Mailinglist Archive: yast-commit (195 mails)

< Previous Next >
[yast-commit] r63559 - in /trunk/users: VERSION package/yast2-users.changes src/Users.pm src/UsersRoutines.pm src/dialogs.ycp
Author: jsuchome
Date: Thu Mar 10 16:00:13 2011
New Revision: 63559

URL: http://svn.opensuse.org/viewcvs/yast?rev=63559&view=rev
Log:
- added possibility to take old encrypted directory by new user
(bnc#425745)
- 2.21.0


Modified:
trunk/users/VERSION
trunk/users/package/yast2-users.changes
trunk/users/src/Users.pm
trunk/users/src/UsersRoutines.pm
trunk/users/src/dialogs.ycp

Modified: trunk/users/VERSION
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/users/VERSION?rev=63559&r1=63558&r2=63559&view=diff
==============================================================================
--- trunk/users/VERSION (original)
+++ trunk/users/VERSION Thu Mar 10 16:00:13 2011
@@ -1 +1 @@
-2.20.2
+2.21.0

Modified: trunk/users/package/yast2-users.changes
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/users/package/yast2-users.changes?rev=63559&r1=63558&r2=63559&view=diff
==============================================================================
--- trunk/users/package/yast2-users.changes (original)
+++ trunk/users/package/yast2-users.changes Thu Mar 10 16:00:13 2011
@@ -1,4 +1,11 @@
-------------------------------------------------------------------
+Thu Mar 10 15:58:17 CET 2011 - jsuchome@xxxxxxx
+
+- added possibility to take old encrypted directory by new user
+ (bnc#425745)
+- 2.21.0
+
+-------------------------------------------------------------------
Thu Feb 17 10:59:38 CET 2011 - jsuchome@xxxxxxx

- do not run both 'user' and 'user_non_interactive' steps

Modified: trunk/users/src/Users.pm
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/users/src/Users.pm?rev=63559&r1=63558&r2=63559&view=diff
==============================================================================
--- trunk/users/src/Users.pm (original)
+++ trunk/users/src/Users.pm Thu Mar 10 16:00:13 2011
@@ -3445,7 +3445,8 @@

return 0 if ($home_size == 0 && $org_size == 0); # nothing to do
return 0 if (!defined $pw && !defined $new_pw); # no change without
password provided :-(
- return 0 if ($home eq $org_home && $username eq $org_username &&
$home_size == $org_size && $pw eq $new_pw);
+ return 0 if ($home eq $org_home && $username eq $org_username &&
$home_size == $org_size &&
+ (($pw || "") eq ($new_pw || "")));
return 1;
}


Modified: trunk/users/src/UsersRoutines.pm
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/users/src/UsersRoutines.pm?rev=63559&r1=63558&r2=63559&view=diff
==============================================================================
--- trunk/users/src/UsersRoutines.pm (original)
+++ trunk/users/src/UsersRoutines.pm Thu Mar 10 16:00:13 2011
@@ -16,6 +16,7 @@
##------------------------------------
##------------------- global imports

+YaST::YCP::Import ("FileUtils");
YaST::YCP::Import ("Pam");
YaST::YCP::Import ("Report");
YaST::YCP::Import ("SCR");
@@ -32,6 +33,12 @@
# 'volume' information from pam_mount (info about crypted homes)
my $pam_mount = undef;

+# owners of img files
+my $img2user = undef;
+
+# owners of key files
+my $key2user = undef;
+
# could we use pam_mount? currntly not if fingerprint dev is in use
(bnc#390810)
my $crypted_homes_enabled = undef;

@@ -335,7 +342,7 @@
{
SCR->Write (".target.string", $pw_path, $pw);
my $command = "$cryptconfig open --key-file=$org_key $org_img <
$pw_path";
- y2debug ("cmd: $command");
+ y2milestone ("cmd: $command");
my $out = SCR->Execute (".target.bash_output", $command);
SCR->Execute (".target.remove", $pw_path);
if ($out->{"exit"} ne 0) {
@@ -354,7 +361,7 @@
SCR->Execute (".target.bash", "/bin/rm -rf $mnt_dir") if
(FileUtils->Exists ($mnt_dir));
SCR->Execute (".target.mkdir", $mnt_dir);
$command = "mount -o loop $image_path $mnt_dir";
- y2debug ("cmd: $command");
+ y2milestone ("cmd: $command");
$out = SCR->Execute (".target.bash_output", $command);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
y2error ("error calling $command: ", $out->{"stderr"});
@@ -363,21 +370,21 @@
}
# copy the directory content to tmp home
$command = "/bin/cp -ar $mnt_dir $tmpdir/$username";
- y2debug ("cmd: $command");
+ y2milestone ("cmd: $command");
$out = SCR->Execute (".target.bash_output", $command);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
y2error ("error calling $command: ", $out->{"stderr"});
return 0;
}
$command = "umount $mnt_dir";
- y2debug ("cmd: $command");
+ y2milestone ("cmd: $command");
$out = SCR->Execute (".target.bash_output", $command);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
y2error ("error calling $command: ", $out->{"stderr"});
return 0;
}
$command = "$cryptconfig pm-disable $username";
- y2debug ("cmd: $command");
+ y2milestone ("cmd: $command");
$out = SCR->Execute (".target.bash_output", $command);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
y2error ("error calling $command: ", $out->{"stderr"});
@@ -385,7 +392,7 @@
return 0;
}
$command = "$cryptconfig close $org_img";
- y2debug ("cmd: $command");
+ y2milestone ("cmd: $command");
$out = SCR->Execute (".target.bash_output", $command);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
y2error ("error calling $command: ", $out->{"stderr"});
@@ -402,7 +409,6 @@
SCR->Execute (".target.bash", "/bin/rm -rf $org_key");
return 1;
}
-
# check user renaming or directory move
if ($home ne $org_home || $org_username ne $username) {
if (FileUtils->Exists ($org_img)) {
@@ -428,22 +434,27 @@
}
}
}
- SCR->Write (".target.string", $pw_path, $pw);
+ if (defined $user->{"take_existing_image"}) {
+ $image_file = "$home.img" if FileUtils->Exists ("$home.img");
+ $key_file = "$home.key" if FileUtils->Exists ("$home.key");
+ y2milestone ("going to yake image $image_file by user $username");
+ }

if (defined $key_file || defined $image_file) {
$cmd = "$cryptconfig pm-enable --replace ";
$cmd = $cmd."--key-file=$key_file " if defined $key_file;
$cmd = $cmd."--image-file=$image_file " if defined $image_file;
$cmd = $cmd."$username";
- y2debug ("cmd: $cmd");
+ y2milestone ("cmd: $cmd");
my $out = SCR->Execute (".target.bash_output", $cmd);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
Report->Error ($out->{"stderr"});
- SCR->Execute (".target.remove", $pw_path);
return 0;
}
}

+ SCR->Write (".target.string", $pw_path, $pw);
+
# now check if existing image doesn't need resizing
$key_file = $org_key if (!defined $key_file && FileUtils->Exists
($org_key));
$image_file = $org_img if (!defined $image_file &&
FileUtils->Exists ($org_img));
@@ -452,7 +463,7 @@
if ($modified eq "edited" && defined $key_file && defined $new_pw &&
$new_pw ne $pw) {
SCR->Write (".target.string", $pw_path, "$pw\n$new_pw");
my $command = "$cryptconfig passwd --no-verify $key_file < $pw_path";
- y2debug ("cmd: $command");
+ y2milestone ("cmd: $command");
my $out = SCR->Execute (".target.bash_output", $command);
if ($out->{"exit"} ne 0) {
y2error ("error calling $command");
@@ -478,12 +489,12 @@
}
# ok, only password change was needed
else {
- y2debug ("nothing to do");
+ y2milestone ("nothing to do");
SCR->Execute (".target.remove", $pw_path);
return 1;
}

- y2debug ("cmd: $cmd");
+ y2milestone ("cmd: $cmd");
my $out = SCR->Execute (".target.bash_output", $cmd);
if ($out->{"exit"} ne 0 && $out->{"stderr"}) {
Report->Error ($out->{"stderr"});
@@ -528,6 +539,10 @@
my $username = $usermap->{"user"};
next if !defined $username;
$pam_mount->{$username} = $usermap;
+ my $img = $usermap->{"path"} || "";
+ $img2user->{$img} = $username if $img;
+ my $key = $usermap->{"fskeypath"} || "";
+ $key2user->{$key} = $username if $key;
}
}
}
@@ -541,6 +556,38 @@
}

##------------------------------------
+# Return the owner of given crypted directory image
+# @param image name
+# @return string
+BEGIN { $TYPEINFO{CryptedImageOwner} = ["function", "string", "string"];}
+sub CryptedImageOwner {
+
+ my $self = shift;
+ my $img_file= shift;
+
+ if ($self->ReadCryptedHomesInfo ()) {
+ return $img2user->{$img_file} || "";
+ }
+ return "";
+}
+
+##------------------------------------
+# Return the owner of given crypted directory key
+# @param key name
+# @return string
+BEGIN { $TYPEINFO{CryptedKeyOwner} = ["function", "string", "string"];}
+sub CryptedKeyOwner {
+
+ my $self = shift;
+ my $key_file= shift;
+
+ if ($self->ReadCryptedHomesInfo ()) {
+ return $key2user->{$key_file} || "";
+ }
+ return "";
+}
+
+##------------------------------------
# Return the path to user's crypted directory image; returns empty string if
there is none defined
# @param user name
# @return string

Modified: trunk/users/src/dialogs.ycp
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/users/src/dialogs.ycp?rev=63559&r1=63558&r2=63559&view=diff
==============================================================================
--- trunk/users/src/dialogs.ycp (original)
+++ trunk/users/src/dialogs.ycp Thu Mar 10 16:00:13 2011
@@ -309,6 +309,20 @@
}

/**
+ * helper function: show a popup if existing crypted home directory file
+ * should be used by current user
+ */
+ boolean ask_take_image (string img_file, string key_file) {
+
+ // yes/no popup label, %1,%2 are file paths
+ return Popup::YesNo (sformat (_("Crypted directory image and key files
+'%1' and '%2'
+were found. Use them for current user?
+
+This means that data from this image will be used instead of current home
directory."), img_file, key_file));
+ }
+
+ /**
* helper function: show a popup if existing home directory should be used
* and its ownership should be changed
*/
@@ -324,7 +338,7 @@
`CheckBox (`id(`chown_home), _("&Change directory owner"),
chown_default)
),
- `HBox(
+ `ButtonBox(
`PushButton (`id(`yes), `opt(`default), Label::YesButton()),
`PushButton (`id(`no), Label::NoButton())
),
@@ -1736,8 +1750,26 @@
)
)
{
+ string img_file = sformat ("%1.img", home);
+ string key_file = sformat ("%1.key", home);
+ // ask to take existing orphaned image by user
+ // without current directory encrypted (bnc#425745)
+ if (org_crypted_home_size == 0 &&
+ FileUtils::Exists (img_file) && FileUtils::Exists
(key_file) &&
+ UsersRoutines::CryptedImageOwner (img_file) == "" &&
+ UsersRoutines::CryptedImageOwner (key_file) == "" &&
+ ask_take_image (img_file, key_file)
+ )
+ {
+ user["take_existing_image"] = img_file;
+ }
+
+
// do not ask when enabling for first time and password was
already entered
- if ((user["encrypted"]:false == false ||
user["text_userpassword"]:nil != nil) &&
+ // do not ask when taking existing image, pw not needed for
that FIXME really?
+ if ((user["encrypted"]:false == false ||
+ user["text_userpassword"]:nil != nil ||
+ user["take_existing_image"]:"" != "") &&
org_crypted_home_size == 0)
{
user["current_text_userpassword"] =
(user["text_userpassword"]:nil != nil) ?

--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages