$OpenBSD: patch-src_daemon_c,v 1.22 2012/11/16 08:50:19 ajacoutot Exp $ In default_excludes[], add any ports and system users that has a login shell. OpenBSD does not have any function to parse a specified passwd(5) file. Revert the following commit: This reverts commit dfa1a6239b01c823ce0fec781c6c9541c988f56e. The commit is wrong, since we're only interested in local users. http://bugs.freedesktop.org/show_bug.cgi?id=41747 (XXX we need a way to only get local users) --- src/daemon.c.orig Mon Nov 12 22:10:33 2012 +++ src/daemon.c Fri Nov 16 09:37:40 2012 @@ -35,6 +35,10 @@ #include #endif +#ifdef __OpenBSD__ +#include /* getgrnam */ +#endif + #include #include #include @@ -77,6 +81,18 @@ static const char *default_excludes[] = { "games", "man", "at", + "_couchdb", + "_ejabberd", + "_jabberd", + "_mediatomb", + "_mon", + "_openfire", + "_postgresql", + "_rancid", + "_riak", + "_rocrail", + "_sogo", + "_varnish", NULL }; @@ -371,8 +387,11 @@ entry_generator_fgetpwent (GHashTable *users, gpointer *state) { struct passwd *pwent; +#ifdef HAVE_FGETPWENT FILE *fp; +#endif +#ifdef HAVE_FGETPWENT /* First iteration */ if (*state == NULL) { *state = fp = fopen (PATH_PASSWD, "r"); @@ -385,13 +404,18 @@ entry_generator_fgetpwent (GHashTable *users, /* Every iteration */ fp = *state; pwent = fgetpwent (fp); +#else + pwent = getpwent (); +#endif if (pwent != NULL) { return pwent; } /* Last iteration */ +#ifdef HAVE_FGETPWENT fclose (fp); *state = NULL; +#endif return NULL; } @@ -1100,7 +1124,11 @@ daemon_create_user_authorized_cb (Daemon CreateUserData *cd = data; User *user; GError *error; +#ifndef __OpenBSD__ const gchar *argv[9]; +#else + const gchar *argv[11]; +#endif if (getpwnam (cd->user_name) != NULL) { throw_error (context, ERROR_USER_EXISTS, "A user with name '%s' already exists", cd->user_name); @@ -1117,9 +1145,17 @@ daemon_create_user_authorized_cb (Daemon if (cd->account_type == ACCOUNT_TYPE_ADMINISTRATOR) { argv[4] = "-G"; argv[5] = "wheel"; +#ifdef __OpenBSD__ + argv[6] = "-L"; + argv[7] = "staff"; + argv[8] = "--"; + argv[9] = cd->user_name; + argv[10] = NULL; +#else argv[6] = "--"; argv[7] = cd->user_name; argv[8] = NULL; +#endif } else if (cd->account_type == ACCOUNT_TYPE_STANDARD) { argv[4] = "--"; @@ -1320,6 +1356,34 @@ daemon_delete_user_authorized_cb (Daemon return; } +/* + * Under OpenBSD there is no /etc/login.defs (for USERGROUPS_ENAB), so + * we need to explicitely remove the user's group if it contains no more + * members and matches the username. + */ +#ifdef __OpenBSD__ + struct group *grp; + GError *grperror; + const gchar *grpargv[3]; + + grp = getgrnam (pwent->pw_name); + + if ((grp != NULL) && (*grp->gr_name == *pwent->pw_name) && (*grp->gr_mem == NULL)) { + sys_log (context, "delete group '%d'", pwent->pw_gid); + + grpargv[0] = "/usr/sbin/groupdel"; + grpargv[1] = pwent->pw_name; + grpargv[2] = NULL; + + grperror = NULL; + if (!spawn_with_login_uid (context, grpargv, &grperror)) { + throw_error (context, ERROR_FAILED, "running '%s' failed: %s", grpargv[0], grperror->message); + g_error_free (grperror); + return; + } + } +#endif + sys_log (context, "delete user '%s' (%d)", pwent->pw_name, ud->uid); filename = g_build_filename (USERDIR, pwent->pw_name, NULL); @@ -1332,11 +1396,18 @@ daemon_delete_user_authorized_cb (Daemon argv[0] = "/usr/sbin/userdel"; if (ud->remove_files) { +#ifdef __OpenBSD__ + argv[1] = "-r"; + argv[2] = "--"; + argv[3] = pwent->pw_name; + argv[4] = NULL; +#else argv[1] = "-f"; argv[2] = "-r"; argv[3] = "--"; argv[4] = pwent->pw_name; argv[5] = NULL; +#endif } else { argv[1] = "--";