Author: jsuchome
Date: Wed Mar 5 15:52:46 2008
New Revision: 45217
URL: http://svn.opensuse.org/viewcvs/yast?rev=45217&view=rev
Log:
- check home directory of first user right before writing
- do not allow decrypting home when user is logged in (bnc#365547),
remove old home directory after all critical actions are done
- added installation proposal for user settings (fate#302980)
- 2.16.16
Added:
trunk/users/src/users_proposal.ycp (with props)
Modified:
trunk/users/VERSION
trunk/users/package/yast2-users.changes
trunk/users/src/Makefile.am
trunk/users/src/Users.pm
trunk/users/src/UsersRoutines.pm
trunk/users/src/dialogs.ycp
trunk/users/src/inst_root.ycp
trunk/users/src/inst_root_first.ycp
trunk/users/src/inst_user.ycp
trunk/users/src/inst_user_first.ycp
trunk/users/src/routines.ycp
trunk/users/src/widgets.ycp
Modified: trunk/users/VERSION
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/VERSION?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/VERSION (original)
+++ trunk/users/VERSION Wed Mar 5 15:52:46 2008
@@ -1 +1 @@
-2.16.15
+2.16.16
Modified: trunk/users/package/yast2-users.changes
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/package/yast2-users.changes?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/package/yast2-users.changes (original)
+++ trunk/users/package/yast2-users.changes Wed Mar 5 15:52:46 2008
@@ -1,4 +1,13 @@
-------------------------------------------------------------------
+Wed Mar 5 15:42:07 CET 2008 - jsuchome@suse.cz
+
+- check home directory of first user right before writing
+- do not allow decrypting home when user is logged in (bnc#365547),
+ remove old home directory after all critical actions are done
+- added installation proposal for user settings (fate#302980)
+- 2.16.16
+
+-------------------------------------------------------------------
Wed Mar 5 09:36:14 CET 2008 - jsuchome@suse.cz
- during installation, check if future /home doesn't contain home
Modified: trunk/users/src/Makefile.am
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/Makefile.am?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/Makefile.am (original)
+++ trunk/users/src/Makefile.am Wed Mar 5 15:52:46 2008
@@ -43,6 +43,7 @@
users_finish.ycp \
inst_auth.ycp \
users_auto.ycp \
+ users_proposal.ycp \
users_plugin_ldap_all.ycp \
users_plugin_ldap_passwordpolicy.ycp \
users_plugin_ldap_shadowaccount.ycp \
Modified: trunk/users/src/Users.pm
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/Users.pm?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/Users.pm (original)
+++ trunk/users/src/Users.pm Wed Mar 5 15:52:46 2008
@@ -5389,7 +5389,7 @@
# do not check pw when it wasn't changed - must be tested directly
if (defined ($user{"userpassword"}) ||
($user{"what"} || "") eq "add_user") {
- $error = $self->CheckPassword ($user{"userpassword"});
+ $error = UsersSimple->CheckPassword ($user{"userpassword"}, $type);
}
}
@@ -5448,12 +5448,13 @@
%group = %{$_[0]};
}
+ my $type = $group{"type"} || "";
my $error = $self->CheckGID ($group{"gidnumber"});
if ($error eq "") {
if ((defined $group{"userpassword"}) && ! bool ($group{"encrypted"})) {
- $error = $self->CheckPassword ($group{"userpassword"});
+ $error = UsersSimple->CheckPassword ($group{"userpassword"}, $type);
}
}
@@ -5464,7 +5465,7 @@
my $error_map =
UsersPlugins->Apply ("Check", {
"what" => "group",
- "type" => $group{"type"} || "",
+ "type" => $type,
"modified" => $group{"modified"} || "",
"plugins" => $group{"plugins"}
}, \%group);
Modified: trunk/users/src/UsersRoutines.pm
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/UsersRoutines.pm?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/UsersRoutines.pm (original)
+++ trunk/users/src/UsersRoutines.pm Wed Mar 5 15:52:46 2008
@@ -16,6 +16,7 @@
##------------------------------------
##------------------- global imports
+YaST::YCP::Import ("Report");
YaST::YCP::Import ("SCR");
##------------------------------------
@@ -320,6 +321,7 @@
{
SCR->Write (".target.string", $pw_path, $pw);
my $command = "$cryptconfig open --key-file=$org_key $org_img < $pw_path";
+ y2debug ("cmd: $command");
my $out = SCR->Execute (".target.bash_output", $command);
SCR->Execute (".target.remove", $pw_path);
if ($out->{"exit"} ne 0) {
@@ -345,9 +347,8 @@
# TODO translated message for mount error
return 0;
}
- SCR->Execute (".target.bash", "/bin/rm -rf $home");
- # copy the directory content
- $command = "/bin/cp -ar $mnt_dir $home";
+ # copy the directory content to tmp home
+ $command = "/bin/cp -ar $mnt_dir $tmpdir/$username";
y2debug ("cmd: $command");
$out = SCR->Execute (".target.bash_output", $command);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
@@ -377,6 +378,11 @@
Report->Error ($out->{"stderr"});
return 0;
}
+ # Now, after everything succeeded, remove old home and replace it
+ # with the data from crypted image:
+ SCR->Execute (".target.bash", "/bin/rm -rf $home");
+ $out = SCR->Execute (".target.bash_output", "/bin/mv $tmpdir/$username $home");
+ y2error ("error while mv: ", $out->{"stderr"}) if ($out->{"stderr"});
# remove image and key files
SCR->Execute (".target.bash", "/bin/rm -rf $org_img");
SCR->Execute (".target.bash", "/bin/rm -rf $org_key");
@@ -497,10 +503,17 @@
if (defined $pam_mount_cont &&
defined $pam_mount_cont->{"pam_mount"}{"volume"})
{
- foreach my $usermap (@{$pam_mount_cont->{"pam_mount"}{"volume"}}) {
- my $username = $usermap->{"user"}{"value"};
- next if !defined $username;
- $pam_mount->{$username} = $usermap;
+ my $volumes = $pam_mount_cont->{"pam_mount"}{"volume"};
+ if (ref ($volumes) eq "HASH") {
+ my $username = $volumes->{"user"}{"value"};
+ $pam_mount->{$username} = $volumes if defined $username;
+ }
+ elsif (ref ($volumes) eq "ARRAY") {
+ foreach my $usermap (@{$volumes}) {
+ my $username = $usermap->{"user"}{"value"};
+ next if !defined $username;
+ $pam_mount->{$username} = $usermap;
+ }
}
}
return 1 if defined $pam_mount;
Modified: trunk/users/src/dialogs.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/dialogs.ycp?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/dialogs.ycp (original)
+++ trunk/users/src/dialogs.ycp Wed Mar 5 15:52:46 2008
@@ -980,7 +980,7 @@
}
if ((pw1 != "" || !tab) && pw1 != default_pw)
{
- error = Users::CheckPassword (pw1);
+ error = UsersSimple::CheckPassword (pw1, user_type);
if (error != "")
{
Report::Error (error);
@@ -1149,6 +1149,15 @@
if (current == `details && ret == `crypted_home)
{
boolean checked = (boolean) UI::QueryWidget (`id (`crypted_home), `Value);
+ if (!checked && UserLogged (org_username))
+ {
+ // error popup
+ Report::Error(_("The home directory for this user cannot be decrypted,
+because the user is currently logged in.
+Log the user out first."));
+ UI::ChangeWidget (`id (`crypted_home), `Value, true);
+ continue;
+ }
if (checked && (integer) UI::QueryWidget (`id (`dirsize), `Value) == 10)
UI::ChangeWidget (`id (`dirsize), `Value, default_crypted_size);
UI::ChangeWidget (`id (`dirsize), `Enabled, checked);
@@ -1964,7 +1973,7 @@
}
if ( pw1 != "" && pw1 != default_pw )
{
- error = Users::CheckPassword (pw1);
+ error = UsersSimple::CheckPassword (pw1, group_type);
if (error != "")
{
Report::Error (error);
Modified: trunk/users/src/inst_root.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/inst_root.ycp?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/inst_root.ycp (original)
+++ trunk/users/src/inst_root.ycp Wed Mar 5 15:52:46 2008
@@ -66,14 +66,16 @@
// advise user to remember his new password
`Label(_("Do not forget what you enter here.")),
`VSpacing(0.8),
- // Label: get password for user root
- `Password (`id(`pw1), _("&Password for root User"), ""),
+ `Password (`id(`pw1), `opt (`hstretch),
+ // Label: get password for user root
+ _("&Password for root User"), ""),
`VSpacing(0.8),
- // Label: get same password again for verification
- `Password (`id(`pw2), _("Con&firm Password"), ""),
+ `Password (`id(`pw2), `opt (`hstretch),
+ // Label: get same password again for verification
+ _("Con&firm Password"), ""),
`VSpacing (2.4),
// text entry label
- `TextEntry (_("&Test Keyboard Layout"))
+ `InputField (`opt(`hstretch),_("&Test Keyboard Layout"))
)),
`VSpacing(2),
// push button
Modified: trunk/users/src/inst_root_first.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/inst_root_first.ycp?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/inst_root_first.ycp (original)
+++ trunk/users/src/inst_root_first.ycp Wed Mar 5 15:52:46 2008
@@ -33,6 +33,8 @@
// Title for root-password dialogue
string title = _("Password for the System Administrator \"root\"");
+ string password = UsersSimple::GetRootPassword ();
+
term contents = `VBox (
`VStretch (),
`HSquash (`VBox (
@@ -41,11 +43,13 @@
`VSpacing(0.8),
`Password (`id(`pw1), `opt (`hstretch),
// Label: get password for user root
- _("&Password for root User"), ""),
+ _("&Password for root User"),
+ password == nil ? "" : "*****"),
`VSpacing(0.8),
`Password (`id(`pw2), `opt (`hstretch),
// Label: get same password again for verification
- _("Con&firm Password"), "")
+ _("Con&firm Password"),
+ password == nil ? "" : "*****")
)),
`VStretch ()
);
@@ -95,7 +99,6 @@
if (Mode::normal ()) Wizard::CreateDialog (); // for testing only
-// Wizard::SetDesktopIcon("yast-users");
Wizard::SetDesktopIcon("yast-users");
Wizard::SetContents (title, contents, helptext,
GetInstArgs::enable_back(),
@@ -121,6 +124,8 @@
continue;
}
}
+ if (ret == `accept) // from proposal
+ ret = `next;
if (ret == `next)
{
Modified: trunk/users/src/inst_user.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/inst_user.ycp?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/inst_user.ycp (original)
+++ trunk/users/src/inst_user.ycp Wed Mar 5 15:52:46 2008
@@ -13,6 +13,7 @@
textdomain "users";
import "Autologin";
+ import "FileUtils";
import "GetInstArgs";
import "Package";
import "Label";
@@ -30,6 +31,7 @@
if (!GetInstArgs::going_back())
UsersSimple::Read ();
+ // check if the user was configured in the 1st stage
if (!GetInstArgs::going_back() &&
UsersSimple::AfterAuth () == "users" &&
UsersSimple::GetUser () != $[])
@@ -38,6 +40,18 @@
y2milestone ("user defined in 1st stage, let's save now...");
boolean progress_orig = Progress::set (false);
Users::Read ();
+
+ // now, check if home directory exists and adapt uidnumber to its owner
+ string home = user["home"]:"";
+ if (home == "" && user["uid"]:"" != "")
+ home = Users::GetDefaultHome ("local") + user["uid"]:"";
+ if (home != "" && FileUtils::IsDirectory (home))
+ {
+ map stat = (map) SCR::Read (.target.stat, home);
+ integer uid = stat["uid"]:-1;
+ if (uid != -1)
+ user["uidnumber"] = uid;
+ }
string error = Users::AddUser (user);
if (error == "")
error = Users::CheckUser ($[]);
Modified: trunk/users/src/inst_user_first.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/inst_user_first.ycp?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/inst_user_first.ycp (original)
+++ trunk/users/src/inst_user_first.ycp Wed Mar 5 15:52:46 2008
@@ -17,15 +17,12 @@
import "Package";
import "Progress";
import "Report";
- import "Storage";
import "String";
import "UsersSimple";
import "Wizard";
textdomain "users";
- map home_map = Storage::GetEntryForMountpoint( "/home" );
- string tmpdir = Directory::tmpdir;
map display_info = UI::GetDisplayInfo ();
boolean text_mode = display_info["TextMode"]:false;
@@ -351,14 +348,6 @@
`InputField (`id (`username), `opt (`notify, `hstretch),
// input field for login name
_("&Username"),username),
- /*
- `TextEntry (`id (`cn), `opt (`notify, `hstretch),
- // text entry
- _("User's &Full Name"), cn),
- `TextEntry (`id (`username), `opt (`notify, `hstretch),
- // input field for login name
- _("&Username"),username),
- */
`Password (`id (`pw1), `opt (`hstretch), Label::Password(),
password == nil ? "" : "*****"),
`Password (`id (`pw2), `opt (`hstretch), Label::ConfirmPassword(),
@@ -436,6 +425,8 @@
{
login_modified = true;
}
+ if (ret == `accept) // from proposal
+ ret = `next;
if (ret == `next)
{
string error = "";
@@ -525,18 +516,6 @@
continue;
}
// set UID if home directory is found on future home partition
- if (home_map != $[] && home_map["format"]:false == false)
- {
- string dir = tmpdir + "/home";
- SCR::Execute (.target.mkdir, dir);
- if ((boolean)
- SCR::Execute (.target.mount, [home_map["device"]:"", dir]))
- {
- map stat = (map)SCR::Read (.target.stat, dir+"/"+ username);
- uidnumber = stat["uid"]:-1;
- SCR::Execute (.target.umount, dir);
- }
- }
password = pw1;
}
if (contains ([`back, `abort, `cancel, `next], ret))
@@ -554,8 +533,6 @@
"userpassword" : password,
"cn" : cn
];
- if (uidnumber != -1)
- user_map["uidnumber"] = uidnumber;
UsersSimple::SetUser (user_map);
boolean root_pw = (boolean) UI::QueryWidget (`id (`root_pw),`Value);
UsersSimple::SkipRootPasswordDialog (root_pw);
Modified: trunk/users/src/routines.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/routines.ycp?rev=45217&r1=45216&r2=45217&view=diff
==============================================================================
--- trunk/users/src/routines.ycp (original)
+++ trunk/users/src/routines.ycp Wed Mar 5 15:52:46 2008
@@ -8,6 +8,8 @@
*
*/
{
+import "Mode";
+
textdomain "users";
/**
@@ -77,5 +79,14 @@
if ( what == `givenName ) return givenName;
}
+// if the user has log on system
+define boolean UserLogged (string name) {
+
+ map out = (map) SCR::Execute (.target.bash_output,
+ sformat ("ps --no-headers -u %1", name));
+ string proc = out["stdout"]:"";
+ return (size (proc) != 0 && !Mode::config ());
+}
+
} // EOF
Added: trunk/users/src/users_proposal.ycp
URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/users_proposal.ycp?rev=45217&view=auto
==============================================================================
--- trunk/users/src/users_proposal.ycp (added)
+++ trunk/users/src/users_proposal.ycp Wed Mar 5 15:52:46 2008
@@ -0,0 +1,81 @@
+/**
+ * File: users_proposal.ycp
+ * Author: Jiri Suchomel