This makes a couple of changes:
- fixes bogus access test on libuser.conf in createLuserConf()
- adds appropriate logging to createLuserConf()
- createLuserConf returns the path it created.
- Users.* no longer chroot+del LIBUSER_CONF if the new root is /
---
users.py | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++---------
1 files changed, 60 insertions(+), 11 deletions(-)
diff --git a/users.py b/users.py
index 57e68fa..015b588 100644
--- a/users.py
+++ b/users.py
@@ -32,12 +32,22 @@ log = logging.getLogger("anaconda")
def createLuserConf(instPath, algoname='sha512'):
"""Writes a libuser.conf for instPath."""
- if os.getenv("LIBUSER_CONF") and \
- os.access(os.environ["LIBUSER_CONF"], os.R_OK):
+ createTmp = False
+ try:
fn = os.environ["LIBUSER_CONF"]
+ if os.access(fn, os.F_OK):
+ log.info("removing libuser.conf at %s" % (os.getenv("LIBUSER_CONF")))
+ os.unlink(fn)
+ log.info("created new libuser.conf at %s with instPath=\"%s\"" % \
+ (fn,instPath))
fd = open(fn, 'w')
- else:
+ except:
+ createTmp = True
+
+ if createTmp:
(fp, fn) = tempfile.mkstemp(prefix="libuser.")
+ log.info("created new libuser.conf at %s with instPath=\"%s\"" % \
+ (fn,instPath))
fd = os.fdopen(fp, 'w')
buf = """
@@ -57,6 +67,8 @@ directory = %(instPath)s/etc
fd.close()
os.environ["LIBUSER_CONF"] = fn
+ return fn
+
# These are explained in crypt/crypt-entry.c in glibc's code. The prefixes
# we use for the different crypt salts:
# $1$ MD5
@@ -88,9 +100,10 @@ class Users:
childpid = os.fork()
if not childpid:
- os.chroot(root)
+ if not root in ["","/"]:
+ os.chroot(root)
+ del(os.environ["LIBUSER_CONF"])
- del(os.environ["LIBUSER_CONF"])
self.admin = libuser.admin()
try:
@@ -125,9 +138,10 @@ class Users:
childpid = os.fork()
if not childpid:
- os.chroot(root)
+ if not root in ["","/"]:
+ os.chroot(root)
+ del(os.environ["LIBUSER_CONF"])
- del(os.environ["LIBUSER_CONF"])
self.admin = libuser.admin()
try:
@@ -195,12 +209,47 @@ class Users:
def setRootPassword(self, password, isCrypted, lock, algo=None):
rootUser = self.admin.lookupUserByName("root")
+ def checkUserExists(self, username, root="/mnt/sysimage"):
+ childpid = os.fork()
+
+ if not childpid:
+ if not root in ["","/"]:
+ os.chroot(root)
+ del(os.environ["LIBUSER_CONF"])
+
+ self.admin = libuser.admin()
+
+ try:
+ if self.admin.lookupUserByName(username):
+ os._exit(0)
+ except Exception, e:
+ log.critical("Error when searching for user: %s" % str(e))
+ os._exit(1)
+
+ try:
+ (pid, status) = os.waitpid(childpid, 0)
+ except OSError as e:
+ log.critical("exception from waitpid while creating a user: %s %s" % (e.errno, e.strerror))
+ return False
+
+ if os.WIFEXITED(status) and (os.WEXITSTATUS(status) == 0):
+ return True
+ else:
+ return False
+
+ def setUserPassword(self, username, password, isCrypted, lock, algo=None):
+ user = self.admin.lookupUserByName(username)
+
if isCrypted:
- self.admin.setpassUser(rootUser, password, True)
+ self.admin.setpassUser(user, password, True)
else:
- self.admin.setpassUser(rootUser, cryptPassword(password, algo=algo), True)
+ self.admin.setpassUser(user, cryptPassword(password, algo=algo), True)
if lock:
- self.admin.lockUser(rootUser)
+ self.admin.lockUser(user)
+
+ self.admin.modifyUser(user)
+
+ def setRootPassword(self, password, isCrypted, lock, algo=None):
+ return self.setUserPassword("root", password, isCrypted, lock, algo)
- self.admin.modifyUser(rootUser)
--
1.6.5.rc2
_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
