Author: jsuchome
Date: Tue Oct 9 16:18:15 2007
New Revision: 41293
URL: http://svn.opensuse.org/viewcvs/yast?rev=41293&view=rev
Log:
- backport following features for SLE10SP for F302865 and F302658:
- during firstboot, show the same behaviour as in 2nd stage
- Write function from plugin API is now called also on deleted
users (currently only local)
- added universal "plugin_modified" key to check whether user
data were modified by plugin
- check for crypted directories modifications before offering
'cryptconfig' installation (#274861)
- enabled plugins for local users and groups
- 2.13.56
Modified:
branches/SuSE-SLE-10-SP1-Branch/users/VERSION
branches/SuSE-SLE-10-SP1-Branch/users/package/yast2-users.changes
branches/SuSE-SLE-10-SP1-Branch/users/src/Users.pm
branches/SuSE-SLE-10-SP1-Branch/users/src/dialogs.ycp
Modified: branches/SuSE-SLE-10-SP1-Branch/users/VERSION
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP1-Branch/users/VERSION?rev=41293&r1=41292&r2=41293&view=diff
==============================================================================
--- branches/SuSE-SLE-10-SP1-Branch/users/VERSION (original)
+++ branches/SuSE-SLE-10-SP1-Branch/users/VERSION Tue Oct 9 16:18:15 2007
@@ -1 +1 @@
-2.13.55
+2.13.56
Modified: branches/SuSE-SLE-10-SP1-Branch/users/package/yast2-users.changes
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP1-Branch/users/package/yast2-users.changes?rev=41293&r1=41292&r2=41293&view=diff
==============================================================================
--- branches/SuSE-SLE-10-SP1-Branch/users/package/yast2-users.changes (original)
+++ branches/SuSE-SLE-10-SP1-Branch/users/package/yast2-users.changes Tue Oct 9 16:18:15 2007
@@ -1,4 +1,18 @@
-------------------------------------------------------------------
+Thu Oct 4 14:33:20 CEST 2007 - jsuchome@suse.cz
+
+- backport following features for SLE10SP for F302865 and F302658:
+- during firstboot, show the same behaviour as in 2nd stage
+- Write function from plugin API is now called also on deleted
+ users (currently only local)
+- added universal "plugin_modified" key to check whether user
+ data were modified by plugin
+- check for crypted directories modifications before offering
+ 'cryptconfig' installation (#274861)
+- enabled plugins for local users and groups
+- 2.13.56
+
+-------------------------------------------------------------------
Fri May 11 12:08:13 CEST 2007 - jsuchome@suse.cz
- during autoinstallation, do not touch already created directories
Modified: branches/SuSE-SLE-10-SP1-Branch/users/src/Users.pm
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP1-Branch/users/src/Users.pm?rev=41293&r1=41292&r2=41293&view=diff
==============================================================================
--- branches/SuSE-SLE-10-SP1-Branch/users/src/Users.pm (original)
+++ branches/SuSE-SLE-10-SP1-Branch/users/src/Users.pm Tue Oct 9 16:18:15 2007
@@ -1302,8 +1302,10 @@
$use_cracklib = ($security{"PASSWD_USE_CRACKLIB"} eq "yes");
$obscure_checks = ($security{"OBSCURE_CHECKS_ENAB"} eq "yes");
- $min_pass_length{"local"} = $security{"PASS_MIN_LEN"} || $min_pass_length{"local"};
- $min_pass_length{"system"} = $security{"PASS_MIN_LEN"} || $min_pass_length{"system"};
+ if (defined $security{"PASS_MIN_LEN"}) {
+ $min_pass_length{"local"} = $security{"PASS_MIN_LEN"};
+ $min_pass_length{"system"} = $security{"PASS_MIN_LEN"};
+ }
my $login_defs = SCR->Dir (".etc.login_defs");
if (contains ($login_defs, "CHARACTER_CLASS")) {
@@ -1825,6 +1827,26 @@
if (Autologin->user () eq ($user_in_work{"uid"} || "")) {
Autologin->Disable ();
}
+
+ my $type = $user_in_work{"type"};
+ my $plugins = $user_in_work{"plugins"};
+
+ # --------- PluginPresent: check which plugins are in use for this user
+ # so they can be called in "Write"
+ my $result = UsersPlugins->Apply ("PluginPresent", {
+ "what" => "user",
+ "type" => $type,
+ }, \%user_in_work);
+ if (defined ($result) && ref ($result) eq "HASH") {
+ $plugins = [];
+ foreach my $plugin (keys %{$result}) {
+ if (bool ($result->{$plugin}) && !contains ($plugins, $plugin))
+ {
+ push @{$plugins}, $plugin;
+ }
+ }
+ $user_in_work{"plugins"} = $plugins;
+ }
return 1;
}
y2warning ("no such user");
@@ -2686,7 +2708,7 @@
if ($plugin_error) { return $plugin_error; }
$result = UsersPlugins->Apply ("Edit", $args, \%user);
- # check if plugin has done the 'EditBefore' action
+ # check if plugin has done the 'Edit' action
if (defined $result->{$plugin} && ref ($result->{$plugin}) eq "HASH") {
$result = ShowPluginWarning ($result);
%user = %{$result->{$plugin}};
@@ -3299,9 +3321,12 @@
%org_user = %{$user{"org_user"}};
}
if ($user{"type"} ne "ldap") {
+ if (($user{"plugin_modified"} || 0) == 1) {
+ return 1; #TODO save special plugin_modified global value?
+ }
# grouplist can be ignored, it is a modification of groups
while ( my ($key, $value) = each %org_user) {
-
+ last if $ret;
if ($key eq "grouplist") {
next;
}
@@ -3322,23 +3347,25 @@
if (!defined $user{$key} || $user{$key} ne $value)
{
$ret = 1;
- y2debug ("old value: $value, changed to: ",
- $user{$key} || "-" );
+ y2debug ("old value: ", $value || "(not defined)");
+ y2debug ("... changed to: ", $user{$key} || "(not defined)" );
}
}
return $ret;
-#FIXME what if there is a new key? it's not in org_user map...
}
# search result, because some attributes were not filled yet
my @internal_keys = @{UsersLDAP->GetUserInternal ()};
foreach my $key (keys %user) {
-
+ last if $ret;
my $value = $user{$key};
if (!defined $user{$key} || contains (\@internal_keys, $key) ||
ref ($value) eq "HASH" ) {
next;
}
- if (!defined ($org_user{$key})) {
+ if ($key eq "plugin_modified") {
+ $ret = 1;
+ }
+ elsif (!defined ($org_user{$key})) {
if ($value ne "") {
$ret = 1;
}
@@ -3356,15 +3383,43 @@
ref ($org_user{$key}) eq "YaST::YCP::Integer")) {
if ($user{$key}->value() == $value->value()) { next;}
}
+ y2debug (sformat ("$key modified: old %1 new %2", $org_user{$key}, $value));
$ret = 1;
}
}
- if (!$ret && defined $org_user{"crypted_home_size"} && defined $user{"crypted_home_size"}) {
+ # TODO should be caught in the previous tests?
+ if (!$ret &&
+ defined $org_user{"crypted_home_size"} &&
+ defined $user{"crypted_home_size"})
+ {
$ret = ($org_user{"crypted_home_size"} ne $user{"crypted_home_size"});
}
return $ret;
}
+# take the map of user and check if his crypted directory settings were modified
+# return boolean
+sub CryptedHomeModified {
+
+ my $self = shift;
+ my $user = shift;
+
+ my $username = $user->{"uid"} || "";
+ my $org_username = $user->{"org_user"}{"uid"} || $username;
+ my $home = $user->{"homedirectory"} || "";
+ my $org_home = $user->{"org_user"}{"homedirectory"} || $home;
+ my $home_size = $user->{"crypted_home_size"} || 0;
+ my $org_size = $user->{"org_user"}{"crypted_home_size"} || 0;
+ my $pw = $user->{"current_text_userpassword"};
+ my $new_pw = $user->{"text_userpassword"};
+
+ return 0 if ($home_size == 0 && $org_size == 0); # nothing to do
+ return 0 if (!defined $pw && !defined $new_pw); # no change without password provided :-(
+ return 0 if ($home eq $org_home && $username eq $org_username && $home_size == $org_size && $pw eq $new_pw);
+ return 1;
+}
+
+
# Substitute the values of LDAP atributes, predefined in LDAP user configuration
BEGIN { $TYPEINFO{SubstituteUserValues} = ["function", "void"] }
sub SubstituteUserValues {
@@ -3967,8 +4022,9 @@
}
##------------------------------------
-# remove home directories and
-# execute USERDEL_POSTCMD scripts for local/system users which should be deleted
+# 1. remove home directories,
+# 2. execute USERDEL_POSTCMD scripts for deleted local/system users
+# 3. call Write function of plugins to do the delete action
sub PostDeleteUsers {
my $ret = 1;
@@ -3985,11 +4041,20 @@
if (!defined $removed_users{$type}) {
next;
}
+ my $plugin_error;
foreach my $username (keys %{$removed_users{$type}}) {
my %user = %{$removed_users{$type}{$username}};
my $cmd = sprintf ("$userdel_postcmd $username %i %i %s",
$user{"uidnumber"}, $user{"gidnumber"}, $user{"homedirectory"});
SCR->Execute (".target.bash", $cmd);
+ # call the "Write" function from plugins...
+ my $args = {
+ "what" => "user",
+ "type" => $type,
+ "modified" => "deleted",
+ };
+ my $result = UsersPlugins->Apply ("Write", $args, \%user);
+ $plugin_error = GetPluginError ($args, $result);
};
};
return $ret;
@@ -4179,7 +4244,7 @@
# only remember for which users we need to call cryptconfig
foreach my $username (keys %{$modified_users{"ldap"}}) {
my %user = %{$modified_users{"ldap"}{$username}};
- if (defined $user{"crypted_home_size"}) {
+ if (defined $user{"crypted_home_size"} && $self->CryptedHomeModified (\%user)) {
$users_with_crypted_dir{$username} = \%user;
}
}
@@ -4233,7 +4298,7 @@
if ($groups_modified) {
if ($group_not_read) {
# error popup (%s is a file name)
- $ret = sprintf (__("File %s was not read correctly, so it will not be written."), "$base_directory/group");
+ $ret = sprintf (__("File %s was not read correctly, so it will not be written."), $base_directory."/group");
Report->Error ($ret);
return $ret;
}
@@ -4258,40 +4323,6 @@
Report->Error ($ret);
return $ret;
}
- # -------------------------------------- call Write on plugins
- foreach my $type (keys %modified_groups) {
- if ($type eq "ldap") { next; }
- foreach my $groupname (keys %{$modified_groups{$type}}) {
- if ($plugin_error) { last;}
- my $args = {
- "what" => "group",
- "type" => $type,
- "modified" => $modified_groups{$type}{$groupname}{"modified"}
- };
- my $result = UsersPlugins->Apply ("Write", $args,
- $modified_groups{$type}{$groupname});
- $plugin_error = GetPluginError ($args, $result);
-
- # store commands for calling groupadd_cmd script
- if ($groupadd_cmd ne "" && FileUtils->Exists ($groupadd_cmd)) {
- my $group = $modified_groups{$type}{$groupname};
- my $mod = $group->{"modified"} || "no";
- if ($mod eq "imported" || $mod eq "added") {
- my $cmd = sprintf ("%s %s", $groupadd_cmd, $groupname);
- push @groupadd_postcommands, $cmd;
- }
- }
- }
- # unset the 'modified' flags after write
- $self->UpdateGroupsAfterWrite ("local");
- $self->UpdateGroupsAfterWrite ("system");
- delete $modified_groups{"local"};
- delete $modified_groups{"system"};
- }
- if ($plugin_error) {
- Report->Error ($plugin_error);
- return $plugin_error;
- }
if (!$write_only) {
$nscd_group = 1;
}
@@ -4315,7 +4346,7 @@
if ($users_modified) {
if ($passwd_not_read) {
# error popup (%s is a file name)
- $ret = sprintf (__("File %s was not correctly read, so it will not be written."), "$base_directory/passwd");
+ $ret = sprintf (__("File %s was not correctly read, so it will not be written."), $base_directory."/passwd");
Report->Error ($ret);
return $ret;
}
@@ -4340,25 +4371,6 @@
Report->Error ($ret);
return $ret;
}
- # -------------------------------------- call Write on plugins
- foreach my $type (keys %modified_users) {
- if ($type eq "ldap") { next; }
- foreach my $username (keys %{$modified_users{$type}}) {
- if ($plugin_error) { last;}
- my $args = {
- "what" => "user",
- "type" => $type,
- "modified" => $modified_users{$type}{$username}{"modified"}
- };
- my $result = UsersPlugins->Apply ("Write", $args,
- $modified_users{$type}{$username});
- $plugin_error = GetPluginError ($args, $result);
- }
- }
- if ($plugin_error) {
- Report->Error ($plugin_error);
- return $plugin_error;
- }
if (!$write_only) {
$nscd_passwd = 1;
}
@@ -4378,7 +4390,7 @@
my $gid = $user{"gidnumber"};
my $create_home = $user{"create_home"};
my $skel = $useradd_defaults{"skel"};
- if (defined $user{"crypted_home_size"}) {
+ if (defined $user{"crypted_home_size"} && $self->CryptedHomeModified (\%user)) {
$users_with_crypted_dir{$username} = \%user;
}
if ($user_mod eq "imported" || $user_mod eq "added") {
@@ -4431,12 +4443,6 @@
}
}
}
- # unset the 'modified' flags after write
- $self->UpdateUsersAfterWrite ("local");
- $self->UpdateUsersAfterWrite ("system");
- # not modified after successful write
- delete $modified_users{"local"};
- delete $modified_users{"system"};
}
if (%users_with_crypted_dir) {
Package->Install ("cryptconfig");
@@ -4458,7 +4464,7 @@
if ($users_modified) {
if ($shadow_not_read) {
# error popup (%s is a file name)
- $ret = sprintf (__("File %s was not correctly read, so it will not be written."), "$base_directory/shadow");
+ $ret = sprintf (__("File %s was not correctly read, so it will not be written."), $base_directory."/shadow");
Report->Error ($ret);
return $ret;
}
@@ -4479,6 +4485,72 @@
}
}
+ # last operation on plugins must be done after nscd restart
+ # (at least quota seems to need it)
+ if ($users_modified) {
+ # -------------------------------------- call Write on plugins
+ foreach my $type (keys %modified_users) {
+ if ($type eq "ldap") { next; }
+ foreach my $username (keys %{$modified_users{$type}}) {
+ if ($plugin_error) { last;}
+ my $args = {
+ "what" => "user",
+ "type" => $type,
+ "modified" => $modified_users{$type}{$username}{"modified"}
+ };
+ my $result = UsersPlugins->Apply ("Write", $args,
+ $modified_users{$type}{$username});
+ $plugin_error = GetPluginError ($args, $result);
+ }
+ }
+ if ($plugin_error) {
+ Report->Error ($plugin_error);
+ return $plugin_error;
+ }
+ # unset the 'modified' flags after write
+ $self->UpdateUsersAfterWrite ("local");
+ $self->UpdateUsersAfterWrite ("system");
+ # not modified after successful write
+ delete $modified_users{"local"};
+ delete $modified_users{"system"};
+ }
+ if ($groups_modified) {
+ # -------------------------------------- call Write on plugins
+ foreach my $type (keys %modified_groups) {
+ if ($type eq "ldap") { next; }
+ foreach my $groupname (keys %{$modified_groups{$type}}) {
+ if ($plugin_error) { last;}
+ my $args = {
+ "what" => "group",
+ "type" => $type,
+ "modified" => $modified_groups{$type}{$groupname}{"modified"}
+ };
+ my $result = UsersPlugins->Apply ("Write", $args,
+ $modified_groups{$type}{$groupname});
+ $plugin_error = GetPluginError ($args, $result);
+
+ # store commands for calling groupadd_cmd script
+ if ($groupadd_cmd ne "" && FileUtils->Exists ($groupadd_cmd)) {
+ my $group = $modified_groups{$type}{$groupname};
+ my $mod = $group->{"modified"} || "no";
+ if ($mod eq "imported" || $mod eq "added") {
+ my $cmd = sprintf ("%s %s", $groupadd_cmd, $groupname);
+ push @groupadd_postcommands, $cmd;
+ }
+ }
+ }
+ # unset the 'modified' flags after write
+ $self->UpdateGroupsAfterWrite ("local");
+ $self->UpdateGroupsAfterWrite ("system");
+ delete $modified_groups{"local"};
+ delete $modified_groups{"system"};
+ }
+ if ($plugin_error) {
+ Report->Error ($plugin_error);
+ return $plugin_error;
+ }
+ }
+
# call make on NIS server
if (($users_modified || $groups_modified) && $nis_master) {
my %out = %{SCR->Execute (".target.bash_output",
@@ -4774,9 +4846,9 @@
}
my $filtered = $username;
-
+ my $type = $user_in_work{"type"} || "";
# Samba users may need to have '$' at the end of username (#40433)
- if (($user_in_work{"type"} || "") eq "ldap") {
+ if ($type eq "ldap") {
$filtered =~ s/\$$//g;
}
my $grep = SCR->Execute (".target.bash_output", "echo '$filtered' | grep '\^$character_class\$'", { "LANG" => "C" });
Modified: branches/SuSE-SLE-10-SP1-Branch/users/src/dialogs.ycp
URL: http://svn.opensuse.org/viewcvs/yast/branches/SuSE-SLE-10-SP1-Branch/users/src/dialogs.ycp?rev=41293&r1=41292&r2=41293&view=diff
==============================================================================
--- branches/SuSE-SLE-10-SP1-Branch/users/src/dialogs.ycp (original)
+++ branches/SuSE-SLE-10-SP1-Branch/users/src/dialogs.ycp Tue Oct 9 16:18:15 2007
@@ -37,6 +37,14 @@
string default_pw = "******";
+// check if this is installation stage -
+// adding user during firstboot should be same as during 2nd stage
+define boolean installation () {
+ return Stage::cont () || Stage::firstboot ();
+}
+
+
+
/**
* Upperase letters were used in username! (see bug #26409)
* In these popup, ask user what to do.
@@ -138,8 +146,7 @@
define symbol EditUserDialog (string what) {
// user has returned to the "add user dialog" during installation workflow:
- if (Users::StartDialog ("user_add") &&
- Stage::cont () && Users::UseNextTime ())
+ if (Users::StartDialog ("user_add") && installation () && Users::UseNextTime ())
{
Users::RestoreCurrentUser ();
Users::SetUseNextTime (false);
@@ -222,7 +229,7 @@
((user_type == "ldap" && Ldap::file_server) ||
(user_type == "local" || user_type == "system"));
- boolean complex_layout = Stage::cont () && Users::StartDialog ("user_add");
+ boolean complex_layout = installation () && Users::StartDialog ("user_add");
map