Merge remote-tracking branch 'dheule/type__user'

This commit is contained in:
Nico Schottelius 2013-12-20 08:45:37 +01:00
commit 7fad1074b6
6 changed files with 113 additions and 74 deletions

View file

@ -1,2 +0,0 @@
- delete users

View file

@ -2,6 +2,7 @@
# #
# 2011 Steven Armstrong (steven-cdist at armstrong.cc) # 2011 Steven Armstrong (steven-cdist at armstrong.cc)
# 2011 Nico Schottelius (nico-cdist at schottelius.org) # 2011 Nico Schottelius (nico-cdist at schottelius.org)
# 2013 Daniel Heule (hda at sfs.biz)
# #
# This file is part of cdist. # This file is part of cdist.
# #
@ -21,11 +22,14 @@
# #
# Manage users. # Manage users.
# #
#set -x
name="$__object_id" name="$__object_id"
os="$(cat "$__global/explorer/os")" os="$(cat "$__global/explorer/os")"
state=$(cat "$__object/parameter/state")
# We need to shorten options for both usermod and useradd since on some # We need to shorten options for both usermod and useradd since on some
# systems (such as *BSD, Darwin) those commands do not handle GNU style long # systems (such as *BSD, Darwin) those commands do not handle GNU style long
# options. # options.
@ -40,80 +44,97 @@ shorten_property() {
shell) ret="-s";; shell) ret="-s";;
uid) ret="-u";; uid) ret="-u";;
create-home) ret="-m";; create-home) ret="-m";;
system) ret="-r";;
esac esac
echo "$ret" echo "$ret"
} }
cd "$__object/parameter" if [ "$state" = "present" ]; then
if grep -q "^${name}:" "$__object/explorer/passwd"; then cd "$__object/parameter"
for property in $(ls .); do if grep -q "^${name}:" "$__object/explorer/passwd"; then
new_value="$(cat "$property")" for property in $(ls .); do
unset current_value new_value="$(cat "$property")"
unset current_value
file="$__object/explorer/passwd" file="$__object/explorer/passwd"
case "$property" in case "$property" in
gid) gid)
if $(echo "$new_value" | grep -q '^[0-9][0-9]*$'); then if $(echo "$new_value" | grep -q '^[0-9][0-9]*$'); then
field=4 field=4
else
# We were passed a group name. Compare the gid in
# the user's /etc/passwd entry with the gid of the
# group returned by the group explorer.
gid_from_group=$(awk -F: '{ print $3 }' "$__object/explorer/group")
gid_from_passwd=$(awk -F: '{ print $4 }' "$file")
if [ "$gid_from_group" != "$gid_from_passwd" ]; then
current_value="$gid_from_passwd"
else
current_value="$new_value"
fi
fi
;;
password)
field=2
file="$__object/explorer/shadow"
;;
comment) field=5 ;;
home) field=6 ;;
shell) field=7 ;;
uid) field=3 ;;
create-home) continue;; # Does not apply to user modification
system) continue;; # Does not apply to user modification
state) continue;; # Does not apply to user modification
remove-home) continue;; # Does not apply to user modification
esac
# If we haven't already set $current_value above, pull it from the
# appropriate file/field.
if [ -z "$current_value" ]; then
export field
current_value="$(awk -F: '{ print $ENVIRON["field"] }' < "$file")"
fi
if [ "$new_value" != "$current_value" ]; then
set -- "$@" "$(shorten_property $property)" \'$new_value\'
fi
done
if [ $# -gt 0 ]; then
if [ "$os" = "freebsd" ]; then
echo pw usermod "$@" "$name"
else
echo usermod "$@" "$name"
fi
else
true
fi
else
for property in $(ls .); do
[ "$property" = "state" ] && continue
[ "$property" = "remove-home" ] && continue
new_value="$(cat "$property")"
if [ -z "$new_value" ];then # Boolean values have no value
set -- "$@" "$(shorten_property $property)"
else else
# We were passed a group name. Compare the gid in set -- "$@" "$(shorten_property $property)" \'$new_value\'
# the user's /etc/passwd entry with the gid of the
# group returned by the group explorer.
gid_from_group=$(awk -F: '{ print $3 }' "$__object/explorer/group")
gid_from_passwd=$(awk -F: '{ print $4 }' "$file")
if [ "$gid_from_group" != "$gid_from_passwd" ]; then
current_value="$gid_from_passwd"
else
current_value="$new_value"
fi
fi fi
;; done
password)
field=2
file="$__object/explorer/shadow"
;;
comment) field=5 ;;
home) field=6 ;;
shell) field=7 ;;
uid) field=3 ;;
create-home) continue;; # Does not apply to user modification
esac
# If we haven't already set $current_value above, pull it from the if [ "$os" = "freebsd" ]; then
# appropriate file/field. echo pw useradd "$@" "$name"
if [ -z "$current_value" ]; then else
export field echo useradd "$@" "$name"
current_value="$(awk -F: '{ print $ENVIRON["field"] }' < "$file")" fi
fi fi
if [ "$new_value" != "$current_value" ]; then
set -- "$@" "$(shorten_property $property)" \'$new_value\'
fi
done
if [ $# -gt 0 ]; then
if [ "$os" = "freebsd" ]; then
echo pw usermod "$@" "$name"
else
echo usermod "$@" "$name"
fi
else
true
fi
else else
for property in $(ls .); do if grep -q "^${name}:" "$__object/explorer/passwd"; then
new_value="$(cat "$property")" #user exists, but state != present, so delete it
if [ -z "$new_value" ];then # Boolean values have no value if [ -f "$__object/parameter/remove-home" ]; then
set -- "$@" "$(shorten_property $property)" echo userdel -r "${name}"
else else
set -- "$@" "$(shorten_property $property)" \'$new_value\' echo userdel "${name}"
fi fi
done fi
if [ "$os" = "freebsd" ]; then
echo pw useradd "$@" "$name"
else
echo useradd "$@" "$name"
fi
fi fi

View file

@ -20,19 +20,29 @@ None.
OPTIONAL PARAMETERS OPTIONAL PARAMETERS
------------------- -------------------
state::
absent or present, defaults to present
comment:: comment::
see usermod(8) see usermod(8)
home:: home::
see above see above
gid:: gid::
see above see above
password:: password::
see above see above
shell:: shell::
see above see above
uid:: uid::
see above see above
BOOLEAN PARAMETERS
------------------
system::
see useradd(8), apply only on user create
create-home::
see useradd(8), apply only on user create
remove-home::
see userdel(8), apply only on user delete
EXAMPLES EXAMPLES
-------- --------
@ -44,8 +54,14 @@ __user foobar
# Same but with a different shell # Same but with a different shell
__user foobar --shell /bin/zsh __user foobar --shell /bin/zsh
# Same but for a system account
__user foobar --system
# Set explicit uid and home # Set explicit uid and home
__user foobar --uid 1001 --shell /bin/zsh --home /home/foobar __user foobar --uid 1001 --shell /bin/zsh --home /home/foobar
# Drop user if exists
__user foobar --state absent
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------

View file

@ -1 +1,3 @@
create-home create-home
remove-home
system

View file

@ -0,0 +1 @@
present

View file

@ -1,3 +1,4 @@
state
comment comment
home home
gid gid