Skip to content

Commit

Permalink
Various fixes to allow uid to be in a correct range (mudler#159)
Browse files Browse the repository at this point in the history 
* Use variable that has "Name" assigned

otherwise the user always appears as if it doesn't exist

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

* Bump entities and xpasswd

and let them automatically set the uid and gid inside the "human" users
range.

Relevant:
- mauromorales/xpasswd#3
- mudler/entities#15

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>

---------

Signed-off-by: Dimitris Karakasilis <dimitris@karakasilis.me>
(cherry picked from commit d76f75c)
  • Loading branch information
@jimmykarily @davidcassany
jimmykarily authored and davidcassany committed Jul 3, 2024
1 parent 0f870b3 commit 7821436
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 28 deletions.
4 changes: 2 additions & 2 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,8 +12,8 @@ require (
github.com/itchyny/gojq v0.12.15
github.com/joho/godotenv v1.5.1
github.com/kendru/darwin/go/depgraph v0.0.0-20221105232959-877d6a81060c
github.com/mauromorales/xpasswd v0.3.1
github.com/mudler/entities v0.0.0-20240611135956-f8f11ba52c2f
github.com/mauromorales/xpasswd v0.4.0
github.com/mudler/entities v0.0.0-20240625130751-3d7f84082f3a
github.com/onsi/ginkgo/v2 v2.19.0
github.com/onsi/gomega v1.33.1
github.com/rancher-sandbox/linuxkit v1.0.2
Expand Down
8 changes: 4 additions & 4 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,17 +112,17 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/mauromorales/xpasswd v0.3.1 h1:mVPGISfzN/WaCUjYRFiDgIREb2NMfwgPSj3LS6QMm0Q=
github.com/mauromorales/xpasswd v0.3.1/go.mod h1:Z3+aY19mhNfcGi3st0+RAVSz2vC+pyoju2S/FPN8kEg=
github.com/mauromorales/xpasswd v0.4.0 h1:Jf6mfA8lwQsYzwgfQADPDGV7l/liAvRrnG+nQTPy0j8=
github.com/mauromorales/xpasswd v0.4.0/go.mod h1:Z3+aY19mhNfcGi3st0+RAVSz2vC+pyoju2S/FPN8kEg=
github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw=
github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
github.com/modocache/gover v0.0.0-20171022184752-b58185e213c5/go.mod h1:caMODM3PzxT8aQXRPkAt8xlV/e7d7w8GM5g0fa5F0D8=
github.com/mudler/entities v0.0.0-20240611135956-f8f11ba52c2f h1:5x1OeWl4gSW3L9KzntvWphjrcHASXq3gI351BgBbXjs=
github.com/mudler/entities v0.0.0-20240611135956-f8f11ba52c2f/go.mod h1:TXMcB82+CBF3fEQhIch/gFSuWVcItz4BdTfomYGW1jg=
github.com/mudler/entities v0.0.0-20240625130751-3d7f84082f3a h1:IeKeUwMeqfGYblesrk7Gu72z1xsJrceiIDDES4Rj3+U=
github.com/mudler/entities v0.0.0-20240625130751-3d7f84082f3a/go.mod h1:7bNIR64mpm7ld4bnDQ+LjHBPhUDAqoBQuv4aK53UGSs=
github.com/onsi/ginkgo v1.12.0 h1:Iw5WCbBcaAAd0fpRb1c9r5YCylv4XDoCSigm1zLevwU=
github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg=
github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA=
Expand Down
49 changes: 27 additions & 22 deletions pkg/plugins/user.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,30 +69,15 @@ func createUser(fs vfs.FS, u schema.User, console Console) error {
}

primaryGroup := u.Name
gid := 1000

gid := -1 // -1 instructs entities to find the next free id and assign it
if u.PrimaryGroup != "" {
gr, err := osuser.LookupGroup(u.PrimaryGroup)
if err != nil {
return fmt.Errorf("could not resolve primary group of user: %s", err.Error())
}
gid, _ = strconv.Atoi(gr.Gid)
primaryGroup = u.PrimaryGroup
} else {
// Create a new group after the user name
all, _ := entities.ParseGroup(etcgroup)
if len(all) != 0 {
usedGids := []int{}
for _, entry := range all {
usedGids = append(usedGids, *entry.Gid)
}
sort.Ints(usedGids)
if len(usedGids) == 0 {
return fmt.Errorf("no new guid found for group: %s", etcgroup)
}
gid = usedGids[len(usedGids)-1]
gid++
}
}

updateGroup := entities.Group{
Expand All @@ -101,9 +86,22 @@ func createUser(fs vfs.FS, u schema.User, console Console) error {
Gid: &gid,
Users: u.Name,
}
updateGroup.Apply(etcgroup, false)
err = updateGroup.Apply(etcgroup, false)
if err != nil {
return fmt.Errorf("creating the user's group: %v", err)
}

uid := 1000
// reload the group to get the generated GID
groups, _ := entities.ParseGroup(etcgroup)
for name, group := range groups {
if name == updateGroup.Name {
updateGroup = group
gid = *group.Gid
break
}
}

uid := -1
if u.UID != "" {
// User defined-uid
uid, err = strconv.Atoi(u.UID)
Expand All @@ -123,9 +121,16 @@ func createUser(fs vfs.FS, u schema.User, console Console) error {
return fmt.Errorf("could not get user id: %v", err)
}
} else {
uid = list.GenerateUID()
// https://systemd.io/UIDS-GIDS/#special-distribution-uid-ranges
uid, err = list.GenerateUIDInRange(entities.HumanIDMin, entities.HumanIDMax)
if err != nil {
return fmt.Errorf("no available uid: %v", err)
}
}
}
if uid == -1 {
return fmt.Errorf("could not set uid for user")
}

if u.Homedir == "" {
u.Homedir = fmt.Sprintf("%s/%s", usrDefaults["HOME"], u.Name)
Expand Down Expand Up @@ -162,7 +167,7 @@ func createUser(fs vfs.FS, u schema.User, console Console) error {
os.Chown(homedir, uid, gid)
}

groups, _ := entities.ParseGroup(etcgroup)
groups, _ = entities.ParseGroup(etcgroup)
for name, group := range groups {
for _, w := range u.Groups {
if w == name {
Expand Down Expand Up @@ -205,11 +210,11 @@ func User(l logger.Interface, s schema.Stage, fs vfs.FS, console Console) error
for _, k := range users {
r := s.Users[k]
r.Name = k
if !s.Users[k].Exists() {
if !r.Exists() {
if err := createUser(fs, r, console); err != nil {
errs = multierror.Append(errs, err)
}
} else if s.Users[k].PasswordHash != "" {
} else if r.PasswordHash != "" {
if err := setUserPass(fs, r.Name, r.PasswordHash); err != nil {
return err
}
Expand Down

0 comments on commit 7821436

Please sign in to comment.