mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-07 13:06:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix(make_chroot): Improve chroot user creation.

Browse Source 
If the user already exists check that the UID and GID are correct and
modify it (setting shell and home directory) to match what the SDK
expects. This avoids needlessly failing if the user calling cros_sdk is
the 'core' user on a CoreOS machine.

Change new-user creation to copy the user's full name and group instead
of using a generic name and Google's 'eng' group. Also remove the
default password for the account, it isn't needed and uses perl.
This commit is contained in:
Michael Marineau 2013-08-24 23:34:15 -04:00
parent bf0a37a0f4
commit 6c2f9a9ffb
1 changed files with 30 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
sdk_lib/make_chroot.sh
View File

@ -71,10 +71,7 @@ switch_to_strict_mode
. "${SCRIPT_ROOT}"/sdk_lib/make_conf_util.sh . "${SCRIPT_ROOT}"/sdk_lib/make_conf_util.sh
FULLNAME="ChromeOS Developer" DEFGROUPS="adm,cdrom,floppy,audio,video,portage"
DEFGROUPS="eng,adm,cdrom,floppy,audio,video,portage"
PASSWORD=chronos
CRYPTED_PASSWD=$(perl -e 'print crypt($ARGV[0], "foo")', $PASSWORD)
USEPKG="" USEPKG=""
if [[ $FLAGS_usepkg -eq $FLAGS_TRUE ]]; then if [[ $FLAGS_usepkg -eq $FLAGS_TRUE ]]; then
@ -139,19 +136,35 @@ delete_existing() {
} }
init_users () { init_users () {
info "Adding user/group..." if grep -q "^${SUDO_USER}:[^:]*:${SUDO_UID}:${SUDO_GID}:" \
# Add ourselves as a user inside the chroot. "${FLAGS_chroot}/etc/passwd"; then
bare_chroot groupadd -g 5000 eng info "Updating ${SUDO_USER} (already exists in chroot)..."
# We need the UID to match the host user's. This can conflict with bare_chroot usermod -a -G "${DEFGROUPS}" \
# a particular chroot UID. At the same time, the added user has to -s /bin/bash -m -d "/home/${SUDO_USER}" "${SUDO_USER}"
# be a primary user for the given UID for sudo to work, which is elif grep -q "^${SUDO_USER}:" "${FLAGS_chroot}/etc/passwd"; then
# determined by the order in /etc/passwd. Let's put ourselves on top die "User ${SUDO_USER} exists in chroot with different UID/GID"
# of the file. else
bare_chroot useradd -o -G ${DEFGROUPS} -g eng -u ${SUDO_UID} -s \ info "Adding user ${SUDO_USER}..."
/bin/bash -m -c "${FULLNAME}" -p ${CRYPTED_PASSWD} ${SUDO_USER} local full_name group_name
# Because passwd generally isn't sorted and the entry ended up at the full_name=$(getent passwd "${SUDO_USER}" | cut -d: -f5)
# bottom, it is safe to just take it and move it to top instead. [[ -n "${full_name}" ]] || die "Looking up user $SUDO_USER failed."
sed -e '1{h;d};$!{H;d};$G' -i "${FLAGS_chroot}/etc/passwd" group_name=$(getent group "${SUDO_GID}" | cut -d: -f1)
[[ -n "${group_name}" ]] || die "Looking up gid $SUDO_GID failed."
# We need the UID to match the host user's. This can conflict with
# a particular chroot UID. At the same time, the added user has to
# be a primary user for the given UID for sudo to work, which is
# determined by the order in /etc/passwd. Let's put ourselves on top
# of the file.
bare_chroot groupadd -o -g "${SUDO_GID}" "${group_name}"
bare_chroot useradd -o \
-G "${DEFGROUPS}" -g "${SUDO_GID}" -u "${SUDO_UID}" \
-s /bin/bash -m -c "${full_name}" "${SUDO_USER}"
# Because passwd generally isn't sorted and the entry ended up at the
# bottom, it is safe to just take it and move it to top instead.
sed -e '1{h;d};$!{H;d};$G' -i "${FLAGS_chroot}/etc/group"
sed -e '1{h;d};$!{H;d};$G' -i "${FLAGS_chroot}/etc/passwd"
fi
} }
init_setup () { init_setup () {