particle-os/debian-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

stages: run useradd, usermod, and passwd with --root

Browse source 
The useradd, usermod, and passwd commands support a `--root` option that
handles chroot-ing for the command.  In general, we prefer using this
option for commands that provide it and relying on the utility itself to
know how to set up the chroot in the way it needs.

The option has been available for these commands since 2011 [1] and it's
unclear why they weren't used originally.

The `mkhomedir_helper` command is still run using our Chroot context, so
the fix introduced in 9071cd0abb is
unaffected.

[1] 365279ea95/ChangeLog (L1339)
This commit is contained in:
Achilleas Koutsou 2024-11-26 12:21:49 +01:00 committed by Ondřej Budai
parent b9efc1f9bf
commit 97007b9e3d
1 changed files with 4 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
stages/org.osbuild.users
View file

@ -1,5 +1,6 @@
#!/usr/bin/python3 #!/usr/bin/python3
import os import os
import subprocess
import sys import sys
import osbuild.api import osbuild.api
@ -48,8 +49,7 @@ def useradd(
if expiredate is not None: if expiredate is not None:
arguments += ["--expiredate", str(expiredate)] arguments += ["--expiredate", str(expiredate)]
with Chroot(root) as chroot: subprocess.run(["useradd", "--root", root, *arguments, name], check=True)
chroot.run(["useradd", *arguments, name], check=True)
def usermod(root, name, gid=None, groups=None, description=None, home=None, shell=None, password=None, expiredate=None): def usermod(root, name, gid=None, groups=None, description=None, home=None, shell=None, password=None, expiredate=None):
@ -70,8 +70,7 @@ def usermod(root, name, gid=None, groups=None, description=None, home=None, shel
arguments += ["--expiredate", str(expiredate)] arguments += ["--expiredate", str(expiredate)]
if arguments: if arguments:
with Chroot(root) as chroot: subprocess.run(["usermod", "--root", root, *arguments, name], check=True)
chroot.run(["usermod", *arguments, name], check=True)
def add_ssh_keys(root, user, keys): def add_ssh_keys(root, user, keys):
@ -130,8 +129,7 @@ def main(tree, options):
useradd(tree, name, uid, gid, groups, description, home, shell, password, expiredate) useradd(tree, name, uid, gid, groups, description, home, shell, password, expiredate)
if force_password_reset: if force_password_reset:
with Chroot(tree) as chroot: subprocess.run(["passwd", "--root", tree, "--expire", name], check=True)
chroot.run(["passwd", "--expire", name], check=True)
# following maintains backwards compatibility for handling a single ssh key # following maintains backwards compatibility for handling a single ssh key
key = user_options.get("key") # Public SSH key key = user_options.get("key") # Public SSH key