e-smith-base/sme9/e-smith-base-5.4.0-uidgid.patch

diff -up e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.uidgid e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts
--- e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.uidgid     2013-03-06 12:08:29.100199464 -0700
+++ e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts    2013-03-06 12:26:27.173888310 -0700
@@ -35,11 +35,11 @@ my $ldapauth = $conf->get('ldap')->prop(
 # create group "shared" if not already present
 if ($ldapauth eq 'enabled')
 {
-    system(qw(/usr/sbin/cpu groupadd shared)) unless getgrnam("shared");
+    system(qw(/usr/sbin/cpu -g 500 groupadd shared)) unless getgrnam("shared");
 }
 else
 {
-    system(qw(/usr/sbin/groupadd -r shared)) unless getgrnam("shared");
+    system(qw(/usr/sbin/groupadd -r -g 500 shared)) unless getgrnam("shared");
 }
 
 # Create other required groups and users
@@ -54,12 +54,12 @@ if ( !getpwnam("admin") )
 {
     if ($ldapauth eq 'enabled')
     {
-        `/usr/sbin/cpu useradd -f 'e-smith' -E 'administrator' -d /home/e-smith -G shared -M -s /sbin/e-smith/console admin`;
+        `/usr/sbin/cpu useradd -u 101 -f 'e-smith' -E 'administrator' -d /home/e-smith -G shared -M -s /sbin/e-smith/console admin`;
         `/usr/bin/gpasswd -a admin root`;
     }
     else
     {
-        `/usr/sbin/useradd -c 'e-smith administrator' -d /home/e-smith -G root,shared -M -s /sbin/e-smith/console admin`;
+        `/usr/sbin/useradd -u 101 -c 'e-smith administrator' -d /home/e-smith -G root,shared -M -s /sbin/e-smith/console admin`;
     }
 }
 else
@@ -135,15 +135,41 @@ if ( !getpwnam("www") )
 {
     if ($ldapauth eq 'enabled')
     {
-        `/usr/sbin/cpu useradd -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
+        `/usr/sbin/cpu useradd -u 102 -g 102 -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
     }
     else
     {
-        `/usr/sbin/useradd -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`;
+        `/usr/sbin/useradd -u 102 -g 102 -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`;
     }
 }
 else
 {
+    my $uid = `/usr/bin/id -u www`;
+    chomp($uid);
+    my $gid = `/usr/bin/id -g www`;
+    chomp($gid);
+    if ( $uid ne '102' || $gid ne '102' )
+    {
+        if ($ldapauth eq 'enabled')
+        {
+            die "Error changing www uid or gid" unless (
+                system("/usr/sbin/cpu groupmod -g 102 www") == 0 &&
+                system("/usr/sbin/cpu usermod -u 102 -g 102 www") == 0
+            );
+        }
+        else
+        {
+            die "Error changing www uid or gid" unless (
+                system("/usr/sbin/groupmod -g 102 -o www") == 0 &&
+                system("/usr/sbin/usermod -u 102 -g 102 -o www") == 0
+            );
+        }
+        warn "failed to fix permissions for www" unless (
+            system("/bin/rpm --setugids horde imp-h3 ingo-h3 turba-h3 2> /dev/null") == 0
+        );
+    }
+
+
     #--------------------------------------------------
     # www account already exists. Make sure that it is in groups "admin"
     # and "shared" without disturbing any other group memberships.
@@ -208,7 +234,7 @@ else
             system("/usr/sbin/usermod -u 102 -g 102 -o apache") == 0
         );
         warn "failed to fix permissions for apache" unless (
-            system("/bin/rpm --setugids httpd mod_auth_tkt mod_ssl php 2> /dev/null") == 0
+            system("/bin/rpm --setugids httpd mod_auth_tkt mod_ssl php pwauth 2> /dev/null") == 0
         );
     }
 }
1	slords	1.1	diff -up e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.uidgid e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts
2			--- e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts.uidgid 2013-03-06 12:08:29.100199464 -0700
3			+++ e-smith-base-5.4.0/root/etc/e-smith/events/actions/init-accounts 2013-03-06 12:26:27.173888310 -0700
4			@@ -35,11 +35,11 @@ my $ldapauth = $conf->get('ldap')->prop(
5			# create group "shared" if not already present
6			if ($ldapauth eq 'enabled')
7			{
8			- system(qw(/usr/sbin/cpu groupadd shared)) unless getgrnam("shared");
9			+ system(qw(/usr/sbin/cpu -g 500 groupadd shared)) unless getgrnam("shared");
10			}
11			else
12			{
13			- system(qw(/usr/sbin/groupadd -r shared)) unless getgrnam("shared");
14			+ system(qw(/usr/sbin/groupadd -r -g 500 shared)) unless getgrnam("shared");
15			}
16
17			# Create other required groups and users
18			@@ -54,12 +54,12 @@ if ( !getpwnam("admin") )
19			{
20			if ($ldapauth eq 'enabled')
21			{
22			- `/usr/sbin/cpu useradd -f 'e-smith' -E 'administrator' -d /home/e-smith -G shared -M -s /sbin/e-smith/console admin`;
23			+ `/usr/sbin/cpu useradd -u 101 -f 'e-smith' -E 'administrator' -d /home/e-smith -G shared -M -s /sbin/e-smith/console admin`;
24			`/usr/bin/gpasswd -a admin root`;
25			}
26			else
27			{
28			- `/usr/sbin/useradd -c 'e-smith administrator' -d /home/e-smith -G root,shared -M -s /sbin/e-smith/console admin`;
29			+ `/usr/sbin/useradd -u 101 -c 'e-smith administrator' -d /home/e-smith -G root,shared -M -s /sbin/e-smith/console admin`;
30			}
31			}
32			else
33			@@ -135,15 +135,41 @@ if ( !getpwnam("www") )
34			{
35			if ($ldapauth eq 'enabled')
36			{
37			- `/usr/sbin/cpu useradd -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
38			+ `/usr/sbin/cpu useradd -u 102 -g 102 -f 'e-smith' -E 'web server' -d /home/e-smith -G shared -M -s /bin/false www`;
39			}
40			else
41			{
42			- `/usr/sbin/useradd -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`;
43			+ `/usr/sbin/useradd -u 102 -g 102 -c 'e-smith web server' -d /home/e-smith -G shared -M -s /bin/false www`;
44			}
45			}
46			else
47			{
48			+ my $uid = `/usr/bin/id -u www`;
49			+ chomp($uid);
50			+ my $gid = `/usr/bin/id -g www`;
51			+ chomp($gid);
52			+ if ( $uid ne '102' \|\| $gid ne '102' )
53			+ {
54			+ if ($ldapauth eq 'enabled')
55			+ {
56			+ die "Error changing www uid or gid" unless (
57			+ system("/usr/sbin/cpu groupmod -g 102 www") == 0 &&
58			+ system("/usr/sbin/cpu usermod -u 102 -g 102 www") == 0
59			+ );
60			+ }
61			+ else
62			+ {
63			+ die "Error changing www uid or gid" unless (
64			+ system("/usr/sbin/groupmod -g 102 -o www") == 0 &&
65			+ system("/usr/sbin/usermod -u 102 -g 102 -o www") == 0
66			+ );
67			+ }
68			+ warn "failed to fix permissions for www" unless (
69			+ system("/bin/rpm --setugids horde imp-h3 ingo-h3 turba-h3 2> /dev/null") == 0
70			+ );
71			+ }
72			+
73			+
74			#--------------------------------------------------
75			# www account already exists. Make sure that it is in groups "admin"
76			# and "shared" without disturbing any other group memberships.
77			@@ -208,7 +234,7 @@ else
78			system("/usr/sbin/usermod -u 102 -g 102 -o apache") == 0
79			);
80			warn "failed to fix permissions for apache" unless (
81			- system("/bin/rpm --setugids httpd mod_auth_tkt mod_ssl php 2> /dev/null") == 0
82			+ system("/bin/rpm --setugids httpd mod_auth_tkt mod_ssl php pwauth 2> /dev/null") == 0
83			);
84			}
85			}