[meta-mentor] [PATCH] useradd.bbclass: Add members to a group
mikhail_durnev at mentor.com
mikhail_durnev at mentor.com
Sun Jun 23 23:29:37 PDT 2013
From: Mikhail Durnev <mikhail_durnev at mentor.com>
useradd.bbclass supports adding new users and new groups. But it does not
support adding existing users to existing groups.
There is a need of adding users to some groups (e.g. audio). The class was
extended to call groupmems utility with arguments passed via GROUPMEMS_PARAM.
Utility groupmems was patched to support sysroot settings.
Signed-off-by: Mikhail Durnev <mikhail_durnev at mentor.com>
---
classes/useradd.bbclass | 272 +++++++++++++++++++++
recipes/shadow/files/add_root_cmd_groupmems.patch | 75 ++++++
recipes/shadow/shadow-native_4.1.4.3.bbappend | 5 +
3 files changed, 352 insertions(+)
create mode 100644 classes/useradd.bbclass
create mode 100644 recipes/shadow/files/add_root_cmd_groupmems.patch
create mode 100644 recipes/shadow/shadow-native_4.1.4.3.bbappend
diff --git a/classes/useradd.bbclass b/classes/useradd.bbclass
new file mode 100644
index 0000000..7fd545a
--- /dev/null
+++ b/classes/useradd.bbclass
@@ -0,0 +1,272 @@
+# base-passwd-cross provides the default passwd and group files in the
+# target sysroot, and shadow -native and -sysroot provide the utilities
+# and support files needed to add and modify user and group accounts
+DEPENDS_append = "${USERADDDEPENDS}"
+USERADDDEPENDS = " base-passwd shadow-native shadow-sysroot shadow"
+USERADDDEPENDS_virtclass-cross = ""
+USERADDDEPENDS_class-native = ""
+USERADDDEPENDS_class-nativesdk = ""
+
+# This preinstall function can be run in four different contexts:
+#
+# a) Before do_install
+# b) At do_populate_sysroot_setscene when installing from sstate packages
+# c) As the preinst script in the target package at do_rootfs time
+# d) As the preinst script in the target package on device as a package upgrade
+#
+useradd_preinst () {
+OPT=""
+SYSROOT=""
+
+if test "x$D" != "x"; then
+ # Installing into a sysroot
+ SYSROOT="$D"
+ OPT="--root $D"
+
+ # Add groups and users defined for all recipe packages
+ GROUPADD_PARAM="${@get_all_cmd_params(d, 'groupadd')}"
+ USERADD_PARAM="${@get_all_cmd_params(d, 'useradd')}"
+ GROUPMEMS_PARAM="${@get_all_cmd_params(d, 'groupmems')}"
+else
+ # Installing onto a target
+ # Add groups and users defined only for this package
+ GROUPADD_PARAM="${GROUPADD_PARAM}"
+ USERADD_PARAM="${USERADD_PARAM}"
+ GROUPMEMS_PARAM="${GROUPMEMS_PARAM}"
+fi
+
+# Perform group additions first, since user additions may depend
+# on these groups existing
+if test "x$GROUPADD_PARAM" != "x"; then
+ echo "Running groupadd commands..."
+ # Invoke multiple instances of groupadd for parameter lists
+ # separated by ';'
+ opts=`echo "$GROUPADD_PARAM" | cut -d ';' -f 1`
+ remaining=`echo "$GROUPADD_PARAM" | cut -d ';' -f 2-`
+ while test "x$opts" != "x"; do
+ groupname=`echo "$opts" | awk '{ print $NF }'`
+ group_exists=`grep "^$groupname:" $SYSROOT/etc/group || true`
+ if test "x$group_exists" = "x"; then
+ count=1
+ while true; do
+ eval $PSEUDO groupadd $OPT $opts || true
+ group_exists=`grep "^$groupname:" $SYSROOT/etc/group || true`
+ if test "x$group_exists" = "x"; then
+ # File locking issues can require us to retry the command
+ echo "WARNING: groupadd command did not succeed. Retrying..."
+ sleep 1
+ else
+ break
+ fi
+ count=`expr $count + 1`
+ if test $count = 11; then
+ echo "ERROR: tried running groupadd command 10 times without success, giving up"
+ exit 1
+ fi
+ done
+ else
+ echo "Note: group $groupname already exists, not re-creating it"
+ fi
+
+ if test "x$opts" = "x$remaining"; then
+ break
+ fi
+ opts=`echo "$remaining" | cut -d ';' -f 1`
+ remaining=`echo "$remaining" | cut -d ';' -f 2-`
+ done
+fi
+
+if test "x$USERADD_PARAM" != "x"; then
+ echo "Running useradd commands..."
+ # Invoke multiple instances of useradd for parameter lists
+ # separated by ';'
+ opts=`echo "$USERADD_PARAM" | cut -d ';' -f 1`
+ remaining=`echo "$USERADD_PARAM" | cut -d ';' -f 2-`
+ while test "x$opts" != "x"; do
+ # useradd does not have a -f option, so we have to check if the
+ # username already exists manually
+ username=`echo "$opts" | awk '{ print $NF }'`
+ user_exists=`grep "^$username:" $SYSROOT/etc/passwd || true`
+ if test "x$user_exists" = "x"; then
+ count=1
+ while true; do
+ eval $PSEUDO useradd $OPT $opts || true
+ user_exists=`grep "^$username:" $SYSROOT/etc/passwd || true`
+ if test "x$user_exists" = "x"; then
+ # File locking issues can require us to retry the command
+ echo "WARNING: useradd command did not succeed. Retrying..."
+ sleep 1
+ else
+ break
+ fi
+ count=`expr $count + 1`
+ if test $count = 11; then
+ echo "ERROR: tried running useradd command 10 times without success, giving up"
+ exit 1
+ fi
+ done
+ else
+ echo "Note: username $username already exists, not re-creating it"
+ fi
+
+ if test "x$opts" = "x$remaining"; then
+ break
+ fi
+ opts=`echo "$remaining" | cut -d ';' -f 1`
+ remaining=`echo "$remaining" | cut -d ';' -f 2-`
+ done
+fi
+
+if test "x$GROUPMEMS_PARAM" != "x"; then
+ echo "Running groupmems commands..."
+ # groupmems fails if /etc/gshadow does not exist
+ if [ -f $SYSROOT${sysconfdir}/gshadow ]; then
+ gshadow="yes"
+ else
+ gshadow="no"
+ touch $SYSROOT${sysconfdir}/gshadow
+ fi
+ # Invoke multiple instances of groupmems for parameter lists
+ # separated by ';'
+ opts=`echo "$GROUPMEMS_PARAM" | cut -d ';' -f 1`
+ remaining=`echo "$GROUPMEMS_PARAM" | cut -d ';' -f 2-`
+ while test "x$opts" != "x"; do
+ groupname=`echo "$opts" | awk '{ for (i = 1; i < NF; i++) if ($i == "-g" || $i == "--group") print $(i+1) }'`
+ username=`echo "$opts" | awk '{ for (i = 1; i < NF; i++) if ($i == "-a" || $i == "--add") print $(i+1) }'`
+ echo "$groupname $username"
+ mem_exists=`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $SYSROOT/etc/group || true`
+ if test "x$mem_exists" = "x"; then
+ count=1
+ while true; do
+ eval $PSEUDO groupmems $OPT $opts || true
+ mem_exists=`grep "^$groupname:[^:]*:[^:]*:\([^,]*,\)*$username\(,[^,]*\)*" $SYSROOT/etc/group || true`
+ if test "x$mem_exists" = "x"; then
+ # File locking issues can require us to retry the command
+ echo "WARNING: groupmems command did not succeed. Retrying..."
+ sleep 1
+ else
+ break
+ fi
+ count=`expr $count + 1`
+ if test $count = 11; then
+ echo "ERROR: tried running groupmems command 10 times without success, giving up"
+ if test "x$gshadow" = "xno"; then
+ rm -f $SYSROOT${sysconfdir}/gshadow
+ rm -f $SYSROOT${sysconfdir}/gshadow-
+ fi
+ exit 1
+ fi
+ done
+ else
+ echo "Note: group $groupname already contains $username, not re-adding it"
+ fi
+
+ if test "x$opts" = "x$remaining"; then
+ break
+ fi
+ opts=`echo "$remaining" | cut -d ';' -f 1`
+ remaining=`echo "$remaining" | cut -d ';' -f 2-`
+ done
+ if test "x$gshadow" = "xno"; then
+ rm -f $SYSROOT${sysconfdir}/gshadow
+ rm -f $SYSROOT${sysconfdir}/gshadow-
+ fi
+fi
+}
+
+useradd_sysroot () {
+ # Pseudo may (do_install) or may not (do_populate_sysroot_setscene) be running
+ # at this point so we're explicit about the environment so pseudo can load if
+ # not already present.
+ export PSEUDO="${FAKEROOTENV} PSEUDO_LOCALSTATEDIR=${STAGING_DIR_TARGET}${localstatedir}/pseudo ${STAGING_DIR_NATIVE}${bindir}/pseudo"
+
+ # Explicitly set $D since it isn't set to anything
+ # before do_install
+ D=${STAGING_DIR_TARGET}
+ useradd_preinst
+}
+
+useradd_sysroot_sstate () {
+ if [ "${BB_CURRENTTASK}" = "package_setscene" ]
+ then
+ useradd_sysroot
+ fi
+}
+
+do_install[prefuncs] += "${SYSROOTFUNC}"
+SYSROOTFUNC = "useradd_sysroot"
+SYSROOTFUNC_virtclass-cross = ""
+SYSROOTFUNC_class-native = ""
+SYSROOTFUNC_class-nativesdk = ""
+SSTATEPREINSTFUNCS += "${SYSROOTPOSTFUNC}"
+SYSROOTPOSTFUNC = "useradd_sysroot_sstate"
+SYSROOTPOSTFUNC_virtclass-cross = ""
+SYSROOTPOSTFUNC_class-native = ""
+SYSROOTPOSTFUNC_class-nativesdk = ""
+
+USERADDSETSCENEDEPS = "${MLPREFIX}base-passwd:do_populate_sysroot_setscene shadow-native:do_populate_sysroot_setscene ${MLPREFIX}shadow-sysroot:do_populate_sysroot_setscene"
+USERADDSETSCENEDEPS_virtclass-cross = ""
+USERADDSETSCENEDEPS_class-native = ""
+USERADDSETSCENEDEPS_class-nativesdk = ""
+do_package_setscene[depends] = "${USERADDSETSCENEDEPS}"
+
+# Recipe parse-time sanity checks
+def update_useradd_after_parse(d):
+ useradd_packages = d.getVar('USERADD_PACKAGES', True)
+
+ if not useradd_packages:
+ raise bb.build.FuncFailed, "%s inherits useradd but doesn't set USERADD_PACKAGES" % d.getVar('FILE')
+
+ for pkg in useradd_packages.split():
+ if not d.getVar('USERADD_PARAM_%s' % pkg, True) and not d.getVar('GROUPADD_PARAM_%s' % pkg, True) and not d.getVar('GROUPMEMS_PARAM_%s' % pkg, True):
+ raise bb.build.FuncFailed, "%s inherits useradd but doesn't set USERADD_PARAM, GROUPADD_PARAM or GROUPMEMS_PARAM for package %s" % (d.getVar('FILE'), pkg)
+
+python __anonymous() {
+ update_useradd_after_parse(d)
+}
+
+# Return a single [GROUP|USER]ADD_PARAM formatted string which includes the
+# [group|user]add parameters for all USERADD_PACKAGES in this recipe
+def get_all_cmd_params(d, cmd_type):
+ import string
+
+ param_type = cmd_type.upper() + "_PARAM_%s"
+ params = []
+
+ useradd_packages = d.getVar('USERADD_PACKAGES', True) or ""
+ for pkg in useradd_packages.split():
+ param = d.getVar(param_type % pkg, True)
+ if param:
+ params.append(param)
+
+ return string.join(params, "; ")
+
+# Adds the preinst script into generated packages
+fakeroot python populate_packages_prepend () {
+ def update_useradd_package(pkg):
+ bb.debug(1, 'adding user/group calls to preinst for %s' % pkg)
+
+ """
+ useradd preinst is appended here because pkg_preinst may be
+ required to execute on the target. Not doing so may cause
+ useradd preinst to be invoked twice, causing unwanted warnings.
+ """
+ preinst = d.getVar('pkg_preinst_%s' % pkg, True) or d.getVar('pkg_preinst', True)
+ if not preinst:
+ preinst = '#!/bin/sh\n'
+ preinst += d.getVar('useradd_preinst', True)
+ d.setVar('pkg_preinst_%s' % pkg, preinst)
+
+ # RDEPENDS setup
+ rdepends = d.getVar("RDEPENDS_%s" % pkg, True) or ""
+ rdepends += ' ' + d.getVar('MLPREFIX') + 'base-passwd'
+ rdepends += ' ' + d.getVar('MLPREFIX') + 'shadow'
+ d.setVar("RDEPENDS_%s" % pkg, rdepends)
+
+ # Add the user/group preinstall scripts and RDEPENDS requirements
+ # to packages specified by USERADD_PACKAGES
+ if not bb.data.inherits_class('nativesdk', d):
+ useradd_packages = d.getVar('USERADD_PACKAGES', True) or ""
+ for pkg in useradd_packages.split():
+ update_useradd_package(pkg)
+}
diff --git a/recipes/shadow/files/add_root_cmd_groupmems.patch b/recipes/shadow/files/add_root_cmd_groupmems.patch
new file mode 100644
index 0000000..a59d89e
--- /dev/null
+++ b/recipes/shadow/files/add_root_cmd_groupmems.patch
@@ -0,0 +1,75 @@
+Add a --root command option to groupmems utility.
+
+This option allows the utility to be chrooted when run under pseudo.
+
+Signed-off-by: Mikhail Durnev <mikhail_durnev at mentor.com>
+
+diff -Naur old/src/groupmems.c new/src/groupmems.c
+--- old/src/groupmems.c 2011-02-13 11:58:16.000000000 -0600
++++ new/src/groupmems.c 2013-05-30 04:45:38.000000000 -0500
+@@ -60,6 +60,7 @@
+ #define EXIT_MEMBER_EXISTS 7 /* member of group already exists */
+ #define EXIT_INVALID_USER 8 /* specified user does not exist */
+ #define EXIT_INVALID_GROUP 9 /* specified group does not exist */
++#define EXIT_BAD_ARG 10 /* invalid argument to option */
+
+ /*
+ * Global variables
+@@ -79,6 +80,7 @@
+ static bool is_shadowgrp;
+ static bool sgr_locked = false;
+ #endif
++static const char *newroot = "";
+
+ /* local function prototypes */
+ static char *whoami (void);
+@@ -368,6 +370,7 @@
+ "Options:\n"
+ " -g, --group groupname change groupname instead of the user's group\n"
+ " (root only)\n"
++ " -R, --root CHROOT_DIR directory to chroot into\n"
+ "\n"
+ "Actions:\n"
+ " -a, --add username add username to the members of the group\n"
+@@ -391,10 +394,11 @@
+ {"group", required_argument, NULL, 'g'},
+ {"list", no_argument, NULL, 'l'},
+ {"purge", no_argument, NULL, 'p'},
++ {"root", required_argument, NULL, 'R'},
+ {NULL, 0, NULL, '\0'}
+ };
+
+- while ((arg = getopt_long (argc, argv, "a:d:g:lp", long_options,
++ while ((arg = getopt_long (argc, argv, "a:d:g:lpR:", long_options,
+ &option_index)) != EOF) {
+ switch (arg) {
+ case 'a':
+@@ -416,6 +420,28 @@
+ purge = true;
+ ++exclusive;
+ break;
++ case 'R':
++ if ('/' != optarg[0]) {
++ fprintf (stderr,
++ _("%s: invalid chroot path '%s'\n"),
++ Prog, optarg);
++ exit (EXIT_BAD_ARG);
++ }
++ newroot = optarg;
++
++ if (access (newroot, F_OK) != 0) {
++ fprintf(stderr,
++ _("%s: chroot directory %s does not exist\n"),
++ Prog, newroot);
++ exit (EXIT_BAD_ARG);
++ }
++ if ( chroot(newroot) != 0 ) {
++ fprintf(stderr,
++ _("%s: unable to chroot to directory %s\n"),
++ Prog, newroot);
++ exit (EXIT_BAD_ARG);
++ }
++ break;
+ default:
+ usage ();
+ }
diff --git a/recipes/shadow/shadow-native_4.1.4.3.bbappend b/recipes/shadow/shadow-native_4.1.4.3.bbappend
new file mode 100644
index 0000000..de6e40f
--- /dev/null
+++ b/recipes/shadow/shadow-native_4.1.4.3.bbappend
@@ -0,0 +1,5 @@
+PRINC := "${@int(PRINC) + 1}"
+
+FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
+
+SRC_URI += "file://add_root_cmd_groupmems.patch"
--
1.7.9.5
More information about the meta-mentor
mailing list