From f14efa1debc6cf20506e421b91d2e77479fba71c Mon Sep 17 00:00:00 2001 From: asmeron Date: Tue, 13 Feb 2024 21:17:14 +0600 Subject: [PATCH] Fix [users] USERADD GROUPADD --- ublinux/rc.preinit/01-inifile | 3 +- ublinux/rc.preinit/10-accounts | 87 +++++++++++++++++++++++++--------- 2 files changed, 65 insertions(+), 25 deletions(-) diff --git a/ublinux/rc.preinit/01-inifile b/ublinux/rc.preinit/01-inifile index b011000..57b17c9 100755 --- a/ublinux/rc.preinit/01-inifile +++ b/ublinux/rc.preinit/01-inifile @@ -31,7 +31,6 @@ SYSCONF="${ROOTFS}${SYSCONF}" [[ -f ${FILE_CONFIG} ]] || install -Dm0644 /dev/null ${FILE_CONFIG} FILE_ROOT_USERS="${SYSCONF}/.users_credential" [[ -f ${FILE_ROOT_USERS} ]] || install -Dm0600 /dev/null ${FILE_ROOT_USERS} - FILE_USERS="${SYSCONF}/users" while read LINE; do if [[ ${LINE} =~ ^'['([^[]*|[^]]*)']'[[:space:]]*([0-9]+|[augo]+[=+-]+[augorstwxX,=+-]*)?[[:space:]]*('['+(.*)']'+)?$ ]]; then FILE_CONFIG=${BASH_REMATCH[1]} @@ -54,7 +53,7 @@ SYSCONF="${ROOTFS}${SYSCONF}" NAME_VAR=${LINE%%=*} [[ ${LINE} != ${NAME_VAR} ]] || continue [[ -f ${FILE_CONFIG} && $(cat -n ${FILE_CONFIG}) =~ ($'\n'|^)+[[:blank:]]*([[:digit:]]+)[[:blank:]]*"${NAME_VAR}="[^$'\n']*($'\n'|$)+ ]] && sed "${BASH_REMATCH[2]}d" -i "${FILE_CONFIG}" - if [[ ${FILE_CONFIG} == ${FILE_USERS} && ${NAME_VAR} =~ ^("DEFAULTPASSWD"|"DEFAULTROOTPASSWD"|"NEEDEDUSERS"|"USERADD"|"GROUPADD") ]]; then + if [[ ${FILE_CONFIG##*/} == "users" && ${NAME_VAR} =~ ^("DEFAULTPASSWD"|"DEFAULTROOTPASSWD"|"NEEDEDUSERS"|"USERADD"|"GROUPADD") ]]; then echo "${LINE}" >> ${FILE_ROOT_USERS} if [[ ${NAME_VAR} == @("DEFAULTPASSWD"|"DEFAULTROOTPASSWD"|"NEEDEDUSERS") ]]; then true diff --git a/ublinux/rc.preinit/10-accounts b/ublinux/rc.preinit/10-accounts index 8f7ad46..6cafcff 100755 --- a/ublinux/rc.preinit/10-accounts +++ b/ublinux/rc.preinit/10-accounts @@ -328,17 +328,27 @@ exec_03_useradd(){ done 3< <(tr ';' '\n' <<< $(cmdline_value useradd)) if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]]; then [[ ${#USERADD[@]} == 0 ]] && USERADD[${DEFAULTUSER}]="Administrator:${ADMUID}:x:x:x:${DEFAULTPASSWD}" - exec_05_groupadd [[ ${NOSECUREROOTPASSWD} == ${DEFAULTROOTPASSWD} ]] && ADDADM=yes - while IFS= read -ru3 SELECT_USERNAME; do - # Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить параметр USERADD[.*] из '/etc/ublinux/users + useradd_local(){ + local SELECT_USERNAME=$1 if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then + # Вызов как исполнителя после ubconfig + # Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить хеш параметра USERADD[.*] в /etc/ublinux/users if [[ -f ${FILE_ROOT_USERS} ]]; then sed "/USERADD\[${SELECT_USERNAME}\]=/d" -i "${FILE_ROOT_USERS}" echo "USERADD[${SELECT_USERNAME}]='${USERADD[${SELECT_USERNAME}]}'" >> ${FILE_ROOT_USERS} fi [[ -f "${SYSCONF}/users" ]] && sed -E "s/(USERADD\[${SELECT_USERNAME}\]=[\'\"]?)([^:]*:[^:]*:[^:]*:[^:]*:[^:]*:)[^\'\"]*([\'\"]?)/\1\2\3/g" -i "${SYSCONF}/users" fi + if [[ ${USERADD_SYNC} =~ 'boot' || ${USERADD_SYNC[${SELECT_USERNAME}]} =~ 'boot' ]]; then + # Если указана обязательная синхронизация при каждом запуске, то пользователя удалить и создать нового + if [[ -x ${ROOTFS}/usr/bin/userdel ]]; then + ${CMD_CHROOT} /usr/bin/userdel -f "${SELECT_USERNAME}" 2>/dev/null + elif [[ -x ${ROOTFS}/usr/bin/busybox ]]; then + # busybox deluser + ${CMD_CHROOT} /usr/bin/busybox deluser ${SELECT_USERNAME} 2>/dev/null + fi + fi IFS=: read -r SELECT_GECOS SELECT_UID SELECT_GROUP SELECT_EXTRAGROUPS SELECT_OPTIONAL SELECT_PASSWORD NULL <<< "${USERADD[${SELECT_USERNAME}]}" [[ ${SELECT_GECOS,,} == "x" ]] && unset SELECT_GECOS [[ ${SELECT_UID,,} == "x" || ${SELECT_UID} =~ ^[^0-9]+$ ]] && unset SELECT_UID @@ -349,8 +359,16 @@ exec_03_useradd(){ [[ ${SELECT_PASSWORD} != @(""|'!*'|'!'|'*') ]] && SELECT_PASSWORD=$(return_hash_password hash ${HASHPASSWD} ${SELECT_PASSWORD}) # Если в дополнительных группа присутствует группа по имени пользователя, то удалить её из списка SELECT_EXTRAGROUPS=${SELECT_EXTRAGROUPS//${SELECT_USERNAME}/} - # Создадать группы из параметра - [[ ${SELECT_EXTRAGROUPS} == "" ]] || exec_01_add_groups "${SELECT_EXTRAGROUPS}" + # Создадать группы из параметра SELECT_EXTRAGROUPS + local SELECT_EXTRAGROUPS_TO_EXEC_01= + [[ -n ${SELECT_EXTRAGROUPS} ]] && while IFS= read -u4 ITEM_SELECT_EXTRAGROUP; do + if [[ -n ${GROUPADD[${ITEM_SELECT_EXTRAGROUP}]} ]]; then + exec_05_groupadd "GROUPADD[${ITEM_SELECT_EXTRAGROUP}]=${GROUPADD[${ITEM_SELECT_EXTRAGROUP}]}" + elif [[ ${ITEM_SELECT_EXTRAGROUP} != "" ]]; then + SELECT_EXTRAGROUPS_TO_EXEC_01+="${ITEM_SELECT_EXTRAGROUP}," + fi + done 4<<< "${SELECT_EXTRAGROUPS//,/$'\n'}" + [[ ${SELECT_EXTRAGROUPS_TO_EXEC_01} != "" ]] && exec_01_add_groups "${SELECT_EXTRAGROUPS_TO_EXEC_01%*,}" SELECT_EXTRAGROUPS="${SELECT_EXTRAGROUPS},${USERGROUPS}" [[ ${SELECT_UID} == ${ADMUID} && ${ADDADM} == "yes" ]] && SELECT_EXTRAGROUPS="${SELECT_EXTRAGROUPS},${ADMGROUPS}" SELECT_EXTRAGROUPS="${SELECT_EXTRAGROUPS//;/,}"; SELECT_EXTRAGROUPS="${SELECT_EXTRAGROUPS//,,/,}" @@ -358,23 +376,17 @@ exec_03_useradd(){ #echo "===> ${SELECT_USERNAME}=${SELECT_GECOS}:${SELECT_UID}:${SELECT_GROUP}:${SELECT_EXTRAGROUPS}:${SELECT_OPTIONAL}:${SELECT_PASSWORD}" #echo "===> ${SELECT_USERNAME}=${SELECT_GECOS}:${SELECT_UID}:${SELECT_GROUP}:${SELECT_EXTRAGROUPS}:${SELECT_OPTIONAL}" - # Если указана обязательная синхронизация при каждом запуске, то пользователя удалить и создать нового - if [[ ${USERADD_SYNC} =~ 'boot' || ${USERADD_SYNC[${SELECT_USERNAME}]} =~ 'boot' ]]; then - if [[ -x ${ROOTFS}/usr/bin/userdel ]]; then - ${CMD_CHROOT} /usr/bin/userdel -f "${SELECT_USERNAME}" 2>/dev/null - elif [[ -x ${ROOTFS}/usr/bin/busybox ]]; then - # busybox deluser - ${CMD_CHROOT} /usr/bin/busybox deluser ${SELECT_USERNAME} 2>/dev/null - fi - fi - # Проверяем наличие пользователя в системе ARG_SELECT_UID=; ARG_SELECT_GROUP=; ARG_SELECT_GECOS=; ARG_SELECT_PASSWORD=; ARG_SELECT_OPTIONAL=; if [[ ! $(cat ${FILE_PASSWD} 2>/dev/null) =~ ($'\n'|^)+"${SELECT_USERNAME}": ]]; then + # Проверяем наличие пользователя в системе [[ -n ${SELECT_UID} && ${SELECT_UID} != 0 ]] && ARG_SELECT_UID="--uid ${SELECT_UID}" || unset ARG_SELECT_UID # Если указана основная группа, но она не создана, то создать unset ARG_GROUPADD_GID ARG_GROUPADD_GROUPNAME - # Если группа не найдена - if [[ -n ${SELECT_GROUP} && ! $(cat ${FILE_GROUP}) =~ ($'\n'|^)+(${SELECT_GROUP}:|[^$'\n']*:${SELECT_GROUP}:) ]]; then + if [[ -n ${SELECT_GROUP} && -n ${GROUPADD[${SELECT_GROUP}]} ]]; then + # Если группа указана и присутствует в списке групп GROUPADD[.] + exec_05_groupadd "GROUPADD[${SELECT_GROUP}]=${GROUPADD[${SELECT_GROUP}]}" + elif [[ -n ${SELECT_GROUP} && ! $(cat ${FILE_GROUP}) =~ ($'\n'|^)+(${SELECT_GROUP}:|[^$'\n']*:${SELECT_GROUP}:) ]]; then + # Если группа указана и не найдена в файле shadow # Группа имет цифровой GID и номер GID=UID if [[ ${SELECT_GROUP} =~ ^[[:digit:]]+$ && ${SELECT_GROUP} == ${SELECT_UID} ]]; then #ARG_GROUPADD_GID=" --gid ${SELECT_GROUP}" @@ -400,10 +412,13 @@ exec_03_useradd(){ [[ -n ${SELECT_GROUP} ]] && ARG_SELECT_GROUP="--gid ${SELECT_GROUP}" || unset ARG_SELECT_GROUP [[ -n ${SELECT_PASSWORD} ]] && ARG_SELECT_PASSWORD="--password ${SELECT_PASSWORD}" || unset ARG_SELECT_PASSWORD ARG_SELECT_OPTIONAL="${SELECT_OPTIONAL}" - [[ ${SELECT_OPTIONAL} =~ ("-o"|"--non-unique") ]] && [[ -n ${ARG_SELECT_GROUP} ]] || { SELECT_OPTIONAL=${SELECT_OPTIONAL//-o/}; SELECT_OPTIONAL=${SELECT_OPTIONAL//--non-unique/}; } + [[ ${SELECT_OPTIONAL} =~ ("-o"|"--non-unique") ]] && [[ -n ${ARG_SELECT_UID} ]] || { ARG_SELECT_OPTIONAL=${ARG_SELECT_OPTIONAL//-o/}; ARG_SELECT_OPTIONAL=${ARG_SELECT_OPTIONAL//--non-unique/}; } [[ ${SELECT_OPTIONAL} =~ ("-M"|"--no-create-home") ]] || { [[ -d "${ROOTFS}${PATH_HOME}/${SELECT_USERNAME}" ]] || ARG_SELECT_OPTIONAL+=" --create-home"; } [[ ${SELECT_OPTIONAL} =~ ("-N"|"--no-user-group") ]] || { [[ -z ${SELECT_GROUP} ]] && ARG_SELECT_OPTIONAL+=" --user-group"; } ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${ARG_SELECT_OPTIONAL} ${SELECT_USERNAME} #>/dev/null 2>&1 + [[ $? -eq 0 ]] || { echo "Try 2:useradd"; ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; } + [[ $? -eq 0 ]] || { echo "Try 3:useradd"; ${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${SELECT_USERNAME}; } + [[ $? -eq 0 ]] || { echo "Try 4:useradd"; ${CMD_CHROOT} /usr/bin/useradd ${SELECT_USERNAME}; } elif [[ -x ${ROOTFS}/usr/bin/busybox ]]; then # busybox adduser [[ -n ${SELECT_GECOS} ]] && ARG_SELECT_GECOS="-g ${SELECT_GECOS}" || unset ARG_SELECT_GECOS @@ -414,7 +429,7 @@ exec_03_useradd(){ set_passwd "${SELECT_USERNAME}" "${SELECT_PASSWORD}" fi if [[ -x ${ROOTFS}/usr/bin/usermod ]]; then - # Добавляем пользователя в основную группу + # Добавляем пользователя в основную группу #${CMD_CHROOT} /usr/bin/usermod -a -G ${SELECT_EXTRAGROUPS%*,} ${SELECT_USERNAME} #>/dev/null 2>&1 # Добавляем пользователя в дополнительные группы ${CMD_CHROOT} /usr/bin/usermod -a -G ${SELECT_EXTRAGROUPS%*,} ${SELECT_USERNAME} #>/dev/null 2>&1 @@ -435,7 +450,19 @@ exec_03_useradd(){ || ${UPDATEHOME[${SELECT_USERNAME}],,} == @(yes|y|enable) ]]; then create_home "${SELECT_USERNAME}" "${SELECT_GROUP}" force fi + } + # Обработать всех пользователей у которых указан UID + local LIST_USERADD_UID= LIST_USERADD_NOUID= + while IFS= read -ru3 SELECT_USERNAME; do + IFS=: read -r SELECT_GECOS SELECT_UID SELECT_GROUP SELECT_EXTRAGROUPS SELECT_OPTIONAL SELECT_PASSWORD NULL <<< "${USERADD[${SELECT_USERNAME}]}" + if [[ ${SELECT_UID} =~ ^[0-9]+$ ]] ; then + LIST_USERADD_UID+="useradd_local ${SELECT_USERNAME}; " + else + LIST_USERADD_NOUID+="useradd_local ${SELECT_USERNAME}; " + fi done 3< <(printf "%s\n" "${!USERADD[@]}") + eval "${LIST_USERADD_UID}" + eval "${LIST_USERADD_NOUID}" elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then if [[ ${PARAM%%=*} =~ ^.*'['(.*)']' ]]; then # Удалим пользователей только тех кто содержиться в файле учетных данных ${FILE_ROOT_USERS} @@ -559,7 +586,8 @@ exec_05_groupadd(){ [[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}" fi if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ ${#GROUPADD[@]} != 0 ]]; then - while IFS= read -ru3 SELECT_GROUP; do + groupadd_local(){ + local SELECT_GROUP=$1 # Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить параметр GROUPADD[.*] из '/etc/ublinux/users if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then if [[ -f ${FILE_ROOT_USERS} ]]; then @@ -593,8 +621,11 @@ exec_05_groupadd(){ if [[ -x ${ROOTFS}/usr/bin/groupadd ]]; then #${CMD_CHROOT} /usr/bin/groupadd --force ${ARG_SELECT_USERS} ${ARG_SELECT_GID} ${SELECT_OPTIONAL} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP} ${CMD_CHROOT} /usr/bin/groupadd --force ${ARG_SELECT_GID} ${SELECT_OPTIONAL} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP} + [[ $? -eq 0 ]] || { echo "Try 2: groupadd"; ${CMD_CHROOT} /usr/bin/groupadd --force ${ARG_SELECT_GID} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP} ; } + [[ $? -eq 0 ]] || { echo "Try 3: groupadd"; ${CMD_CHROOT} /usr/bin/groupadd --force ${ARG_SELECT_PASSWORD} ${SELECT_GROUP} ; } + [[ $? -eq 0 ]] || { echo "Try 4: groupadd"; ${CMD_CHROOT} /usr/bin/groupadd --force ${SELECT_GROUP} ; } elif [[ -x ${ROOTFS}/usr/bin/busybox ]]; then - true + true # Задаём пароль группе # set_gpasswd "${SELECT_GROUP}" "${SELECT_PASSWORD}" fi @@ -606,7 +637,7 @@ exec_05_groupadd(){ #${CMD_CHROOT} /usr/bin/groupmod --append ${ARG_SELECT_USERS} ${ARG_SELECT_GID} ${ARG_NON_UNIQUE} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP} ${CMD_CHROOT} /usr/bin/groupmod ${ARG_SELECT_GID} ${ARG_NON_UNIQUE} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP} elif [[ -x ${ROOTFS}/usr/bin/busybox ]]; then - true + true # Задаём пароль группе # set_gpasswd "${SELECT_GROUP}" "${SELECT_PASSWORD}" fi @@ -635,8 +666,18 @@ exec_05_groupadd(){ true fi fi + } + local LIST_GROUPADD_GID= LIST_GROUPADD_NOGID= + while IFS= read -ru3 SELECT_GROUP; do + IFS=: read -r SELECT_USERS SELECT_GID SELECT_OPTIONAL SELECT_ADMINISTRATORS SELECT_PASSWORD NULL <<< "${GROUPADD[${SELECT_GROUP}]}" + if [[ ${SELECT_GID} =~ ^[0-9]+$ ]] ; then + LIST_GROUPADD_GID+="groupadd_local ${SELECT_GROUP}; " + else + LIST_GROUPADD_NOGID+="groupadd_local ${SELECT_GROUP}; " + fi done 3< <(printf "%s\n" "${!GROUPADD[@]}") - # Выполнить отдельно только если указан параметр функции + eval "${LIST_GROUPADD_GID}" + eval "${LIST_GROUPADD_NOGID}" elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then if [[ ${PARAM%%=*} =~ ^.*'['(.*)']' ]]; then SELECT_GROUP=${BASH_REMATCH[1]}