* [PATCH 1/2] useradd.bbclass: new class for managing user/group permissions
2011-07-01 5:11 [PATCH 0/2] useradd.bbclass: new class for managing user/group permissions [v3] Scott Garman
@ 2011-07-01 5:11 ` Scott Garman
2011-07-01 5:11 ` [PATCH 2/2] useradd-example: example recipe for using inherit useradd Scott Garman
2011-07-01 15:54 ` [PATCH 0/2] useradd.bbclass: new class for managing user/group permissions [v3] Richard Purdie
2 siblings, 0 replies; 4+ messages in thread
From: Scott Garman @ 2011-07-01 5:11 UTC (permalink / raw)
To: openembedded-core; +Cc: Scott Garman
This class is to be used by recipes that need to set up specific
user/group accounts and set custom file/directory permissions.
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
---
meta/classes/useradd.bbclass | 156 ++++++++++++++++++++++++++++++++++++++++++
1 files changed, 156 insertions(+), 0 deletions(-)
create mode 100644 meta/classes/useradd.bbclass
diff --git a/meta/classes/useradd.bbclass b/meta/classes/useradd.bbclass
new file mode 100644
index 0000000..ba8d8dc
--- /dev/null
+++ b/meta/classes/useradd.bbclass
@@ -0,0 +1,156 @@
+USERADDPN ?= "${PN}"
+
+# base-passwd-cross provides the default passwd and group files in the
+# target sysroot, and shadow -native and -sysroot provide the utilities
+# and support files needed to add and modify user and group accounts
+DEPENDS_append = " base-passwd shadow-native shadow-sysroot"
+RDEPENDS_${USERADDPN}_append = " base-passwd shadow"
+
+# This preinstall function will be run in two contexts: once for the
+# native sysroot (as invoked by the useradd_sysroot() wrapper), and
+# also as the preinst script in the target package.
+useradd_preinst () {
+OPT=""
+SYSROOT=""
+
+if test "x$D" != "x"; then
+ # Installing into a sysroot
+ SYSROOT="${STAGING_DIR_TARGET}"
+ OPT="--root ${STAGING_DIR_TARGET}"
+
+ # Add groups and users defined for all recipe packages
+ GROUPADD_PARAM="${@get_all_cmd_params(d, 'group')}"
+ USERADD_PARAM="${@get_all_cmd_params(d, 'user')}"
+else
+ # Installing onto a target
+ # Add groups and users defined only for this package
+ GROUPADD_PARAM="${GROUPADD_PARAM}"
+ USERADD_PARAM="${USERADD_PARAM}"
+fi
+
+# Perform group additions first, since user additions may depend
+# on these groups existing
+if test "x$GROUPADD_PARAM" != "x"; then
+ echo "Running groupadd commands..."
+ # Invoke multiple instances of groupadd for parameter lists
+ # separated by ';'
+ opts=`echo "$GROUPADD_PARAM" | cut -d ';' -f 1`
+ remaining=`echo "$GROUPADD_PARAM" | cut -d ';' -f 2-`
+ while test "x$opts" != "x"; do
+ eval $PSEUDO groupadd -f $OPT $opts
+
+ if test "x$opts" = "x$remaining"; then
+ break
+ fi
+ opts=`echo "$remaining" | cut -d ';' -f 1`
+ remaining=`echo "$remaining" | cut -d ';' -f 2-`
+ done
+fi
+
+if test "x$USERADD_PARAM" != "x"; then
+ echo "Running useradd commands..."
+ # Invoke multiple instances of useradd for parameter lists
+ # separated by ';'
+ opts=`echo "$USERADD_PARAM" | cut -d ';' -f 1`
+ remaining=`echo "$USERADD_PARAM" | cut -d ';' -f 2-`
+ while test "x$opts" != "x"; do
+ # useradd does not have a -f option, so we have to check if the
+ # username already exists manually
+ username=`echo "$opts" | awk '{ print $NF }'`
+ user_exists=`grep "^$username:" $SYSROOT/etc/passwd || true`
+ if test "x$user_exists" = "x"; then
+ eval $PSEUDO useradd $OPT $opts
+ else
+ echo "Note: username $username already exists, not re-creating it"
+ fi
+
+ if test "x$opts" = "x$remaining"; then
+ break
+ fi
+ opts=`echo "$remaining" | cut -d ';' -f 1`
+ remaining=`echo "$remaining" | cut -d ';' -f 2-`
+ done
+fi
+}
+
+useradd_sysroot () {
+ export PSEUDO="${STAGING_DIR_NATIVE}/usr/bin/pseudo"
+ export PSEUDO_LOCALSTATEDIR="${STAGING_DIR_TARGET}/var/pseudo"
+
+ # Explicitly set $D since it isn't set to anything
+ # before do_install
+ D=${D}
+ useradd_preinst
+}
+
+useradd_sysroot_sstate () {
+ if [ "${BB_CURRENTTASK}" = "populate_sysroot_setscene" ]
+ then
+ useradd_sysroot
+ fi
+}
+
+do_install[prefuncs] += "useradd_sysroot"
+SSTATEPOSTINSTFUNCS += "useradd_sysroot_sstate"
+
+# Recipe parse-time sanity checks
+def update_useradd_after_parse(d):
+ if not d.getVar('USERADD_PACKAGES', False):
+ if not d.getVar('USERADD_PARAM', False) and not d.getVar('GROUPADD_PARAM', False):
+ raise bb.build.FuncFailed, "%s inherits useradd but doesn't set USERADD_PARAM or GROUPADD_PARAM" % bb.data.getVar('FILE', d)
+
+python __anonymous() {
+ update_useradd_after_parse(d)
+}
+
+# Return a single [GROUP|USER]ADD_PARAM formatted string which includes the
+# [group|user]add parameters for all packages in this recipe
+def get_all_cmd_params(d, cmd_type):
+ import string
+
+ param_type = cmd_type.upper() + "ADD_PARAM_%s"
+ params = []
+
+ pkgs = d.getVar('USERADD_PACKAGES', True)
+ if not pkgs:
+ pkgs = d.getVar('USERADDPN', True)
+ packages = (d.getVar('PACKAGES', True) or "").split()
+ if packages and pkgs not in packages:
+ pkgs = packages[0]
+
+ for pkg in pkgs.split():
+ param = d.getVar(param_type % pkg, True)
+ if param:
+ params.append(param)
+
+ return string.join(params, "; ")
+
+# Adds the preinst script into generated packages
+fakeroot python populate_packages_prepend () {
+ def update_useradd_package(pkg):
+ bb.debug(1, 'adding user/group calls to preinst for %s' % pkg)
+
+ """
+ useradd preinst is appended here because pkg_preinst may be
+ required to execute on the target. Not doing so may cause
+ useradd preinst to be invoked twice, causing unwanted warnings.
+ """
+ preinst = d.getVar('pkg_preinst_%s' % pkg, True) or d.getVar('pkg_preinst', True)
+ if not preinst:
+ preinst = '#!/bin/sh\n'
+ preinst += d.getVar('useradd_preinst', True)
+ bb.data.setVar('pkg_preinst_%s' % pkg, preinst, d)
+
+ # We add the user/group calls to all packages to allow any package
+ # to contain files owned by the users/groups defined in the recipe.
+ # The user/group addition code is careful not to create duplicate
+ # entries, so this is safe.
+ pkgs = d.getVar('USERADD_PACKAGES', True)
+ if not pkgs:
+ pkgs = d.getVar('USERADDPN', True)
+ packages = (d.getVar('PACKAGES', True) or "").split()
+ if packages and pkgs not in packages:
+ pkgs = packages[0]
+ for pkg in pkgs.split():
+ update_useradd_package(pkg)
+}
--
1.7.1
^ permalink raw reply related [flat|nested] 4+ messages in thread* [PATCH 2/2] useradd-example: example recipe for using inherit useradd
2011-07-01 5:11 [PATCH 0/2] useradd.bbclass: new class for managing user/group permissions [v3] Scott Garman
2011-07-01 5:11 ` [PATCH 1/2] useradd.bbclass: new class for managing user/group permissions Scott Garman
@ 2011-07-01 5:11 ` Scott Garman
2011-07-01 15:54 ` [PATCH 0/2] useradd.bbclass: new class for managing user/group permissions [v3] Richard Purdie
2 siblings, 0 replies; 4+ messages in thread
From: Scott Garman @ 2011-07-01 5:11 UTC (permalink / raw)
To: openembedded-core; +Cc: Scott Garman
An example recipe for demonstrating/documenting how user and
group manipulation is done with 'inherit useradd'
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
---
.../recipes-skeleton/useradd/useradd-example.bb | 76 ++++++++++++++++++++
1 files changed, 76 insertions(+), 0 deletions(-)
create mode 100644 meta-skeleton/recipes-skeleton/useradd/useradd-example.bb
create mode 100644 meta-skeleton/recipes-skeleton/useradd/useradd-example/file1
create mode 100644 meta-skeleton/recipes-skeleton/useradd/useradd-example/file2
create mode 100644 meta-skeleton/recipes-skeleton/useradd/useradd-example/file3
create mode 100644 meta-skeleton/recipes-skeleton/useradd/useradd-example/file4
diff --git a/meta-skeleton/recipes-skeleton/useradd/useradd-example.bb b/meta-skeleton/recipes-skeleton/useradd/useradd-example.bb
new file mode 100644
index 0000000..02d56f6
--- /dev/null
+++ b/meta-skeleton/recipes-skeleton/useradd/useradd-example.bb
@@ -0,0 +1,76 @@
+SUMMARY = "Example recipe for using inherit useradd"
+DESCRIPTION = "This recipe serves as an example for using features from useradd.bbclass"
+SECTION = "examples"
+PR = "r0"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3b58 \
+ file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384361b4de20420"
+
+SRC_URI = "file://file1 \
+ file://file2 \
+ file://file3 \
+ file://file4"
+
+S = "${WORKDIR}"
+
+PACKAGES =+ "${PN}-user3"
+
+inherit useradd
+
+# Specify which package(s) should include the user/group code.
+# Make sure that any packages which install files owned by custom
+# users/groups are included here. The code which adds users and
+# groups is idempotent.
+USERADD_PACKAGES = "${PN} ${PN}-user3"
+
+# You *must* set USERADD_PARAM and/or GROUPADD_PARAM when
+# you inherit useradd.
+
+# USERADD_PARAM specifies command line options to pass to the
+# useradd command. Multiple users can be created by separating
+# the commands with a semicolon. Here we'll create two users,
+# user1 and user2:
+USERADD_PARAM_${PN} = "-u 1200 -d /home/user1 -r -s /bin/bash user1; -u 1201 -d /home/user2 -r -s /bin/bash user2"
+
+# user3 will be managed in the useradd-example-user3 pacakge:
+USERADD_PARAM_${PN}-user3 = "-u 1202 -d /home/user3 -r -s /bin/bash user3"
+
+# GROUPADD_PARAM works the same way, which you set to the options
+# you'd normally pass to the groupadd command. This will create
+# groups group1 and group2:
+GROUPADD_PARAM_${PN} = "-g 880 group1; -g 890 group2"
+
+# Likewise, we'll manage group3 in the useradd-example-user3 package:
+GROUPADD_PARAM_${PN}-user3 = "-g 900 group3"
+
+do_install () {
+ install -d -m 755 ${D}/usr/share/user1
+ install -d -m 755 ${D}/usr/share/user2
+ install -d -m 755 ${D}/usr/share/user3
+
+ install -p -m 644 file1 ${D}/usr/share/user1/
+ install -p -m 644 file2 ${D}/usr/share/user1/
+
+ install -p -m 644 file2 ${D}/usr/share/user2/
+ install -p -m 644 file3 ${D}/usr/share/user2/
+
+ install -p -m 644 file3 ${D}/usr/share/user3/
+ install -p -m 644 file4 ${D}/usr/share/user3/
+
+ # The new users and groups are created before the do_install
+ # step, so you are now free to make use of them:
+ chown -R user1 ${D}/usr/share/user1
+ chown -R user2 ${D}/usr/share/user2
+ chown -R user3 ${D}/usr/share/user3
+
+ chgrp -R group1 ${D}/usr/share/user1
+ chgrp -R group2 ${D}/usr/share/user2
+ chgrp -R group3 ${D}/usr/share/user3
+}
+
+FILES_${PN} = "/usr/share/user1/* /usr/share/user2/*"
+FILES_${PN}-user3 = "/usr/share/user3/*"
+
+# Prevents do_package failures with:
+# debugsources.list: No such file or directory:
+INHIBIT_PACKAGE_DEBUG_SPLIT = "1"
diff --git a/meta-skeleton/recipes-skeleton/useradd/useradd-example/file1 b/meta-skeleton/recipes-skeleton/useradd/useradd-example/file1
new file mode 100644
index 0000000..e69de29
diff --git a/meta-skeleton/recipes-skeleton/useradd/useradd-example/file2 b/meta-skeleton/recipes-skeleton/useradd/useradd-example/file2
new file mode 100644
index 0000000..e69de29
diff --git a/meta-skeleton/recipes-skeleton/useradd/useradd-example/file3 b/meta-skeleton/recipes-skeleton/useradd/useradd-example/file3
new file mode 100644
index 0000000..e69de29
diff --git a/meta-skeleton/recipes-skeleton/useradd/useradd-example/file4 b/meta-skeleton/recipes-skeleton/useradd/useradd-example/file4
new file mode 100644
index 0000000..e69de29
--
1.7.1
^ permalink raw reply related [flat|nested] 4+ messages in thread