/[smeserver]/rpms/e-smith-base/sme9/e-smith-base-5.4.0-uidgid.patch
ViewVC logotype

Contents of /rpms/e-smith-base/sme9/e-smith-base-5.4.0-uidgid.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph

Revision 1.2 - (show annotations) (download)
Mon Mar 24 03:05:37 2014 UTC (10 years, 2 months ago) by wellsi
Branch: MAIN
CVS Tags: HEAD
Changes since 1.1: +0 -0 lines
FILE REMOVED 
* Sun Mar 23 2014 Ian Wells <esmith@wellsi.com> 5.6.0-1.sme
- Roll new stream to remove obsolete images [SME: 7962]
1 diff -up e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.uidgid e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts
2 --- e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.uidgid 2013-03-06 12:08:29.100199464 -0700
3 +++ e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts 2013-03-06 12:26:27.173888310 -0700
4 @@ -35,11 +35,11 @@ my $ldapauth = $conf->get('ldap')->prop(
5 # create group "shared" if not already present
6 if ($ldapauth eq 'enabled')
7 {
8 - system(qw(/usr/sbin/cpu groupadd shared)) unless getgrnam("shared");
9 + system(qw(/usr/sbin/cpu -g 500 groupadd shared)) unless getgrnam("shared");
10 }
11 else
12 {
13 - system(qw(/usr/sbin/groupadd -r shared)) unless getgrnam("shared");
14 + system(qw(/usr/sbin/groupadd -r -g 500 shared)) unless getgrnam("shared");
15 }
16
17 # Create other required groups and users
18 @@ -54,12 +54,12 @@ if ( !getpwnam("admin") )
19 {
20 if ($ldapauth eq 'enabled')
21 {
22 - `/usr/sbin/cpu useradd -f 'e-smith' -E 'administrator' -d /home/e-smith -G shared -M -s /sbin/e-smith/console admin`;
23 + `/usr/sbin/cpu useradd -u 101 -f 'e-smith' -E 'administrator' -d /home/e-smith -G shared -M -s /sbin/e-smith/console admin`;
24 `/usr/bin/gpasswd -a admin root`;
25 }
26 else
27 {
28 - `/usr/sbin/useradd -c 'e-smith administrator' -d /home/e-smith -G root,shared -M -s /sbin/e-smith/console admin`;
29 + `/usr/sbin/useradd -u 101 -c 'e-smith administrator' -d /home/e-smith -G root,shared -M -s /sbin/e-smith/console admin`;
30 }
31 }
32 else
33 @@ -135,15 +135,41 @@ if ( !getpwnam("www") )
34 {
35 if ($ldapauth eq 'enabled')
36 {
37 - `/usr/sbin/cpu useradd -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
38 + `/usr/sbin/cpu useradd -u 102 -g 102 -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
39 }
40 else
41 {
42 - `/usr/sbin/useradd -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`;
43 + `/usr/sbin/useradd -u 102 -g 102 -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`;
44 }
45 }
46 else
47 {
48 + my $uid = `/usr/bin/id -u www`;
49 + chomp($uid);
50 + my $gid = `/usr/bin/id -g www`;
51 + chomp($gid);
52 + if ( $uid ne '102' || $gid ne '102' )
53 + {
54 + if ($ldapauth eq 'enabled')
55 + {
56 + die "Error changing www uid or gid" unless (
57 + system("/usr/sbin/cpu groupmod -g 102 www") == 0 &&
58 + system("/usr/sbin/cpu usermod -u 102 -g 102 www") == 0
59 + );
60 + }
61 + else
62 + {
63 + die "Error changing www uid or gid" unless (
64 + system("/usr/sbin/groupmod -g 102 -o www") == 0 &&
65 + system("/usr/sbin/usermod -u 102 -g 102 -o www") == 0
66 + );
67 + }
68 + warn "failed to fix permissions for www" unless (
69 + system("/bin/rpm --setugids horde imp-h3 ingo-h3 turba-h3 2> /dev/null") == 0
70 + );
71 + }
72 +
73 +
74 #--------------------------------------------------
75 # www account already exists. Make sure that it is in groups "admin"
76 # and "shared" without disturbing any other group memberships.
77 @@ -208,7 +234,7 @@ else
78 system("/usr/sbin/usermod -u 102 -g 102 -o apache") == 0
79 );
80 warn "failed to fix permissions for apache" unless (
81 - system("/bin/rpm --setugids httpd mod_auth_tkt mod_ssl php 2> /dev/null") == 0
82 + system("/bin/rpm --setugids httpd mod_auth_tkt mod_ssl php pwauth 2> /dev/null") == 0
83 );
84 }
85 }
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed