOR:
|
||||
+#ifdef __OpenBSD__
|
||||
+ g_string_append_printf (str, "%s", "wheel");
|
||||
+ class = "staff";
|
||||
+#else
|
||||
g_string_append_printf (str, "%d", wheel);
|
||||
+#endif
|
||||
@ -185,6 +205,9 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
default:
|
||||
/* remove excess comma */
|
||||
g_string_truncate (str, str->len - 1);
|
||||
+#ifdef __OpenBSD__
|
||||
+ class = "";
|
||||
+#endif
|
||||
}
|
||||
|
||||
+#ifndef __OpenBSD__
|
||||
@ -192,24 +215,40 @@ $OpenBSD: patch-src_user_c,v 1.10 2011/12/02 17:45:58 ajacoutot Exp $
|
||||
+#endif
|
||||
|
||||
argv[0] = "/usr/sbin/usermod";
|
||||
- argv[1] = "-G";
|
||||
+#ifdef __OpenBSD__
|
||||
+ argv[1] = "-S";
|
||||
+ argv[2] = str->str;
|
||||
+ argv[3] = "-L";
|
||||
+ argv[4] = class;
|
||||
+ argv[5] = "--";
|
||||
+ argv[6] = user->user_name;
|
||||
+ argv[7] = NULL;
|
||||
+#else
|
||||
argv[1] = "-G";
|
||||
argv[2] = str->str;
|
||||
argv[3] = "--";
|
||||
argv[4] = user->user_name;
|
||||
@@ -1779,9 +1848,15 @@ user_change_password_mode_authorized_cb (Daemon
|
||||
argv[5] = NULL;
|
||||
+#endif
|
||||
|
||||
g_string_free (str, FALSE);
|
||||
|
||||
@@ -1779,10 +1871,18 @@ user_change_password_mode_authorized_cb (Daemon
|
||||
}
|
||||
else if (user->locked) {
|
||||
argv[0] = "/usr/sbin/usermod";
|
||||
+#ifdef __OpenBSD__
|
||||
+ argv[1] = "-s";
|
||||
+ argv[2] = g_strndup (user->shell, sizeof(user->shell));
|
||||
+ argv[3] = user->user_name;
|
||||
+ argv[3] = "--";
|
||||
+ argv[4] = user->user_name;
|
||||
+ argv[5] = NULL;
|
||||
+#else
|
||||
argv[1] = "-U";
|
||||
argv[2] = "--";
|
||||
argv[3] = user->user_name;
|
||||
+#endif
|
||||
argv[4] = NULL;
|
||||
+#endif
|
||||
|
||||
error = NULL;
|
||||
if (!spawn_with_login_uid (context, argv, &error)) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user