ports/108514: [PROPOSAL] Automatic registering of UID and GID (bsd.port.mk)
Martin Matuska
martin at matuska.org
Mon Jan 29 13:50:18 UTC 2007
>Number: 108514
>Category: ports
>Synopsis: [PROPOSAL] Automatic registering of UID and GID (bsd.port.mk)
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Mon Jan 29 13:50:14 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Martin Matuska
>Release: FreeBSD 6.2-RELEASE amd64
>Organization:
>Environment:
System: FreeBSD 6.2-RELEASE amd64
>Description:
The FreeBSD Project ideas list looks for a framework for adding users/groups
to the system automatically.
See the following URL:
http://www.freebsd.org/projects/ideas/#p-ports-uid
The patch included contains a working proposal how this framework might look like.
The main problem is to make this work with the package system -
a pre-install (or post-install) script has to be included when
creating a package with pkg_create. But the port maintainer still needs the ability
to supply his own pkg-install and pkg-deinstall scripts.
This proposal uses the POST-INSTALL (-I) and POST-DEINSTALL (-K) features
of pkg_create, so that two scripts can be included. This solution makes the POST_INSTALL
and POST_DEINSTALL parts of the existing pkg-install scripts not work (this does always
apply only if ADDUSER and ADDGROUP is defined)
The question is if it is desired to have users and groups created before or after install.
There are two more approaches I considered:
1. Merging scripts
PROBLEM: impossible if /bin/sh is not used as interpreter for pkg-install or pkg-deinstall
2. Separate includable script by pkg_create
PROBLEM: no backwards compatibility with earlier freebsd versions,
requires a major change to the pkg_install system
>How-To-Repeat:
>Fix:
--- bsd.port.mk.orig Fri Jan 26 11:53:11 2007
+++ bsd.port.mk Mon Jan 29 14:20:23 2007
@@ -490,6 +490,44 @@
##
# USE_APACHE - If set, this port relies on an apache webserver.
#
+##
+#
+# Add required user and group entries on install. Use if your port needs user and group entries.
+# Uses existing groups/users, if available (does not overwrite). Groups are created before users.
+#
+# Group entries
+#
+# ADDGROUP - A list of group names to be added to the system on port
+# or package install. Existing groups will not be overwritten.
+# Default: not set.
+#
+# The following variables are effective only if [group] is in the ADDGROUP list
+#
+# ADDGROUP_[group]_gid - gid for [group]
+# Default: not set. (= use next gid from pw.conf)
+# ADDGROUP_[group]_members - members for [group]
+# Default: not set.
+#
+# User entries
+#
+# ADDUSER - A list of user names to be added to the system on port
+# or package install. Existing users will not be overwritten.
+# Default: not set.
+#
+# The following variables are effective only if [user] is in the ADDUSER list
+#
+# ADDUSER_[user]_uid - uid for [user]
+# Default: not set. (= use next uid from pw.conf)
+# ADDUSER_[user]_group - group name or gid for [user]
+# Default: not set. (= if a group with same name as [user]
+# exists it is used, else uses default gid from pw.conf)
+# ADDUSER_[user]_comment - comment for [user]
+# Default: "Sandbox"
+# ADDUSER_[user]_homedir - homedir for [user]
+# Default: /
+# ADDUSER_[user]_shell - shell for [user]
+# Default: nologin
+#
# Conflict checking. Use if your port cannot be installed at the same time as
# another package.
#
@@ -1085,11 +1123,13 @@
MKDIR?= /bin/mkdir -p
MKTEMP?= /usr/bin/mktemp
MV?= /bin/mv
+NOLOGIN?= /usr/sbin/nologin
OBJCOPY?= /usr/bin/objcopy
OBJDUMP?= /usr/bin/objdump
PASTE?= /usr/bin/paste
PAX?= /bin/pax
PRINTF?= /usr/bin/printf
+PW?= /usr/sbin/pw
REALPATH?= /bin/realpath
RM?= /bin/rm
RMDIR?= /bin/rmdir
@@ -3675,6 +3715,92 @@
.endif
.endif
+# Add users and groups
+
+INSTALL_USERGROUP= ${WRKDIR}/.install-usergroup
+DEINSTALL_USERGROUP= ${WRKDIR}/.deinstall-usergroup
+
+.if !target(add-user-group)
+add-user-group:
+.if defined(ADDGROUP) || defined(ADDUSER)
+ @${ECHO_CMD} \#\!${SH} > ${INSTALL_USERGROUP}
+ @${ECHO_CMD} \#\!${SH} > ${DEINSTALL_USERGROUP}
+.endif
+.if defined(ADDGROUP)
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> The port may have added the following group\(s\):\" >> ${DEINSTALL_USERGROUP}
+ @${ECHO_CMD} -n "${ECHO_MSG} " >> ${DEINSTALL_USERGROUP}
+.for _ADDGROUP in ${ADDGROUP}
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> Checking if group ${_ADDGROUP} exists\" >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${PW} groupshow ${_ADDGROUP} \>/dev/null 2\>/dev/null \|\| err=\"1\" >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} if [ \"$$\{err\}\" != \"1\" ] \; then >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> Group ${_ADDGROUP} already exists, using existing\"\; ${TRUE} >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} else >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} -n err=0\; >> ${INSTALL_USERGROUP}
+.if defined(ADDGROUP_${_ADDGROUP}_gid)
+ @${ECHO_CMD} PW_GID=\"-g ${ADDGROUP_${_ADDGROUP}_gid}\" >> ${INSTALL_USERGROUP}
+.endif
+.if defined(ADDGROUP_${_ADDGROUP}_members)
+ @${ECHO_CMD} PW_MEMBERS=\"-M ${ADDGROUP_${_ADDGROUP}_members}\" >> ${INSTALL_USERGROUP}
+.endif
+ @${ECHO_CMD} ${PW} groupadd ${_ADDGROUP} -q \$${PW_GID} \$${PW_MEMBERS} \|\| err="1" >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} if [ \"$$\{err\}\" = \"1\" ] \; then >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${ECHO_MSG} \"Error: Could not add group ${_ADDGROUP}\"\; ${FALSE} >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} else >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> Added group ${_ADDGROUP}\"\; ${ECHO_MSG} \`${PW} groupshow ${_ADDGROUP}\` >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} fi\; fi >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} -n "${_ADDGROUP} " >> ${DEINSTALL_USERGROUP}
+.endfor
+ @${ECHO_CMD} >> ${DEINSTALL_USERGROUP}
+.endif
+.if defined(ADDUSER)
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> The port may have added the following user\(s\):\" >> ${DEINSTALL_USERGROUP}
+ @${ECHO_CMD} -n "${ECHO_MSG} " >> ${DEINSTALL_USERGROUP}
+.for _ADDUSER in ${ADDUSER}
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> Checking if user ${_ADDUSER} exists\" >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${PW} usershow ${_ADDUSER} \>/dev/null 2\>/dev/null \|\| err=\"1\" >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} if [ \"$$\{err\}\" != \"1\" ] \; then >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> User ${_ADDUSER} already exists, using existing\"\; err=0\; ${TRUE} >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} else err=0\;>> ${INSTALL_USERGROUP}
+.if defined(ADDUSER_${_ADDUSER}_uid)
+ @${ECHO_CMD} PW_UID=\"-u ${ADDUSER_${_ADDUSER}_uid}\" >> ${INSTALL_USERGROUP}
+.endif
+.if defined(ADDUSER_${_ADDUSER}_group)
+ @${ECHO_CMD} PW_GROUP=\"-g ${ADDUSER_${_ADDUSER}_group}\" >> ${INSTALL_USERGROUP}
+.else
+ @${ECHO_CMD} ${PW} groupshow ${_ADDUSER} \>/dev/null 2\>/dev/null || err=\"1\"; >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} if [ \"$$\{err\}\" != \"1\" ] \; then >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} PW_GROUP=\"-g ${_ADDUSER}\"\; fi\; err=0\; >> ${INSTALL_USERGROUP}
+.endif
+.if defined(ADDUSER_${_ADDUSER}_comment)
+ @${ECHO_CMD} PW_COMMENT=\"${ADDUSER_${_ADDUSER}_comment}\" >> ${INSTALL_USERGROUP}
+.else
+ @${ECHO_CMD} PW_COMMENT=\"Sandbox\" >> ${INSTALL_USERGROUP}
+.endif
+.if defined(ADDUSER_${_ADDUSER}_homedir)
+ @${ECHO_CMD} PW_HOMEDIR=\"${ADDUSER_${_ADDUSER}_homedir}\" >> ${INSTALL_USERGROUP}
+.else
+ @${ECHO_CMD} PW_HOMEDIR=\"/\" >> ${INSTALL_USERGROUP}
+.endif
+.if defined(ADDUSER_${_ADDUSER}_shell)
+ @${ECHO_CMD} PW_SHELL=\"${ADDUSER_${_ADDUSER}_shell}\" >> ${INSTALL_USERGROUP}
+.else
+ @${ECHO_CMD} PW_SHELL=\"${NOLOGIN}\" >> ${INSTALL_USERGROUP}
+.endif
+ @${ECHO_CMD} ${PW} useradd ${_ADDUSER} -q \$${PW_UID} \$${PW_GROUP} -c \"\$${PW_COMMENT}\" -d \"\$${PW_HOMEDIR}\" -s \"\$${PW_SHELL}\" \|\| err=\"1\" >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} if [ \"\$$\{err\}\" = \"1\" ] \; then >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${ECHO_MSG} "Error: Could not add user ${_ADDUSER}"\; err=0\; ${FALSE} >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} else >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} ${ECHO_MSG} \"===\> Added user ${_ADDUSER}\"\; ${ECHO_MSG} \`${PW} usershow ${_ADDUSER}\` >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} fi\; fi >> ${INSTALL_USERGROUP}
+ @${ECHO_CMD} -n "${_ADDUSER} " >> ${DEINSTALL_USERGROUP}
+.endfor
+ @${ECHO_CMD} >> ${DEINSTALL_USERGROUP}
+.endif
+.if defined(ADDGROUP) || defined(ADDUSER)
+ @${SH} ${INSTALL_USERGROUP}
+.endif
+.endif
+
# Package
.if !target(do-package)
@@ -3695,6 +3821,12 @@
if [ -f ${PKGDEINSTALL} ]; then \
_LATE_PKG_ARGS="$${_LATE_PKG_ARGS} -k ${PKGDEINSTALL}"; \
fi; \
+ if [ -f ${INSTALL_USERGROUP} ]; then \
+ _LATE_PKG_ARGS="$${_LATE_PKG_ARGS} -I ${INSTALL_USERGROUP}"; \
+ fi; \
+ if [ -f ${DEINSTALL_USERGROUP} ]; then \
+ _LATE_PKG_ARGS="$${_LATE_PKG_ARGS} -K ${DEINSTALL_USERGROUP}"; \
+ fi; \
if [ -f ${PKGREQ} ]; then \
_LATE_PKG_ARGS="$${_LATE_PKG_ARGS} -r ${PKGREQ}"; \
fi; \
@@ -4144,8 +4276,9 @@
_INSTALL_SUSEQ= check-umask install-mtree pre-su-install \
pre-su-install-script do-install install-desktop-entries \
post-install post-install-script add-plist-info \
- add-plist-docs add-plist-post install-rc-script compress-man \
- install-ldconfig-file fake-pkg security-check
+ add-plist-docs add-plist-post \
+ add-user-group install-rc-script \
+ compress-man install-ldconfig-file fake-pkg security-check
_PACKAGE_DEP= install
_PACKAGE_SEQ= package-message pre-package pre-package-script \
do-package post-package-script
@@ -5622,8 +5755,14 @@
if [ -f ${PKGINSTALL} ]; then \
${CP} ${PKGINSTALL} ${PKG_DBDIR}/${PKGNAME}/+INSTALL; \
fi; \
+ if [ -f ${INSTALL_USERGROUP} ]; then \
+ ${CP} ${INSTALL_USERGROUP} ${PKG_DBDIR}/${PKGNAME}/+POST-INSTALL; \
+ fi; \
if [ -f ${PKGDEINSTALL} ]; then \
${CP} ${PKGDEINSTALL} ${PKG_DBDIR}/${PKGNAME}/+DEINSTALL; \
+ fi; \
+ if [ -f ${DEINSTALL_USERGROUP} ]; then \
+ ${CP} ${DEINSTALL_USERGROUP} ${PKG_DBDIR}/${PKGNAME}/+POST-DEINSTALL; \
fi; \
if [ -f ${PKGREQ} ]; then \
${CP} ${PKGREQ} ${PKG_DBDIR}/${PKGNAME}/+REQUIRE; \
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list