161 lines
4.6 KiB
Plaintext
161 lines
4.6 KiB
Plaintext
$OpenBSD: patch-src_daemon_c,v 1.22 2012/11/16 08:50:19 ajacoutot Exp $
|
|
|
|
In default_excludes[], add any ports and system users that has a login
|
|
shell.
|
|
|
|
OpenBSD does not have any function to parse a specified passwd(5) file.
|
|
|
|
Revert the following commit:
|
|
This reverts commit dfa1a6239b01c823ce0fec781c6c9541c988f56e.
|
|
The commit is wrong, since we're only interested in local users.
|
|
http://bugs.freedesktop.org/show_bug.cgi?id=41747
|
|
(XXX we need a way to only get local users)
|
|
|
|
--- src/daemon.c.orig Mon Nov 12 22:10:33 2012
|
|
+++ src/daemon.c Fri Nov 16 09:37:40 2012
|
|
@@ -35,6 +35,10 @@
|
|
#include <utmpx.h>
|
|
#endif
|
|
|
|
+#ifdef __OpenBSD__
|
|
+#include <grp.h> /* getgrnam */
|
|
+#endif
|
|
+
|
|
#include <glib.h>
|
|
#include <glib/gi18n.h>
|
|
#include <glib-object.h>
|
|
@@ -77,6 +81,18 @@ static const char *default_excludes[] = {
|
|
"games",
|
|
"man",
|
|
"at",
|
|
+ "_couchdb",
|
|
+ "_ejabberd",
|
|
+ "_jabberd",
|
|
+ "_mediatomb",
|
|
+ "_mon",
|
|
+ "_openfire",
|
|
+ "_postgresql",
|
|
+ "_rancid",
|
|
+ "_riak",
|
|
+ "_rocrail",
|
|
+ "_sogo",
|
|
+ "_varnish",
|
|
NULL
|
|
};
|
|
|
|
@@ -371,8 +387,11 @@ entry_generator_fgetpwent (GHashTable *users,
|
|
gpointer *state)
|
|
{
|
|
struct passwd *pwent;
|
|
+#ifdef HAVE_FGETPWENT
|
|
FILE *fp;
|
|
+#endif
|
|
|
|
+#ifdef HAVE_FGETPWENT
|
|
/* First iteration */
|
|
if (*state == NULL) {
|
|
*state = fp = fopen (PATH_PASSWD, "r");
|
|
@@ -385,13 +404,18 @@ entry_generator_fgetpwent (GHashTable *users,
|
|
/* Every iteration */
|
|
fp = *state;
|
|
pwent = fgetpwent (fp);
|
|
+#else
|
|
+ pwent = getpwent ();
|
|
+#endif
|
|
if (pwent != NULL) {
|
|
return pwent;
|
|
}
|
|
|
|
/* Last iteration */
|
|
+#ifdef HAVE_FGETPWENT
|
|
fclose (fp);
|
|
*state = NULL;
|
|
+#endif
|
|
return NULL;
|
|
}
|
|
|
|
@@ -1100,7 +1124,11 @@ daemon_create_user_authorized_cb (Daemon
|
|
CreateUserData *cd = data;
|
|
User *user;
|
|
GError *error;
|
|
+#ifndef __OpenBSD__
|
|
const gchar *argv[9];
|
|
+#else
|
|
+ const gchar *argv[11];
|
|
+#endif
|
|
|
|
if (getpwnam (cd->user_name) != NULL) {
|
|
throw_error (context, ERROR_USER_EXISTS, "A user with name '%s' already exists", cd->user_name);
|
|
@@ -1117,9 +1145,17 @@ daemon_create_user_authorized_cb (Daemon
|
|
if (cd->account_type == ACCOUNT_TYPE_ADMINISTRATOR) {
|
|
argv[4] = "-G";
|
|
argv[5] = "wheel";
|
|
+#ifdef __OpenBSD__
|
|
+ argv[6] = "-L";
|
|
+ argv[7] = "staff";
|
|
+ argv[8] = "--";
|
|
+ argv[9] = cd->user_name;
|
|
+ argv[10] = NULL;
|
|
+#else
|
|
argv[6] = "--";
|
|
argv[7] = cd->user_name;
|
|
argv[8] = NULL;
|
|
+#endif
|
|
}
|
|
else if (cd->account_type == ACCOUNT_TYPE_STANDARD) {
|
|
argv[4] = "--";
|
|
@@ -1320,6 +1356,34 @@ daemon_delete_user_authorized_cb (Daemon
|
|
return;
|
|
}
|
|
|
|
+/*
|
|
+ * Under OpenBSD there is no /etc/login.defs (for USERGROUPS_ENAB), so
|
|
+ * we need to explicitely remove the user's group if it contains no more
|
|
+ * members and matches the username.
|
|
+ */
|
|
+#ifdef __OpenBSD__
|
|
+ struct group *grp;
|
|
+ GError *grperror;
|
|
+ const gchar *grpargv[3];
|
|
+
|
|
+ grp = getgrnam (pwent->pw_name);
|
|
+
|
|
+ if ((grp != NULL) && (*grp->gr_name == *pwent->pw_name) && (*grp->gr_mem == NULL)) {
|
|
+ sys_log (context, "delete group '%d'", pwent->pw_gid);
|
|
+
|
|
+ grpargv[0] = "/usr/sbin/groupdel";
|
|
+ grpargv[1] = pwent->pw_name;
|
|
+ grpargv[2] = NULL;
|
|
+
|
|
+ grperror = NULL;
|
|
+ if (!spawn_with_login_uid (context, grpargv, &grperror)) {
|
|
+ throw_error (context, ERROR_FAILED, "running '%s' failed: %s", grpargv[0], grperror->message);
|
|
+ g_error_free (grperror);
|
|
+ return;
|
|
+ }
|
|
+ }
|
|
+#endif
|
|
+
|
|
sys_log (context, "delete user '%s' (%d)", pwent->pw_name, ud->uid);
|
|
|
|
filename = g_build_filename (USERDIR, pwent->pw_name, NULL);
|
|
@@ -1332,11 +1396,18 @@ daemon_delete_user_authorized_cb (Daemon
|
|
|
|
argv[0] = "/usr/sbin/userdel";
|
|
if (ud->remove_files) {
|
|
+#ifdef __OpenBSD__
|
|
+ argv[1] = "-r";
|
|
+ argv[2] = "--";
|
|
+ argv[3] = pwent->pw_name;
|
|
+ argv[4] = NULL;
|
|
+#else
|
|
argv[1] = "-f";
|
|
argv[2] = "-r";
|
|
argv[3] = "--";
|
|
argv[4] = pwent->pw_name;
|
|
argv[5] = NULL;
|
|
+#endif
|
|
}
|
|
else {
|
|
argv[1] = "--";
|