ginger-dev-list
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Ginger-dev-list] [PATCH 2/2] Fix user/groups id creation in user manage


From: Rodrigo Trujillo
Subject: [Ginger-dev-list] [PATCH 2/2] Fix user/groups id creation in user management
Date: Sat, 19 Sep 2015 15:35:01 -0300

Some distributions, like Ubuntu, does not deliver libuser.conf, it is
possible to workaround this creating an empty /etc/libuser.conf file.
However this may create normal users/groups with system ids (< 1000).
This patch fixes this problem, always creating the users and groups
with an ID > 1000.
It also fixes problems when a group is not found.

Signed-off-by: Rodrigo Trujillo <address@hidden>
---
 models/users.py | 49 +++++++++++++++++++++++++++++++++----------------
 1 file changed, 33 insertions(+), 16 deletions(-)

diff --git a/models/users.py b/models/users.py
index b404505..b5b0402 100644
--- a/models/users.py
+++ b/models/users.py
@@ -51,19 +51,22 @@ def get_group_obj_by_gid(gid):
 
 def get_group_gid(groupname):
     adm = libuser.admin()
-    gid = adm.lookupGroupByName(groupname).get('pw_gid')[0]
-    return gid
+    group = adm.lookupGroupByName(groupname)
+    if group is None:
+        return None
+    return group.get('pw_gid')[0]
 
 
-def create_group(groupname):
+def create_group(groupname, gid):
     adm = libuser.admin()
     group = adm.lookupGroupByName(groupname)
     if not group:
         new_group = adm.initGroup(groupname)
-        gid = new_group[libuser.GIDNUMBER]
+        new_group.set(libuser.GIDNUMBER, gid)
         adm.addGroup(new_group)
-        return gid[0]
-    return group.get('pw_gid')[0]
+        return gid
+    else:
+        return group.get('pw_gid')[0]
 
 
 def delete_group(groupname):
@@ -113,7 +116,7 @@ def gen_salt():
     chars = string.letters + string.digits + './'
     return "$6$" + "".join([random.choice(chars) for x in range(16)])
 
-def create_user(name, plain_passwd, profile=None):
+def create_user(name, plain_passwd, profile=None, gid=None):
     adm = libuser.admin()
     user = adm.lookupUserByName(name)
     if user:
@@ -123,6 +126,14 @@ def create_user(name, plain_passwd, profile=None):
 
     try:
         new_user = adm.initUser(name)
+        # Unsure user is normal and not system user
+        if new_user[libuser.UIDNUMBER][0] < 1000:
+            new_user.set(libuser.UIDNUMBER, adm.getFirstUnusedUid(1000))
+            new_user.set(libuser.GIDNUMBER, adm.getFirstUnusedGid(1000))
+
+        if gid is not None:
+            new_user.set(libuser.GIDNUMBER, gid)
+
         if profile == "kimchiuser":
             new_user[libuser.LOGINSHELL] = '/sbin/nologin'
         adm.addUser(new_user)
@@ -158,11 +169,6 @@ def delete_user(username):
         raise OperationFailed('GINUSER0010E', {'user': username})
 
 
-def add_user_to_primary_group(username, groupname):
-    user_obj = get_user_obj(username)
-    user_obj[libuser.GIDNUMBER] = get_group_gid(groupname)
-
-
 class UsersModel(object):
     """
     The model class for basic management of users in the host system
@@ -174,9 +180,12 @@ class UsersModel(object):
         profile = params['profile']
         groupname = params['group']
 
-        create_user(username, passwd, profile=profile)
-        create_group(groupname)
-        add_user_to_primary_group(username, groupname)
+        gid = get_group_gid(groupname)
+        if gid is None:
+            user = create_user(username, passwd, profile=profile)
+            create_group(groupname, user[libuser.GIDNUMBER][0])
+        else:
+            user = create_user(username, passwd, profile=profile, gid=gid)
 
         # Handle profiles
         if profile in ["virtuser", "admin"]:
@@ -244,10 +253,18 @@ class UserModel(object):
 
     def _get_user_profile(self, user):
         # ADMIN: Check /etc/sudoers.d
+        adm = libuser.admin()
         if os.path.isfile(SUDOERS_FILE % user):
             return 'admin'
+        else:
+            wheelgrp = adm.lookupGroupByName('wheel')
+            if wheelgrp is not None and user in wheelgrp.get('gr_mem'):
+                return 'admin'
+            sudogrp = adm.lookupGroupByName('sudo')
+            if sudogrp is not None and user in sudogrp.get('gr_mem'):
+                return 'admin'
+
         # VIRTUSER: Check kvm group
-        adm = libuser.admin()
         kvmgrp = adm.lookupGroupByName('kvm')
         if user in kvmgrp.get('gr_mem'):
             return 'virtuser'
-- 
2.1.0




reply via email to

[Prev in Thread] Current Thread [Next in Thread]