From nobody Tue Oct 07 06:52:12 2025 X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cgmz02FmJz69b5G; Tue, 07 Oct 2025 06:52:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cgmz01lklz3kNS; Tue, 07 Oct 2025 06:52:12 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759819932; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=n36OukZLdbK1daXApvjAh5cUqEvqEm0Wz4zTS/DHCJM=; b=puyq0pQGNWHLHOiJxJxeVqeReX60WBQj0jctm+qr9izMi4ULYafkK7eI2fibXjV0kD8B8v dpXEppCnZK7ydf1mPNWph86qj3p5gbeyMgSk7uO8CKJEXqdtjx9SxgLHuubNifdgFEf6Cl JdRpkBv068N0qk13Ks278TVrehsPvPbA4pa9vZav/S9Dj5oZ4sk8e9QWiwmNe+dQ4apGnU osoWc8yjFhvv5VVICP0TXvDuckM2KddeY3UmTuNJpxd/wOqkFDTZmZ+C3Y7p+U2Y2kc2UP wHIAzkrJiJp+4mlzZ/jS+8cTLxV8NqkMeUwhAZhxo8BW6rcoPx/BcYWxOIifmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759819932; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=n36OukZLdbK1daXApvjAh5cUqEvqEm0Wz4zTS/DHCJM=; b=PGnotTtLeTUkdEUfPrFpVeC7SWWxey75K/sPVFiM1ux7pJ2Mctb6JHpV5bO5ogZnwgvIkq q88NIKhBOoxdmyeFv89h6dCv+PiyvdN8/vR9XkBSnDSHmPYqhj+xhsaBVhaOf0tAya382u yOGD6vAEG/N+pod78XY/QFmgEBbQHw+QKHlJgdKlQkCt4MSc36Oe6F8dxDBBrY7IBmBChZ QHxwW6wHp52Kh6M5Nvn85XG7DE6JKhoM1IZ2fDAnNPydusz5M9yn6YbKVTCKIVPOKyn93+ S//eOKBZHDlM/VbV9Jlz6cNjuOCjxCoWaQTTq12yMPAS1Io8GopXXzXCD5olWg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1759819932; a=rsa-sha256; cv=none; b=p/h1eiEgQCsMY9YHX6eBZppEBuEm/+RHD2gM0OQOyG6oESw0CrmAsdHieRgo7ztYNh1xlN wkL++aaFkuCFHA+YAw8BpJmEdH9+kt0xUVeBKLk2OHSuGdv/Mo0SD/RUWxJJ6ko0DdVPSp PoUKcJks26vtw+PnVx1jBt21sBhnoKkNkfuXN54R7hrjDB55R4CajpGhEJv1N6djnjCMb4 zyaxObDFBinpV8yMzECmJsUn98KQnutIVEimP24/mYvLu7XHtxdtZICFnp4Lol2iQTzaVx PpP3CuxA0S+Mwgqhmrp+JFE4l9Niae+q8259utJbL9ONXY1PBs6ULyg45EFXxA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4cgmz01CQGzZd1; Tue, 07 Oct 2025 06:52:12 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 5976qCfv099840; Tue, 7 Oct 2025 06:52:12 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 5976qCZL099837; Tue, 7 Oct 2025 06:52:12 GMT (envelope-from git) Date: Tue, 7 Oct 2025 06:52:12 GMT Message-Id: <202510070652.5976qCZL099837@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Baptiste Daroussin Subject: git: 205797b9ef9d - stable/14 - nuageinit: Ignore non-existent groups List-Id: Commits to the stable branches of the FreeBSD src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-branches@freebsd.org Sender: owner-dev-commits-src-branches@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: bapt X-Git-Repository: src X-Git-Refname: refs/heads/stable/14 X-Git-Reftype: branch X-Git-Commit: 205797b9ef9df979da489aba5466e6d4d9bc6ad9 Auto-Submitted: auto-generated The branch stable/14 has been updated by bapt: URL: https://cgit.FreeBSD.org/src/commit/?id=205797b9ef9df979da489aba5466e6d4d9bc6ad9 commit 205797b9ef9df979da489aba5466e6d4d9bc6ad9 Author: Jesús Daniel Colmenares Oviedo AuthorDate: 2025-09-27 22:03:09 +0000 Commit: Baptiste Daroussin CommitDate: 2025-10-07 06:52:06 +0000 nuageinit: Ignore non-existent groups In cloud-init, when a group specified in the 'users.{index}.groups' parameter does not exist, it is ignored, but the user is created anyway. In the case of nuageinit, it exits with an exception, since pw(8) expects each group to exist. Reviewed by: bapt@ Approved by: bapt@ Differential Revision: https://reviews.freebsd.org/D52718 (cherry picked from commit 68691160f41bf6ce9ab70ddeeb7eeec2a7bff245) --- libexec/nuageinit/nuage.lua | 61 ++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 60 insertions(+), 1 deletion(-) diff --git a/libexec/nuageinit/nuage.lua b/libexec/nuageinit/nuage.lua index ef3cfd994fe1..3eeb2ea0b44c 100644 --- a/libexec/nuageinit/nuage.lua +++ b/libexec/nuageinit/nuage.lua @@ -139,6 +139,58 @@ local function splitlist(list) return ret end +local function splitlines(s) + local ret = {} + + for line in string.gmatch(s, "[^\n]+") do + ret[#ret + 1] = line + end + + return ret +end + +local function getgroups() + local ret = {} + + local root = os.getenv("NUAGE_FAKE_ROOTDIR") + local cmd = "pw " + if root then + cmd = cmd .. "-R " .. root .. " " + end + + local f = io.popen(cmd .. "groupshow -a 2> /dev/null | cut -d: -f1") + local groups = f:read("*a") + f:close() + + return splitlines(groups) +end + +local function checkgroup(group) + local groups = getgroups() + + for _, group2chk in ipairs(groups) do + if group == group2chk then + return true + end + end + + return false +end + +local function purge_group(groups) + local ret = {} + + for _, group in ipairs(groups) do + if checkgroup(group) then + ret[#ret + 1] = group + else + warnmsg("ignoring non-existent group '" .. group .. "'") + end + end + + return ret +end + local function adduser(pwd) if (type(pwd) ~= "table") then warnmsg("Argument should be a table") @@ -164,7 +216,14 @@ local function adduser(pwd) local extraargs = "" if pwd.groups then local list = splitlist(pwd.groups) - extraargs = " -G " .. table.concat(list, ",") + -- pw complains if the group does not exist, so if the user + -- specifies one that cannot be found, nuageinit will generate + -- an exception and exit, unlike cloud-init, which only issues + -- a warning but creates the user anyway. + list = purge_group(list) + if #list > 0 then + extraargs = " -G " .. table.concat(list, ",") + end end -- pw will automatically create a group named after the username -- do not add a -g option in this case