From 409d736339f9c2041b8733cad982beb129bf1a3c Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Thu, 11 Oct 2018 15:58:30 +0200 Subject: [PATCH 1/6] explicitly check for `absent` to handle state-typos gracefully --- cdist/conf/type/__user/gencode-remote | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cdist/conf/type/__user/gencode-remote b/cdist/conf/type/__user/gencode-remote index b908874b..ef04ed3a 100755 --- a/cdist/conf/type/__user/gencode-remote +++ b/cdist/conf/type/__user/gencode-remote @@ -3,6 +3,7 @@ # 2011 Steven Armstrong (steven-cdist at armstrong.cc) # 2011 Nico Schottelius (nico-cdist at schottelius.org) # 2013 Daniel Heule (hda at sfs.biz) +# 2018 Thomas Eckert (tom at it-eckert.de) # # This file is part of cdist. # @@ -130,7 +131,7 @@ if [ "$state" = "present" ]; then echo useradd "$@" "$name" fi fi -else +elif [ "$state" = "absent" ]; then if grep -q "^${name}:" "$__object/explorer/passwd"; then #user exists, but state != present, so delete it if [ -f "$__object/parameter/remove-home" ]; then @@ -139,4 +140,6 @@ else echo userdel "${name}" fi fi +else + echo "Invalid state $state" >&2 fi From a1bf3813705117f3ae7a513a4d893cc5094bc59c Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Thu, 11 Oct 2018 15:59:47 +0200 Subject: [PATCH 2/6] add messaging --- cdist/conf/type/__user/gencode-remote | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cdist/conf/type/__user/gencode-remote b/cdist/conf/type/__user/gencode-remote index ef04ed3a..a5b60ac6 100755 --- a/cdist/conf/type/__user/gencode-remote +++ b/cdist/conf/type/__user/gencode-remote @@ -136,8 +136,10 @@ elif [ "$state" = "absent" ]; then #user exists, but state != present, so delete it if [ -f "$__object/parameter/remove-home" ]; then echo userdel -r "${name}" + echo "userdel -r" >> "$__messages_out" else echo userdel "${name}" + echo "userdel" >> "$__messages_out" fi fi else From c995d08ce2305ec75bed9362d4a0ed845c7fcc92 Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Thu, 11 Oct 2018 16:01:50 +0200 Subject: [PATCH 3/6] redirect stdout+stderr of `userdel` If no mail-spoolfile exists for the user the error reporting was visible in the cdist-run. --- cdist/conf/type/__user/gencode-remote | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__user/gencode-remote b/cdist/conf/type/__user/gencode-remote index a5b60ac6..8f2a422a 100755 --- a/cdist/conf/type/__user/gencode-remote +++ b/cdist/conf/type/__user/gencode-remote @@ -135,10 +135,10 @@ elif [ "$state" = "absent" ]; then if grep -q "^${name}:" "$__object/explorer/passwd"; then #user exists, but state != present, so delete it if [ -f "$__object/parameter/remove-home" ]; then - echo userdel -r "${name}" + printf "userdel -r %s >/dev/null 2>&1\n" "${name}" echo "userdel -r" >> "$__messages_out" else - echo userdel "${name}" + printf "userdel %s >/dev/null 2>&1\n" "${name}" echo "userdel" >> "$__messages_out" fi fi From 5761939fa93e921706e854675dd5e7acbe7619c1 Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Thu, 11 Oct 2018 16:05:57 +0200 Subject: [PATCH 4/6] add new messages to man.rst --- cdist/conf/type/__user/man.rst | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cdist/conf/type/__user/man.rst b/cdist/conf/type/__user/man.rst index 5001bfa4..ef6b77af 100644 --- a/cdist/conf/type/__user/man.rst +++ b/cdist/conf/type/__user/man.rst @@ -60,6 +60,11 @@ mod add New user added +userdel -r + If user was deleted with homedir + +userdel + If user was deleted (keeping homedir) EXAMPLES -------- From c950dd1e9022c2a8965d648d1ab7d3fe25aa3ad4 Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Thu, 11 Oct 2018 19:00:44 +0200 Subject: [PATCH 5/6] quote "remote user", ensuring `user` is handled as one parameter --- cdist/conf/type/__user/gencode-remote | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__user/gencode-remote b/cdist/conf/type/__user/gencode-remote index 8f2a422a..90e3707d 100755 --- a/cdist/conf/type/__user/gencode-remote +++ b/cdist/conf/type/__user/gencode-remote @@ -135,10 +135,10 @@ elif [ "$state" = "absent" ]; then if grep -q "^${name}:" "$__object/explorer/passwd"; then #user exists, but state != present, so delete it if [ -f "$__object/parameter/remove-home" ]; then - printf "userdel -r %s >/dev/null 2>&1\n" "${name}" + printf "userdel -r '%s' >/dev/null 2>&1\n" "${name}" echo "userdel -r" >> "$__messages_out" else - printf "userdel %s >/dev/null 2>&1\n" "${name}" + printf "userdel '%s' >/dev/null 2>&1\n" "${name}" echo "userdel" >> "$__messages_out" fi fi From c5098dfcc50ab88ce524346ed369cfede4f387da Mon Sep 17 00:00:00 2001 From: Thomas Eckert Date: Fri, 12 Oct 2018 14:02:11 +0200 Subject: [PATCH 6/6] fix [SC1117] (explicitly excaping `\n`) --- cdist/conf/type/__user/gencode-remote | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cdist/conf/type/__user/gencode-remote b/cdist/conf/type/__user/gencode-remote index 90e3707d..ee18c18f 100755 --- a/cdist/conf/type/__user/gencode-remote +++ b/cdist/conf/type/__user/gencode-remote @@ -135,10 +135,10 @@ elif [ "$state" = "absent" ]; then if grep -q "^${name}:" "$__object/explorer/passwd"; then #user exists, but state != present, so delete it if [ -f "$__object/parameter/remove-home" ]; then - printf "userdel -r '%s' >/dev/null 2>&1\n" "${name}" + printf "userdel -r '%s' >/dev/null 2>&1\\n" "${name}" echo "userdel -r" >> "$__messages_out" else - printf "userdel '%s' >/dev/null 2>&1\n" "${name}" + printf "userdel '%s' >/dev/null 2>&1\\n" "${name}" echo "userdel" >> "$__messages_out" fi fi