diff --git a/usermngr/Makefile b/usermngr/Makefile index 549b98f3e..5dca1a1a8 100644 --- a/usermngr/Makefile +++ b/usermngr/Makefile @@ -5,7 +5,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=usermngr -PKG_VERSION:=1.2.14 +PKG_VERSION:=1.2.15 LOCAL_DEV:=0 ifneq ($(LOCAL_DEV),1) @@ -46,9 +46,10 @@ define Package/usermngr/install $(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/uci-defaults - $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/etc/init.d/users $(1)/etc/init.d/users - $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/etc/uci-defaults/90-indicate-bootstrap $(1)/etc/uci-defaults/90-indicate-bootstrap - $(INSTALL_BIN) $(PKG_BUILD_DIR)/files/etc/uci-defaults/91-sync-shells $(1)/etc/uci-defaults/91-sync-shells + $(INSTALL_DIR) $(1)/etc/users/roles + $(INSTALL_BIN) ./files/etc/uci-defaults/90-indicate-bootstrap $(1)/etc/uci-defaults/90-indicate-bootstrap + $(INSTALL_BIN) ./files/etc/uci-defaults/91-sync-shells $(1)/etc/uci-defaults/91-sync-shells + $(INSTALL_BIN) ./files/etc/init.d/users $(1)/etc/init.d/users $(INSTALL_BIN) ./files/etc/config/users $(1)/etc/config/users $(BBFDM_INSTALL_MS_DM) $(PKG_BUILD_DIR)/src/libusermngr.so $(1) $(PKG_NAME) endef diff --git a/usermngr/files/etc/init.d/users b/usermngr/files/etc/init.d/users new file mode 100755 index 000000000..827993af3 --- /dev/null +++ b/usermngr/files/etc/init.d/users @@ -0,0 +1,148 @@ +#!/bin/sh /etc/rc.common + +START=11 +STOP=90 +USE_PROCD=1 + +create_group() { + local group="$1" + local enabled deleted old_name + config_get enabled "$group" enabled "" + config_get deleted "$group" deleted "" + config_get old_name "$group" old_name "" + + groupname=${group#*_} + + if [ "$deleted" = "1" ]; then + groupdel -f "$groupname" + uci -q delete users."$group" + return 0 + fi + + if [ -n "$old_name" ]; then + del_group=${old_name#*_} + grep -rq "^$del_group:" /etc/group + if [ "$?" = "0" ]; then + groupdel -f "$del_group" + fi + uci -q delete users."$group".old_name + fi + + if [ "$enabled" = "1" ]; then + grep -rq "^$groupname:" /etc/group + if [ "$?" = "1" ]; then + groupadd -f "$groupname" + fi + else + grep -rq "^$groupname:" /etc/group + if [ "$?" = "0" ]; then + groupdel -f "$groupname" + fi + fi +} + +create_user() { + local user="$1" + local enabled password member_groups shell old_name deleted encrypted_password + config_get password "$user" password "" + config_get enabled "$user" enabled "" + config_get old_name "$user" old_name "" + config_get member_groups "$user" member_groups "" + config_get shell "$user" shell "" + config_get deleted "$user" deleted "" + config_get encrypted_password "$user" encrypted_password "" + + if [ "$deleted" = "1" ]; then + userdel -f "$user" + uci -q delete users."$user" + return 0 + fi + + if [ -n "$old_name" ]; then + cat /etc/passwd | cut -d: -f1 | grep -qE "^$old_name$" + if [ "$?" = "0" ]; then + usermod -b -l "$user" "$old_name" + fi + uci -q delete users."$user".old_name + fi + + grep -rq "^$user:" /etc/passwd + if [ "$?" = "1" ]; then + adduser -D -H -s /bin/false "$user" + fi + + # set password + if [ -n "$password" ]; then + echo "$user:$password" | chpasswd + uci -q delete users."$user".password + fi + + # set encrypted_password + if [ -n "$encrypted_password" ]; then + str=$(ubus call bbf.secure decode "{'data':'$encrypted_password'}" |jsonfilter -e @.value) + if [ -n "$str" ]; then + echo "$user:$str" | chpasswd + fi + fi + + # set shell + usermod -s /bin/false "$user" + if [ -n "$shell" ] && [ "$shell" != "false" ]; then + shellname=$(cat /etc/shells | grep -r "/$shell$") + if [ -n "$shellname" ]; then + shell_sec="" + shell_en="" + uci_param=$(uci -q show users | grep -E "^users\.@shell\[[0-9]+\]\.name=\'$shell\'$") + if [ -n "$uci_param" ]; then + shell_sec=$(echo "$uci_param" | cut -d= -f1 | cut -d. -f2) + fi + + if [ -n "$shell_sec" ]; then + shell_en=$(uci -q get users."$shell_sec".enabled) + fi + + if [ "$shell_en" = "1" ]; then + usermod -s "$shellname" "$user" + fi + fi + fi + + # add groups + usermod -G "" "$user" + if [ -n "$member_groups" ]; then + for i in ${member_groups//,/ } + do + group=${i#*_} + grep -rq "^$group:" /etc/group + if [ "$?" = "0" ]; then + usermod -aG "$group" "$user" + fi + done + fi + + if [ "$enabled" = "1" ]; then + usermod -U "$user" + else + usermod -L "$user" + fi +} + +start_service() { + config_load users + + # creation of non-static groups and users + config_foreach create_group group + config_foreach create_user user + uci commit users +} + +reload_service() { + stop + start +} + +service_triggers() +{ + procd_add_reload_trigger "users" +} + diff --git a/usermngr/files/etc/uci-defaults/90-indicate-bootstrap b/usermngr/files/etc/uci-defaults/90-indicate-bootstrap new file mode 100644 index 000000000..ae532fb09 --- /dev/null +++ b/usermngr/files/etc/uci-defaults/90-indicate-bootstrap @@ -0,0 +1,4 @@ +#!/bin/sh + +touch /var/run/user_bootstrap +touch /var/run/group_bootstrap diff --git a/usermngr/files/etc/uci-defaults/91-sync-shells b/usermngr/files/etc/uci-defaults/91-sync-shells new file mode 100644 index 000000000..af3fc03c1 --- /dev/null +++ b/usermngr/files/etc/uci-defaults/91-sync-shells @@ -0,0 +1,63 @@ +#!/bin/sh + +. /lib/functions.sh + +add_system_shells() { + system_shells=$(cat /etc/shells) + for line in $system_shells + do + shell_name=$(basename "${line}") + # Add the shell in UCI if not exists + sec=$(uci -q show users | grep -E "^users\.@shell\[[0-9]+\]\.name=\'$shell_name\'$") + if [ -z "${sec}" ]; then + sec=$(uci -q add users shell) + uci -q set users."${sec}".name="${shell_name}" + uci -q set users."${sec}.enabled=1" + uci commit users + fi + done +} + +#Now remove the shell from users if assigned +remove_user_shell() { + local shell + config_get shell "$1" shell "" + + if [ -n "${shell}" ]; then + if [ "${shell}" = "${2}" ]; then + uci -q set users."${1}.shell=" + fi + fi +} + +# Now remove non existing shell from UCI +remove_shell() { + local name + local exist=0 + config_get name "$1" name "" + system_shells=$(cat /etc/shells) + + if [ -n "${name}" ]; then + # Remove if not exist in system + exist=0 + for line in $system_shells + do + shell=$(basename "${line}") + if [ "${shell}" = "${name}" ]; then + exist=1 + break + fi + done + + if [ "${exist}" -eq 0 ]; then + uci -q delete users."$1" + # Remove this shell from users if assigned + config_foreach remove_user_shell user "${name}" + fi + fi +} + +config_load users +add_system_shells +config_foreach remove_shell shell +uci commit users