From Fedora Project Wiki
< Changes
No edit summary |
No edit summary |
||
Line 121: | Line 121: | ||
%define USERNAME1 user1 | %define USERNAME1 user1 | ||
%sysusers_groupadd | %sysusers_groupadd -g 11 %{GROUPNAME1} | ||
%sysusers_groupadd | %sysusers_groupadd -g 12 group2 | ||
%sysusers_groupadd | %sysusers_groupadd -g 13 group3 | ||
%sysusers_groupadd | %sysusers_groupadd group4 | ||
%sysusers_useradd | %sysusers_useradd -g group1 -G group3,group4 -u 100 -d /var/user1 -s /sbin/nologin -c %{quote:"User 1"} %{USERNAME1} | ||
%sysusers_useradd | %sysusers_useradd -g group2 -G group3,group4 -d /var/user2 -s /sbin/nologin -c %{quote:"User 2"} user2 | ||
%description | %description | ||
Line 132: | Line 132: | ||
%package sub | %package sub | ||
Summary: sub | Summary: sub | ||
%sysusers_groupadd -S sub | %sysusers_groupadd -S sub subgroup1 | ||
%description sub | %description sub | ||
%package -n foo | %package -n foo | ||
Summary: foo | Summary: foo | ||
%sysusers_groupadd -n foo | %sysusers_groupadd -n foo foo1 | ||
%description -n foo | %description -n foo | ||
Revision as of 14:56, 8 November 2018
Streamline useradd/groupadd calls in RPM spec files
Summary
Replace RPM useradd/groupadd shell script fragments in spec files which dedicated RPM macros.
Example RPM spec file. Test with:
$ rpmbuild --define "_sourcedir $(pwd)" --define "_specdir $(pwd)" --define "_builddir $(pwd)" --define "_srcrpmdir $(pwd)" --define "_rpmdir $(pwd)" -ba test.spec && rpm -qp --scripts noarch/*.rpm && rpm -qp --provides noarch/*.rpm It will create the following RPMs: $ tree noarch/ noarch/ ├── foo-1-1.noarch.rpm ├── test-1-1.noarch.rpm └── test-sub-1-1.noarch.rpm Which include sysusers.d/ files describing the defined users and groups.
################################################################# # macros.sysusers ################################################################# %define sysusers_useradd(n:S:c:d:g:G:lmMNors:u:UZ:) %{lua: local package = rpm.expand("%{?-S*}") local name = rpm.expand("%{?!-n*:%{name}}%{?-n*}") if package ~= "" then name = name .. "_" .. package end local oldlines = rpm.expand("%{?sysusers_useradd_" .. name .. "}") local group = rpm.expand("%{?-g*}") local gecko = rpm.expand("%{?-c*}%{?!-c*:-}") local home = rpm.expand("%{?-d*}%{!-d*:-}") local shell = rpm.expand("%{?-s*}%{!-s*:-}") local uid = rpm.expand("%{?-u*}%{!-u*:-}") local user = rpm.expand("%{1}") local moregroups = rpm.expand("%{?-G*}") newline = "%{quote:u\\t" .. user .. "\\t" .. uid .. "\\t" .. gecko .. "\\t" .. home .. "\\t" .. shell .. "}" if group ~= "" then newline = newline .. "%{quote:m\\t" .. user .. "\\t" .. group .. "}" end for group in string.gmatch(moregroups, "[^,]*,?") do if string.sub(group,-1) == "," then group = string.sub(group, 0, -2) end newline = newline .. "%{quote:m\\t" .. user .. "\\t" .. group .. "}" end if oldlines == "" then rpm.define("sysusers_useradd_" .. name .. " " .. newline) else rpm.define("sysusers_useradd_" .. name .. " " .. oldlines .. newline) end print("Provides: user(" .. user .. ")\\n") } %define sysusers_groupadd(n:S:g:rfoB:N:) %{lua: local package = rpm.expand("%{?-S*}") local name = rpm.expand("%{?!-n*:%{name}}%{?-n*}") if package ~= "" then name = name .. "_" .. package end local oldlines = rpm.expand("%{?sysusers_useradd_" .. name .. "}") local gid = rpm.expand("%{?-g*}%{!-g*:-}") local group = rpm.expand("%{1}") newline = "%{quote:g\\t" .. group .. "\\t" .. gid .. "\\t-}" if oldlines == "" then rpm.define("sysusers_useradd_" .. name .. " " .. newline) else rpm.define("sysusers_useradd_" .. name .. " " .. oldlines .. newline) end print("Provides: group(" .. group .. ")\\n") } %define sysusers_pre(n:S:) %{lua: local package = rpm.expand("%{?-S*}") local name = rpm.expand("%{?!-n*:%{name}}%{?-n*}") local filename = name if package ~= "" then filename = name .. "-" .. package name = name .. "_" .. package end local lines = rpm.expand("%{?sysusers_useradd_" .. name .. "}") print("systemd-sysusers --replace=" .. rpm.expand("%{_sysusersdir}/") .. filename .. ".conf - <<EOF\\n") for line in string.gmatch(lines, "\\31[^\\31]*\\31") do print(string.sub(line, 2, -2) .."\\n") end print("EOF\\n") } %define sysusers_install(n:S:) %{lua: local package = rpm.expand("%{?-S*}") local name = rpm.expand("%{?!-n*:%{name}}%{?-n*}") local filename = name if package ~= "" then filename = name .. "-" .. package name = name .. "_" .. package end local lines = rpm.expand("%{?sysusers_useradd_" .. name .. "}") print("mkdir -p " .. rpm.expand("%{buildroot}") .. rpm.expand("%{_sysusersdir}/") .. "\\n") print("cat >" .. rpm.expand("%{buildroot}") .. rpm.expand("%{_sysusersdir}/") .. filename .. ".conf <<EOF\\n") for line in string.gmatch(lines, "\\31[^\\31]*\\31") do print(string.sub(line, 2, -2) .."\\n") end print("EOF\\n") } ################################################################# # test.spec ################################################################# Name: test Version: 1 Release: 1 Summary: test License: MIT BuildArch: noarch %define GROUPNAME1 group1 %define USERNAME1 user1 %sysusers_groupadd -g 11 %{GROUPNAME1} %sysusers_groupadd -g 12 group2 %sysusers_groupadd -g 13 group3 %sysusers_groupadd group4 %sysusers_useradd -g group1 -G group3,group4 -u 100 -d /var/user1 -s /sbin/nologin -c %{quote:"User 1"} %{USERNAME1} %sysusers_useradd -g group2 -G group3,group4 -d /var/user2 -s /sbin/nologin -c %{quote:"User 2"} user2 %description %package sub Summary: sub %sysusers_groupadd -S sub subgroup1 %description sub %package -n foo Summary: foo %sysusers_groupadd -n foo foo1 %description -n foo %pre %sysusers_pre %pre sub %sysusers_pre -S sub %pre -n foo %sysusers_pre -n foo %prep %build %install %sysusers_install %sysusers_install -n foo %sysusers_install -S sub %files %{_sysusersdir}/%{name}.conf %files sub %{_sysusersdir}/%{name}-sub.conf %files -n foo %{_sysusersdir}/foo.conf
Owner
- Name: Harald Hoyer
- Name: Kay Sievers
Current status
- Targeted release: Fedora 30
- Tracker bug: <will be assigned by the Wrangler>
Detailed Description
Storing the user and group information in structured data allows to process this data with external tools in a programmatic way instead of running opaque shell scripts.
Benefit to Fedora
Scope
- Proposal owners:
- Other developers: N/A (not a System Wide Change)
- Release engineering: #Releng issue number (a check of an impact with Release Engineering is needed)
- List of deliverables: N/A (not a System Wide Change)
- Policies and guidelines: N/A (not a System Wide Change)
- Trademark approval: N/A (not needed for this Change)
Upgrade/compatibility impact
N/A (not a System Wide Change)
How To Test
N/A (not a System Wide Change)
User Experience
Dependencies
N/A (not a System Wide Change)
Contingency Plan
- Contingency mechanism: (What to do? Who will do it?) N/A (not a System Wide Change)
- Contingency deadline: N/A (not a System Wide Change)
- Blocks release? N/A (not a System Wide Change), Yes/No
- Blocks product? product
Documentation
N/A (not a System Wide Change)