blob: 5e24704512fd883b62f0d1e0787cfd6bc475e70b [file] [log] [blame]
# Copyright (c) 2013 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
# @ECLASS: user.eclass
# The Chromium OS Authors. <>
# @BLURB: user management in ebuilds
# Replaces the upstream mechanism of managing users and groups with one that
# manages the database in ${ROOT}, changing the sysroot database
# only when the caller creates the user/group during setup.
# Before we manipulate users at all, we want to make sure that
# passwd/group/shadow is initialized in the first place. That's
# what baselayout does.
# We should consider providing a virtual to abstract away this dependency.
# This would allow CrOS builds to completely specify all users and groups,
# instead of accepting the assumption (expressed in baselayout, currently)
# that every build wants groups like wheel, tty and so forth.
if [ "${PN}" != "baselayout" ]; then
# @FUNCTION: _assert_pkg_ebuild_phase
# @USAGE: <calling func name>
_assert_pkg_ebuild_phase() {
case ${EBUILD_PHASE} in
setup|preinst|postinst) ;;
eerror "'$1()' called from '${EBUILD_PHASE}' phase which is not OK:"
eerror "You may only call from pkg_{setup,preinst,postinst} functions."
eerror "Package fails at QA and at life. Please file a bug."
die "Bad package! $1 is only for use in some pkg_* functions!"
# If an overlay has eclass overrides, but doesn't actually override the
# user.eclass, we'll have USER_ECLASSDIR pointing to the active overlay's
# eclass/ dir, but the users and groups templates are still in our profiles/.
# @FUNCTION: _get_value_for_user
# @USAGE: <user> <key>
# Gets value from appropriate account definition file.
_get_value_for_user() {
local user=$1 key=$2
[[ $# -ne 2 ]] && die "usage: _get_value_for_user <user> <key>"
case ${key} in
user|password|uid|gid|gecos|home|shell) ;;
*) die "sorry, '${key}' is not a field in the passwd db." ;;
local template="${ACCOUNTS_DIR_LOCAL}/user/${user}"
[[ ! -e "${template}" ]] && die "No entry for ${user} at ${template}."
awk -F':' -v key="${key}" '$1 == key { print $2 }' "${template}"
# @FUNCTION: _get_value_for_group
# @USAGE: <group> <key>
# Gets value from appropriate account definition file.
_get_value_for_group() {
local group=$1 key=$2
[[ $# -ne 2 ]] && die "usage: _get_value_for_group <group> <key>"
case ${key} in
group|password|gid|users) ;;
*) die "sorry, '${key}' is not a field in the group db." ;;
local template="${ACCOUNTS_DIR_LOCAL}/group/${group}"
[[ ! -e "${template}" ]] && die "No entry for ${group} at ${template}."
awk -F':' -v key="${key}" '$1 == key { print $2 }' "${template}"
# @FUNCTION: _portable_grab_lock
# @USAGE: <lockfile>
# Grabs a lock on <lockfile> in a race-free, portable manner.
# We need to use this mechanism in order to be compatible with the shadow utils
# (groupadd, useradd, etc).
_portable_grab_lock() {
local lockfile=$1
local lockfile_1="${lockfile}.${BASHPID}"
local timeout=$(( 60 * 5 )) # 5 minute timeout
touch "${lockfile_1}"
until ln "${lockfile_1}" "${lockfile}" &> /dev/null; do
sleep 1
[[ $(( timeout-- )) -le 0 ]] && die "Timeout while trying to lock ${lockfile}"
[[ $(( timeout % 10 )) -eq 0 ]] && einfo "Waiting for lock on ${dbfile}"
rm "${lockfile_1}" || die "Failed to lock ${lockfile}."
# @FUNCTION: _write_entry_to_db()
# @USAGE: <entry> <database> <root>
# Writes an entry to the specified database under the specified root.
_write_entry_to_db() {
local entry=$1 db=$2 root=$3
[[ $# -ne 3 ]] && die "usage: _write_entry_to_db <entry> <database> <root>"
case ${db} in
passwd|group) ;;
*) die "sorry, database '${db}' not supported." ;;
local dbfile=$(readlink -e "${root}/etc/${db}")
[[ ! -e "${dbfile}" ]] && die "${db} under ${root} does not exist."
if [[ ! -w "${dbfile}" ]] ; then
ewarn "Unable to modify ${db} under ${root} due to read-only mount."
return 1
# Use the same lock file as the shadow utils.
local lockfile="${dbfile}.lock"
_portable_grab_lock "${lockfile}"
# Need to check if the acct exists while we hold the lock, in case
# another ebuild added it in the meantime.
local key=$(awk -F':' '{ print $1 }' <<<"${entry}")
if [[ -z $(egetent --nolock "${db}" "${key}" "${root}") ]] ; then
echo "${entry}" >> "${dbfile}" || die "Could not write ${entry} to ${dbfile}."
rm "${lockfile}" || die "Failed to release lock on ${lockfile}."
return 0
# @FUNCTION: egetent
# @USAGE: [--nolock] <database> <key> [root]
# Provides getent-like functionality for databases under [root]. Defaults to ${ROOT}.
# Supported databases: group passwd
egetent() {
local use_lock=true
[[ $1 == "--nolock" ]] && use_lock=false && shift
[[ $# -ne 2 && $# -ne 3 ]] && die "usage: egetent <database> <key> [root]"
local db=$1 key=$2 root=${3:-"${ROOT}"}
case ${db} in
passwd|group) ;;
*) die "sorry, database '${db}' not yet supported; file a bug" ;;
local dbfile=$(readlink -e "${ROOT}/etc/${db}")
[[ ! -e "${dbfile}" ]] && die "${db} under ${ROOT} does not exist."
[[ ! -w "${dbfile}" ]] && use_lock=false # File can't change anyway!
local lockfile="${dbfile}.lock"
${use_lock} && _portable_grab_lock "${lockfile}"
awk -F':' -v key="${key}" \
'($1 == key || $3 == key) { print }' \
"${dbfile}" 2>/dev/null
if ${use_lock} ; then
rm "${lockfile}" || die "Failed to release lock on ${lockfile}."
# @FUNCTION: enewuser
# @USAGE: <user> [uid] [shell] [homedir] [groups]
# Same as enewgroup, you are not required to understand how to properly add
# a user to the system. The only required parameter is the username.
# Default uid is (pass -1 for this) next available, default shell is
# /bin/false, default homedir is /dev/null, and there are no default groups.
enewuser() {
_assert_pkg_ebuild_phase ${FUNCNAME}
if [[ ! -e "${ACCOUNTS_DIR_LOCAL}" ]] ; then
ewarn "No user/group data files present. Skipping."
return 0
# get the username
local euser=$1; shift
if [[ -z ${euser} ]] ; then
eerror "No username specified !"
die "Cannot call enewuser without a username"
# lets see if the username already exists in ${ROOT}
if [[ -n $(egetent passwd "${euser}") ]] ; then
return 0
# Ensure username exists in profile.
if [[ -z $(_get_value_for_user "${euser}" user) ]] ; then
die "'${euser}' does not exist in profile!"
einfo "Adding user '${euser}' to your system ..."
# Handle uid. Passing no UID is functionally equivalent to passing -1.
local provided_uid=$(_get_value_for_user "${euser}" uid)
local euid=$1; shift
if [[ -z ${euid} ]] ; then
elif [[ ${euid} -lt -1 ]] ; then
eerror "Userid given but is not greater than 0 !"
die "${euid} is not a valid UID."
# Now, ${euid} is set and >= -1.
if [[ -n ${provided_uid} ]] ; then
# If profile has UID and caller specified '' or -1, use profile.
# If profile has UID and caller specified different, barf.
# If profile has UID and caller specified same, OK.
if [[ ${euid} == -1 ]] ; then
elif [[ ${euid} != ${provided_uid} ]] ; then
eerror "Userid differs from the profile!"
die "${euid} != ${provided_uid} from profile."
# else...they're already equal, so do nothing.
# If profile has no UID and caller did not specify, barf.
if [[ ${euid} == -1 ]] ; then
die "No UID specified in profile!"
# If profile has no entry w/UID and caller specified one, OK.
if [[ -n $(egetent passwd ${euid}) ]] ; then
eerror "UID ${euid} already taken!"
die "${euid} already taken in $(egetent passwd ${euid})"
einfo " - Userid: ${euid}"
# handle shell
local eshell=$1; shift
if [[ -n ${eshell} && ${eshell} != "-1" ]] ; then
if [[ ${eshell} == */false || ${eshell} == */nologin ]] ; then
eerror "Do not specify ${eshell} yourself, use -1"
die "Pass '-1' as the shell parameter"
eshell=$(_get_value_for_user "${euser}" shell)
if [[ ${eshell} != */false && ${eshell} != */nologin ]] ; then
if [[ ! -e ${ROOT}${eshell} ]] ; then
eerror "A shell was specified but it does not exist !"
die "${eshell} does not exist in ${ROOT}"
einfo " - Shell: ${eshell}"
# handle homedir
local ehome=$1; shift
if [[ -z ${ehome} || ${ehome} == "-1" ]] ; then
ehome=$(_get_value_for_user "${euser}" home)
einfo " - Home: ${ehome}"
# Grab groups for later handling.
local egroups=$1; shift
# Check groups.
local g egroups_arr
IFS="," read -r -a egroups_arr <<<"${egroups}"
for g in "${egroups_arr[@]}" ; do
enewgroup "${g}"
einfo " - Groups: ${egroups:-(none)}"
local comment
if [[ $# -gt 0 ]] ; then
die "extra arguments no longer supported; please file a bug."
comment=$(_get_value_for_user "${euser}" gecos)
einfo " - GECOS: ${comment}"
local epassword=$(_get_value_for_user "${euser}" password)
: ${epassword:="!"}
local entry="${euser}:${epassword}:${euid}:${euid}:${comment}:${ehome}:${eshell}"
if [[ ${EBUILD_PHASE} == "setup" ]] ; then
_write_entry_to_db "${entry}" passwd / || die "Must be able to add users during setup."
if _write_entry_to_db "${entry}" passwd "${ROOT}" ; then
if [[ ! -e ${ROOT}/${ehome} ]] ; then
einfo " - Creating ${ehome} in ${ROOT}"
mkdir -p "${ROOT}/${ehome}"
chown "${euser}" "${ROOT}/${ehome}"
chmod 755 "${ROOT}/${ehome}"
# @FUNCTION: enewgroup
# @USAGE: <group> [gid]
# This function does not require you to understand how to properly add a
# group to the system. Just give it a group name to add and enewgroup will
# do the rest. You may specify the gid for the group or allow the group to
# allocate the next available one.
enewgroup() {
_assert_pkg_ebuild_phase ${FUNCNAME}
if [[ ! -e "${ACCOUNTS_DIR_LOCAL}" ]] ; then
ewarn "No user/group data files present. Skipping."
return 0
# Get the group.
local egroup=$1; shift
if [[ -z ${egroup} ]] ; then
eerror "No group specified !"
die "Cannot call enewgroup without a group"
# See if group already exists.
if [[ -n $(egetent group "${egroup}") ]] ; then
return 0
# Ensure group exists in profile.
if [[ -z $(_get_value_for_group "${egroup}" group) ]] ; then
die "Config for ${egroup} not present in profile!"
einfo "Adding group '${egroup}' to your system ..."
# handle gid
local provided_gid=$(_get_value_for_group "${egroup}" gid)
local egid=$1; shift
if [[ -z ${egid} ]] ; then
# If caller specified nothing and profile has GID, use profile.
# If caller specified nothing and profile has no GID, barf.
if [[ ! -z ${provided_gid} ]] ; then
die "No gid provided in PROFILE or in args!"
if [[ ${egid} -lt 0 ]] ; then
eerror "Groupid given but is not greater than 0 !"
die "${egid} is not a valid GID"
# If caller specified GID and profile has no GID, OK.
# If caller specified GID and profile has entry with same, OK.
if [[ -z ${provided_gid} || ${egid} -eq ${provided_gid} ]] ; then
# If caller specified GID but profile has different, barf.
if [[ ${egid} -ne ${provided_gid} ]] ; then
eerror "${egid} conflicts with provided ${provided_gid}!"
die "${egid} conflicts with provided ${provided_gid}!"
if [[ -n $(egetent group ${egid}) ]] ; then
eerror "Groupid ${egid} already taken!"
die "${egid} already taken in $(egetent group ${egid})"
einfo " - Groupid: ${egid}"
# Handle extra.
if [[ $# -gt 0 ]] ; then
die "extra arguments no longer supported; please file a bug"
# Allow group passwords, if profile asks for it.
local epassword=$(_get_value_for_group "${egroup}" password)
: ${epassword:="!"}
einfo " - Password entry: ${epassword}"
# Pre-populate group with users.
local eusers=$(_get_value_for_group "${egroup}" users)
einfo " - User list: ${eusers}"
# Add the group.
local entry="${egroup}:${epassword}:${egid}:${eusers}"
if [[ ${EBUILD_PHASE} == "setup" ]] ; then
_write_entry_to_db "${entry}" group / || die "Must be able to add groups during setup."
_write_entry_to_db "${entry}" group "${ROOT}"
einfo "Done with group: '${egroup}'."
# @FUNCTION: egethome
# @USAGE: <user>
# Gets the home directory for the specified user.
egethome() {
[[ $# -eq 1 ]] || die "usage: egethome <user>"
egetent passwd "$1" | cut -d: -f6
# @FUNCTION: egetshell
# @USAGE: <user>
# Gets the shell for the specified user.
egetshell() {
[[ $# -eq 1 ]] || die "usage: egetshell <user>"
egetent passwd "$1" | cut -d: -f7