| 1 |
diff -up e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.fixwww e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts |
| 2 |
--- e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.fixwww 2013-03-09 15:25:42.230988632 -0700 |
| 3 |
+++ e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts 2013-03-09 15:25:25.879950605 -0700 |
| 4 |
@@ -48,6 +48,53 @@ system(qw(/usr/sbin/groupadd -g 21 -r -f |
| 5 |
system(qw(/usr/sbin/useradd -u 38 -s /sbin/nologin -d /etc/ntp ntp)) |
| 6 |
unless (getpwnam("ntp")); |
| 7 |
|
| 8 |
+#-------------------------------------------------- |
| 9 |
+# create user "www" if not already present; otherwise change comment to |
| 10 |
+# "e-smith private web server" (used to just say "e-smith web server") |
| 11 |
+#-------------------------------------------------- |
| 12 |
+ |
| 13 |
+if ( !getpwnam("www") ) |
| 14 |
+{ |
| 15 |
+ if ($ldapauth eq 'enabled') |
| 16 |
+ { |
| 17 |
+ `/usr/sbin/cpu groupadd -g 102 www`; |
| 18 |
+ `/usr/sbin/cpu useradd -u 102 -g 102 -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`; |
| 19 |
+ } |
| 20 |
+ else |
| 21 |
+ { |
| 22 |
+ die "Error creating www user or group" unless ( |
| 23 |
+ system("/usr/sbin/groupadd -g 102 -o www") == 0 && |
| 24 |
+ system("/usr/sbin/useradd -u 102 -g 102 -o -c 'e-smith web server' -d /home/e-smith -M -s /bin/false www") == 0 |
| 25 |
+ ); |
| 26 |
+ } |
| 27 |
+} |
| 28 |
+else |
| 29 |
+{ |
| 30 |
+ my $uid = `/usr/bin/id -u www`; |
| 31 |
+ chomp($uid); |
| 32 |
+ my $gid = `/usr/bin/id -g www`; |
| 33 |
+ chomp($gid); |
| 34 |
+ if ( $uid ne '102' || $gid ne '102' ) |
| 35 |
+ { |
| 36 |
+ if ($ldapauth eq 'enabled') |
| 37 |
+ { |
| 38 |
+ die "Error changing www uid or gid" unless ( |
| 39 |
+ system("/usr/sbin/cpu groupmod -g 102 www") == 0 && |
| 40 |
+ system("/usr/sbin/cpu usermod -u 102 -g 102 www") == 0 |
| 41 |
+ ); |
| 42 |
+ } |
| 43 |
+ else |
| 44 |
+ { |
| 45 |
+ die "Error changing www uid or gid" unless ( |
| 46 |
+ system("/usr/sbin/groupmod -g 102 -o www") == 0 && |
| 47 |
+ system("/usr/sbin/usermod -u 102 -g 102 -o www") == 0 |
| 48 |
+ ); |
| 49 |
+ } |
| 50 |
+ warn "failed to fix permissions for www" unless ( |
| 51 |
+ system("/bin/rpm --setugids horde imp-h3 ingo-h3 turba-h3 2> /dev/null") == 0 |
| 52 |
+ ); |
| 53 |
+ } |
| 54 |
+} |
| 55 |
|
| 56 |
# create user "admin" if not already present; |
| 57 |
if ( !getpwnam("admin") ) |
| 58 |
@@ -127,91 +174,46 @@ if ( !getpwnam("public") ) |
| 59 |
} |
| 60 |
|
| 61 |
#-------------------------------------------------- |
| 62 |
-# create user "www" if not already present; otherwise change comment to |
| 63 |
-# "e-smith private web server" (used to just say "e-smith web server") |
| 64 |
+# www account already exists. Make sure that it is in groups "admin" |
| 65 |
+# and "shared" without disturbing any other group memberships. |
| 66 |
+# First get list of existing groups for www. |
| 67 |
#-------------------------------------------------- |
| 68 |
|
| 69 |
-if ( !getpwnam("www") ) |
| 70 |
+my $groups = `/usr/bin/id -G -n www 2>/dev/null`; |
| 71 |
+if ($? != 0) |
| 72 |
{ |
| 73 |
- if ($ldapauth eq 'enabled') |
| 74 |
- { |
| 75 |
- `/usr/sbin/cpu useradd -u 102 -g 102 -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`; |
| 76 |
- } |
| 77 |
- else |
| 78 |
- { |
| 79 |
- `/usr/sbin/useradd -u 102 -g 102 -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`; |
| 80 |
- } |
| 81 |
+ die "Failed to get supplementary group list for www.\n"; |
| 82 |
} |
| 83 |
-else |
| 84 |
-{ |
| 85 |
- my $uid = `/usr/bin/id -u www`; |
| 86 |
- chomp($uid); |
| 87 |
- my $gid = `/usr/bin/id -g www`; |
| 88 |
- chomp($gid); |
| 89 |
- if ( $uid ne '102' || $gid ne '102' ) |
| 90 |
- { |
| 91 |
- if ($ldapauth eq 'enabled') |
| 92 |
- { |
| 93 |
- die "Error changing www uid or gid" unless ( |
| 94 |
- system("/usr/sbin/cpu groupmod -g 102 www") == 0 && |
| 95 |
- system("/usr/sbin/cpu usermod -u 102 -g 102 www") == 0 |
| 96 |
- ); |
| 97 |
- } |
| 98 |
- else |
| 99 |
- { |
| 100 |
- die "Error changing www uid or gid" unless ( |
| 101 |
- system("/usr/sbin/groupmod -g 102 -o www") == 0 && |
| 102 |
- system("/usr/sbin/usermod -u 102 -g 102 -o www") == 0 |
| 103 |
- ); |
| 104 |
- } |
| 105 |
- warn "failed to fix permissions for www" unless ( |
| 106 |
- system("/bin/rpm --setugids horde imp-h3 ingo-h3 turba-h3 2> /dev/null") == 0 |
| 107 |
- ); |
| 108 |
- } |
| 109 |
- |
| 110 |
- |
| 111 |
- #-------------------------------------------------- |
| 112 |
- # www account already exists. Make sure that it is in groups "admin" |
| 113 |
- # and "shared" without disturbing any other group memberships. |
| 114 |
- # First get list of existing groups for www. |
| 115 |
- #-------------------------------------------------- |
| 116 |
- |
| 117 |
- my $groups = `/usr/bin/id -G -n www 2>/dev/null`; |
| 118 |
- if ($? != 0) |
| 119 |
- { |
| 120 |
- die "Failed to get supplementary group list for www.\n"; |
| 121 |
- } |
| 122 |
- chomp ($groups); |
| 123 |
+chomp ($groups); |
| 124 |
|
| 125 |
- my @groupList = split (/\s+/, $groups); |
| 126 |
+my @groupList = split (/\s+/, $groups); |
| 127 |
|
| 128 |
- #-------------------------------------------------- |
| 129 |
- # Modify group list to make sure "admin" and "shared" |
| 130 |
- # are listed exactly once each. |
| 131 |
- #-------------------------------------------------- |
| 132 |
+#-------------------------------------------------- |
| 133 |
+# Modify group list to make sure "admin" and "shared" |
| 134 |
+# are listed exactly once each. |
| 135 |
+#-------------------------------------------------- |
| 136 |
|
| 137 |
- @groupList = grep (!/^www$/, @groupList); |
| 138 |
- @groupList = grep (!/^shared$/, @groupList); |
| 139 |
+@groupList = grep (!/^www$/, @groupList); |
| 140 |
+@groupList = grep (!/^shared$/, @groupList); |
| 141 |
|
| 142 |
- push @groupList, 'shared'; |
| 143 |
+push @groupList, 'shared'; |
| 144 |
|
| 145 |
- #-------------------------------------------------- |
| 146 |
- # Run usermod command to update group list for www. |
| 147 |
- #-------------------------------------------------- |
| 148 |
+#-------------------------------------------------- |
| 149 |
+# Run usermod command to update group list for www. |
| 150 |
+#-------------------------------------------------- |
| 151 |
|
| 152 |
- $groups = join (',', sort (@groupList)); |
| 153 |
- if ($ldapauth eq 'enabled') |
| 154 |
- { |
| 155 |
- `/usr/sbin/cpu usermod -f 'e-smith' -E 'web server' -d /home/e-smith -G '$groups' -s /bin/false www`; |
| 156 |
- } |
| 157 |
- else |
| 158 |
- { |
| 159 |
- `/usr/sbin/usermod -c 'e-smith web server' -d /home/e-smith -G '$groups' -s /bin/false www`; |
| 160 |
- } |
| 161 |
- if ($? != 0) |
| 162 |
- { |
| 163 |
- die "Failed to modify supplementary group list for www.\n"; |
| 164 |
- } |
| 165 |
+$groups = join (',', sort (@groupList)); |
| 166 |
+if ($ldapauth eq 'enabled') |
| 167 |
+{ |
| 168 |
+ `/usr/sbin/cpu usermod -f 'e-smith' -E 'web server' -d /home/e-smith -G '$groups' -s /bin/false www`; |
| 169 |
+} |
| 170 |
+else |
| 171 |
+{ |
| 172 |
+ `/usr/sbin/usermod -c 'e-smith web server' -d /home/e-smith -G '$groups' -s /bin/false www`; |
| 173 |
+} |
| 174 |
+if ($? != 0) |
| 175 |
+{ |
| 176 |
+ die "Failed to modify supplementary group list for www.\n"; |
| 177 |
} |
| 178 |
|
| 179 |
# Now that www exists, change uid/gid of user and group apache |
Parent Directory
| 
Revision Log
| 
Revision Graph
