1 # Copyright 1999-2017 Gentoo Foundation
2 # Distributed under the terms of the GNU General Public License v2
6 # base-system@gentoo.org (Linux)
7 # @BLURB: user management in ebuilds
9 # The user eclass contains a suite of functions that allow ebuilds
10 # to quickly make sure users in the installed system are sane.
12 if [[ -z ${_USER_ECLASS} ]]; then
15 # @FUNCTION: _assert_pkg_ebuild_phase
17 # @USAGE: <calling func name>
18 _assert_pkg_ebuild_phase() {
19 case ${EBUILD_PHASE} in
20 setup|preinst|postinst) ;;
22 eerror "'$1()' called from '${EBUILD_PHASE}' phase which is not OK:"
23 eerror "You may only call from pkg_{setup,preinst,postinst} functions."
24 eerror "Package fails at QA and at life. Please file a bug."
25 die "Bad package! $1 is only for use in some pkg_* functions!"
30 # @USAGE: <database> <key>
32 # Small wrapper for getent (Linux), nidump (< Mac OS X 10.5),
33 # dscl (Mac OS X 10.5), and pw (FreeBSD) used in enewuser()/enewgroup().
35 # Supported databases: group passwd
39 [[ $# -ge 3 ]] && die "usage: egetent <database> <key>"
43 *) die "sorry, database '${db}' not yet supported; file a bug" ;;
49 *[!0-9]*) # Non numeric
50 nidump ${db} . | awk -F: "(\$1 ~ /^${key}\$/) {print;exit;}"
53 nidump ${db} . | awk -F: "(\$3 == ${key}) {print;exit;}"
60 passwd) db="Users" mykey="UniqueID" ;;
61 group) db="Groups" mykey="PrimaryGroupID" ;;
65 *[!0-9]*) # Non numeric
66 dscl . -read /${db}/${key} 2>/dev/null |grep RecordName
69 dscl . -search /${db} ${mykey} ${key} 2>/dev/null
73 *-freebsd*|*-dragonfly*)
81 if [[ ${key} == [[:digit:]]* ]] ; then
82 [[ ${db} == "user" ]] && opts="-u" || opts="-g"
85 pw show ${db} ${opts} "${key}" -q
88 grep "${key}:\*:" /etc/${db}
91 # ignore output if nscd doesn't exist, or we're not running as root
92 nscd -i "${db}" 2>/dev/null
93 getent "${db}" "${key}"
99 # @USAGE: <user> [uid] [shell] [homedir] [groups]
101 # Same as enewgroup, you are not required to understand how to properly add
102 # a user to the system. The only required parameter is the username.
103 # Default uid is (pass -1 for this) next available, default shell is
104 # /bin/false, default homedir is /dev/null, and there are no default groups.
106 if [[ ${EUID} != 0 ]] ; then
107 einfo "Insufficient privileges to execute ${FUNCNAME[0]}"
110 _assert_pkg_ebuild_phase ${FUNCNAME}
113 local euser=$1; shift
114 if [[ -z ${euser} ]] ; then
115 eerror "No username specified !"
116 die "Cannot call enewuser without a username"
119 # lets see if the username already exists
120 if [[ -n $(egetent passwd "${euser}") ]] ; then
123 einfo "Adding user '${euser}' to your system ..."
125 # options to pass to useradd
130 if [[ -n ${euid} && ${euid} != -1 ]] ; then
131 if [[ ${euid} -gt 0 ]] ; then
132 if [[ -n $(egetent passwd ${euid}) ]] ; then
136 eerror "Userid given but is not greater than 0 !"
137 die "${euid} is not a valid UID"
142 if [[ ${euid} == "next" ]] ; then
143 for ((euid = 101; euid <= 999; euid++)); do
144 [[ -z $(egetent passwd ${euid}) ]] && break
148 einfo " - Userid: ${euid}"
151 local eshell=$1; shift
152 if [[ ! -z ${eshell} ]] && [[ ${eshell} != "-1" ]] ; then
153 if [[ ! -e ${ROOT}${eshell} ]] ; then
154 eerror "A shell was specified but it does not exist !"
155 die "${eshell} does not exist in ${ROOT}"
157 if [[ ${eshell} == */false || ${eshell} == */nologin ]] ; then
158 eerror "Do not specify ${eshell} yourself, use -1"
159 die "Pass '-1' as the shell parameter"
162 for eshell in /sbin/nologin /usr/sbin/nologin /bin/false /usr/bin/false /dev/null ; do
163 [[ -x ${ROOT}${eshell} ]] && break
166 if [[ ${eshell} == "/dev/null" ]] ; then
167 eerror "Unable to identify the shell to use, proceeding with userland default."
169 GNU) eshell="/bin/false" ;;
170 BSD) eshell="/sbin/nologin" ;;
171 Darwin) eshell="/usr/sbin/nologin" ;;
172 *) die "Unable to identify the default shell for userland ${USERLAND}"
176 einfo " - Shell: ${eshell}"
177 opts+=( -s "${eshell}" )
180 local ehome=$1; shift
181 if [[ -z ${ehome} ]] || [[ ${ehome} == "-1" ]] ; then
184 einfo " - Home: ${ehome}"
185 opts+=( -d "${ehome}" )
188 local egroups=$1; shift
190 IFS="," read -r -a egroups_arr <<<"${egroups}"
191 if [[ ${#egroups_arr[@]} -gt 0 ]] ; then
192 local defgroup exgroups
193 for g in "${egroups_arr[@]}" ; do
194 if [[ -z $(egetent group "${g}") ]] ; then
195 eerror "You must add group ${g} to the system first"
196 die "${g} is not a valid GID"
198 if [[ -z ${defgroup} ]] ; then
204 opts+=( -g "${defgroup}" )
205 if [[ ! -z ${exgroups} ]] ; then
206 opts+=( -G "${exgroups:1}" )
209 einfo " - Groups: ${egroups:-(none)}"
212 if [[ $# -gt 0 ]] ; then
213 die "extra arguments no longer supported; please file a bug"
215 local comment="added by portage for ${PN}"
216 opts+=( -c "${comment}" )
217 einfo " - GECOS: ${comment}"
224 dscl . create "/users/${euser}" uid ${euid}
225 dscl . create "/users/${euser}" shell "${eshell}"
226 dscl . create "/users/${euser}" home "${ehome}"
227 dscl . create "/users/${euser}" realname "added by portage for ${PN}"
228 ### Add the user to the groups specified
229 for g in "${egroups_arr[@]}" ; do
230 dscl . merge "/groups/${g}" users "${euser}"
234 *-freebsd*|*-dragonfly*)
235 pw useradd "${euser}" "${opts[@]}" || die
239 useradd "${opts[@]}" "${euser}" || die
243 # all ops the same, except the -g vs -g/-G ...
244 useradd -u ${euid} -s "${eshell}" \
245 -d "${ehome}" -g "${egroups}" "${euser}" || die
249 useradd -r "${opts[@]}" "${euser}" || die
253 if [[ ! -e ${ROOT}/${ehome} ]] ; then
254 einfo " - Creating ${ehome} in ${ROOT}"
255 mkdir -p "${ROOT}/${ehome}"
256 chown "${euser}" "${ROOT}/${ehome}"
257 chmod 755 "${ROOT}/${ehome}"
261 # @FUNCTION: enewgroup
262 # @USAGE: <group> [gid]
264 # This function does not require you to understand how to properly add a
265 # group to the system. Just give it a group name to add and enewgroup will
266 # do the rest. You may specify the gid for the group or allow the group to
267 # allocate the next available one.
269 if [[ ${EUID} != 0 ]] ; then
270 einfo "Insufficient privileges to execute ${FUNCNAME[0]}"
273 _assert_pkg_ebuild_phase ${FUNCNAME}
276 local egroup=$1; shift
277 if [[ -z ${egroup} ]] ; then
278 eerror "No group specified !"
279 die "Cannot call enewgroup without a group"
282 # see if group already exists
283 if [[ -n $(egetent group "${egroup}") ]] ; then
286 einfo "Adding group '${egroup}' to your system ..."
290 if [[ ! -z ${egid} ]] ; then
291 if [[ ${egid} -gt 0 ]] ; then
292 if [[ -n $(egetent group ${egid}) ]] ; then
293 egid="next available; requested gid taken"
296 eerror "Groupid given but is not greater than 0 !"
297 die "${egid} is not a valid GID"
300 egid="next available"
302 einfo " - Groupid: ${egid}"
305 if [[ $# -gt 0 ]] ; then
306 die "extra arguments no longer supported; please file a bug"
309 # Some targets need to find the next available GID manually
310 _enewgroup_next_gid() {
311 if [[ ${egid} == *[!0-9]* ]] ; then
313 for ((egid = 101; egid <= 999; egid++)) ; do
314 [[ -z $(egetent group ${egid}) ]] && break
323 dscl . create "/groups/${egroup}" gid ${egid}
324 dscl . create "/groups/${egroup}" passwd '*'
327 *-freebsd*|*-dragonfly*)
329 pw groupadd "${egroup}" -g ${egid} || die
334 groupadd -g ${egid} "${egroup}" || die
339 if [[ ${egid} == *[!0-9]* ]] ; then
340 # Non numeric; let groupadd figure out a GID for us
345 # We specify -r so that we get a GID in the system range from login.defs
346 groupadd -r ${opts} "${egroup}" || die
351 # @FUNCTION: egethome
354 # Gets the home directory for the specified user.
358 [[ $# -eq 1 ]] || die "usage: egethome <user>"
361 *-darwin*|*-freebsd*|*-dragonfly*)
364 *) # Linux, NetBSD, OpenBSD, etc...
369 egetent passwd "$1" | cut -d: -f${pos}
372 # @FUNCTION: egetshell
375 # Gets the shell for the specified user.
379 [[ $# -eq 1 ]] || die "usage: egetshell <user>"
382 *-darwin*|*-freebsd*|*-dragonfly*)
385 *) # Linux, NetBSD, OpenBSD, etc...
390 egetent passwd "$1" | cut -d: -f${pos}
393 # @FUNCTION: esethome
394 # @USAGE: <user> <homedir>
396 # Update the home directory in a platform-agnostic way.
397 # Required parameters is the username and the new home directory.
398 # Specify -1 if you want to set home to the enewuser default
400 # If the new home directory does not exist, it is created.
401 # Any previously existing home directory is NOT moved.
403 _assert_pkg_ebuild_phase ${FUNCNAME}
406 local euser=$1; shift
407 if [[ -z ${euser} ]] ; then
408 eerror "No username specified !"
409 die "Cannot call esethome without a username"
412 # lets see if the username already exists
413 if [[ -z $(egetent passwd "${euser}") ]] ; then
414 ewarn "User does not exist, cannot set home dir -- skipping."
419 local ehome=$1; shift
420 if [[ -z ${ehome} ]] ; then
421 eerror "No home directory specified !"
422 die "Cannot call esethome without a home directory or '-1'"
425 if [[ ${ehome} == "-1" ]] ; then
429 # exit with no message if home dir is up to date
430 if [[ $(egethome "${euser}") == ${ehome} ]]; then
434 einfo "Updating home for user '${euser}' ..."
435 einfo " - Home: ${ehome}"
437 # ensure home directory exists, otherwise update will fail
438 if [[ ! -e ${ROOT}/${ehome} ]] ; then
439 einfo " - Creating ${ehome} in ${ROOT}"
440 mkdir -p "${ROOT}/${ehome}"
441 chown "${euser}" "${ROOT}/${ehome}"
442 chmod 755 "${ROOT}/${ehome}"
445 # update the home directory
448 dscl . change "/users/${euser}" home "${ehome}"
451 *-freebsd*|*-dragonfly*)
452 pw usermod "${euser}" -d "${ehome}" && return 0
453 [[ $? == 8 ]] && eerror "${euser} is in use, cannot update home"
454 eerror "There was an error when attempting to update the home directory for ${euser}"
455 eerror "Please update it manually on your system:"
456 eerror "\t pw usermod \"${euser}\" -d \"${ehome}\""
460 usermod -d "${ehome}" "${euser}" && return 0
461 [[ $? == 8 ]] && eerror "${euser} is in use, cannot update home"
462 eerror "There was an error when attempting to update the home directory for ${euser}"
463 eerror "Please update it manually on your system (as root):"
464 eerror "\t usermod -d \"${ehome}\" \"${euser}\""