[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lmi-commits] [lmi] master b745ce9 5/5: Make chroots' user ids match hos
|
From: |
Greg Chicares |
|
Subject: |
[lmi-commits] [lmi] master b745ce9 5/5: Make chroots' user ids match host's |
|
Date: |
Thu, 18 Jun 2020 22:42:57 -0400 (EDT) |
branch: master
commit b745ce94398edda2dacff74895eb6712897dcc47
Author: Gregory W. Chicares <gchicares@sbcglobal.net>
Commit: Gregory W. Chicares <gchicares@sbcglobal.net>
Make chroots' user ids match host's
---
lmi_setup_00.sh | 12 ++++++++++--
lmi_setup_24.sh | 17 +++++++++++------
lmi_setup_24c.sh | 17 +++++++++++------
3 files changed, 32 insertions(+), 14 deletions(-)
diff --git a/lmi_setup_00.sh b/lmi_setup_00.sh
index d152495..a8aa4b0 100755
--- a/lmi_setup_00.sh
+++ b/lmi_setup_00.sh
@@ -39,7 +39,6 @@ fi
# variables across sudo and schroot barriers.
NORMAL_USER=$(id -un "$(logname)")
- NORMAL_USER_UID=$(id -u "$(logname)")
if getent group lmi; then
NORMAL_GROUP=lmi
@@ -51,14 +50,23 @@ else
CHROOT_USERS=$(id -un "$(logname)")
fi
+CHROOT_UIDS=
+for user in $(echo "${CHROOT_USERS}" | tr ',' ' '); do
+ uid=$(id -u "${user}")
+ [ -z "${uid}" ] && echo "Oops."
+ CHROOT_UIDS="${CHROOT_UIDS},${uid}"
+done
+# Remove leading delimiter.
+CHROOT_UIDS=$(echo "${CHROOT_UIDS}" | sed -e's/^,//')
+
cat >/tmp/schroot_env <<EOF
set -v
+ CHROOT_UIDS=$CHROOT_UIDS
CHROOT_USERS=$CHROOT_USERS
GIT_URL_BASE=$GIT_URL_BASE
NORMAL_GROUP=$NORMAL_GROUP
NORMAL_GROUP_GID=$NORMAL_GROUP_GID
NORMAL_USER=$NORMAL_USER
- NORMAL_USER_UID=$NORMAL_USER_UID
set +v
EOF
chmod 0666 /tmp/schroot_env
diff --git a/lmi_setup_24.sh b/lmi_setup_24.sh
index 8a5e1b5..4dad7e8 100755
--- a/lmi_setup_24.sh
+++ b/lmi_setup_24.sh
@@ -34,8 +34,17 @@ groupadd --gid="${NORMAL_GROUP_GID}" "${NORMAL_GROUP}"
# Add an 'lmi' group, which may be useful in a multi-user chroot.
getent group 1001 || groupadd --gid=1001 lmi || echo "Oops."
-for user in $(echo "${CHROOT_USERS}" | tr ',' '\n'); do
+i=1
+while true
+do
{
+ uid=$( echo "${CHROOT_UIDS}" | cut -d ',' -f"${i}")
+ user=$(echo "${CHROOT_USERS}" | cut -d ',' -f"${i}")
+ if [ -z "${user}" ] && [ -z "${uid}" ] ; then break; fi
+ if [ -z "${user}" ] || [ -z "${uid}" ] ; then echo "Oops."; exit 9; fi
+ # Now ${user} and ${uid} have corresponding values.
+ i=$((i + 1))
+
# Add a normal user, setting its shell and groups.
#
# No attempt is made to set a real password, because that can't be
@@ -52,16 +61,12 @@ for user in $(echo "${CHROOT_USERS}" | tr ',' '\n'); do
useradd \
--gid="${NORMAL_GROUP_GID}" \
+ --uid="${uid}" \
--create-home \
--shell=/bin/zsh \
--password="$(openssl passwd -1 --salt '' expired)" \
"${user}"
- # Try to make the "normal" user's UID match its UID on the host.
- if [ "${NORMAL_USER}" = "${user}" ]; then
- usermod -u "${NORMAL_USER_UID}" "${NORMAL_USER}" || echo "Oops."
- fi
-
usermod -aG lmi "${user}" || echo "Oops."
usermod -aG sudo "${user}" || echo "Oops."
diff --git a/lmi_setup_24c.sh b/lmi_setup_24c.sh
index d289b94..a9adff5 100755
--- a/lmi_setup_24c.sh
+++ b/lmi_setup_24c.sh
@@ -34,24 +34,29 @@ groupadd --gid="${NORMAL_GROUP_GID}" "${NORMAL_GROUP}"
# Add an 'lmi' group, which may be useful in a multi-user chroot.
getent group 1001 || groupadd --gid=1001 lmi || echo "Oops."
-for user in $(echo "${CHROOT_USERS}" | tr ',' '\n'); do
+i=1
+while true
+do
{
+ uid=$( echo "${CHROOT_UIDS}" | cut -d ',' -f"${i}")
+ user=$(echo "${CHROOT_USERS}" | cut -d ',' -f"${i}")
+ if [ -z "${user}" ] && [ -z "${uid}" ] ; then break; fi
+ if [ -z "${user}" ] || [ -z "${uid}" ] ; then echo "Oops."; exit 9; fi
+ # Now ${user} and ${uid} have corresponding values.
+ i=$((i + 1))
+
# Add a normal user, setting its shell and groups.
#
# This minimal centos chroot lacks openssl, so hardcode a password.
useradd \
--gid="${NORMAL_GROUP_GID}" \
+ --uid="${uid}" \
--create-home \
--shell=/bin/zsh \
--password="\$1\$\$AYD8bMyx6ho3BnmO3jjb60" \
"${user}"
- # Try to make the "normal" user's UID match its UID on the host.
- if [ "${NORMAL_USER}" = "${user}" ]; then
- usermod -u "${NORMAL_USER_UID}" || echo "Oops."
- fi
-
usermod -aG lmi "${user}" || echo "Oops."
# Where debian has a 'sudo' group, redhat has a 'wheel' group.