Author: jsuchome Date: Thu Mar 10 16:00:13 2011 New Revision: 63559 URL: http://svn.opensuse.org/viewcvs/yast?rev=63559&view=rev Log: - added possibility to take old encrypted directory by new user (bnc#425745) - 2.21.0 Modified: trunk/users/VERSION trunk/users/package/yast2-users.changes trunk/users/src/Users.pm trunk/users/src/UsersRoutines.pm trunk/users/src/dialogs.ycp Modified: trunk/users/VERSION URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/VERSION?rev=63559&r1=63558&r2=63559&view=diff ============================================================================== --- trunk/users/VERSION (original) +++ trunk/users/VERSION Thu Mar 10 16:00:13 2011 @@ -1 +1 @@ -2.20.2 +2.21.0 Modified: trunk/users/package/yast2-users.changes URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/package/yast2-users.changes?rev=63559&r1=63558&r2=63559&view=diff ============================================================================== --- trunk/users/package/yast2-users.changes (original) +++ trunk/users/package/yast2-users.changes Thu Mar 10 16:00:13 2011 @@ -1,4 +1,11 @@ ------------------------------------------------------------------- +Thu Mar 10 15:58:17 CET 2011 - jsuchome@suse.cz + +- added possibility to take old encrypted directory by new user + (bnc#425745) +- 2.21.0 + +------------------------------------------------------------------- Thu Feb 17 10:59:38 CET 2011 - jsuchome@suse.cz - do not run both 'user' and 'user_non_interactive' steps Modified: trunk/users/src/Users.pm URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/Users.pm?rev=63559&r1=63558&r2=63559&view=diff ============================================================================== --- trunk/users/src/Users.pm (original) +++ trunk/users/src/Users.pm Thu Mar 10 16:00:13 2011 @@ -3445,7 +3445,8 @@ return 0 if ($home_size == 0 && $org_size == 0); # nothing to do return 0 if (!defined $pw && !defined $new_pw); # no change without password provided :-( - return 0 if ($home eq $org_home && $username eq $org_username && $home_size == $org_size && $pw eq $new_pw); + return 0 if ($home eq $org_home && $username eq $org_username && $home_size == $org_size && + (($pw || "") eq ($new_pw || ""))); return 1; } Modified: trunk/users/src/UsersRoutines.pm URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/UsersRoutines.pm?rev=63559&r1=63558&r2=63559&view=diff ============================================================================== --- trunk/users/src/UsersRoutines.pm (original) +++ trunk/users/src/UsersRoutines.pm Thu Mar 10 16:00:13 2011 @@ -16,6 +16,7 @@ ##------------------------------------ ##------------------- global imports +YaST::YCP::Import ("FileUtils"); YaST::YCP::Import ("Pam"); YaST::YCP::Import ("Report"); YaST::YCP::Import ("SCR"); @@ -32,6 +33,12 @@ # 'volume' information from pam_mount (info about crypted homes) my $pam_mount = undef; +# owners of img files +my $img2user = undef; + +# owners of key files +my $key2user = undef; + # could we use pam_mount? currntly not if fingerprint dev is in use (bnc#390810) my $crypted_homes_enabled = undef; @@ -335,7 +342,7 @@ { SCR->Write (".target.string", $pw_path, $pw); my $command = "$cryptconfig open --key-file=$org_key $org_img < $pw_path"; - y2debug ("cmd: $command"); + y2milestone ("cmd: $command"); my $out = SCR->Execute (".target.bash_output", $command); SCR->Execute (".target.remove", $pw_path); if ($out->{"exit"} ne 0) { @@ -354,7 +361,7 @@ SCR->Execute (".target.bash", "/bin/rm -rf $mnt_dir") if (FileUtils->Exists ($mnt_dir)); SCR->Execute (".target.mkdir", $mnt_dir); $command = "mount -o loop $image_path $mnt_dir"; - y2debug ("cmd: $command"); + y2milestone ("cmd: $command"); $out = SCR->Execute (".target.bash_output", $command); if ($out->{"exit"} ne 0 && $out->{"stderr"}) { y2error ("error calling $command: ", $out->{"stderr"}); @@ -363,21 +370,21 @@ } # copy the directory content to tmp home $command = "/bin/cp -ar $mnt_dir $tmpdir/$username"; - y2debug ("cmd: $command"); + y2milestone ("cmd: $command"); $out = SCR->Execute (".target.bash_output", $command); if ($out->{"exit"} ne 0 && $out->{"stderr"}) { y2error ("error calling $command: ", $out->{"stderr"}); return 0; } $command = "umount $mnt_dir"; - y2debug ("cmd: $command"); + y2milestone ("cmd: $command"); $out = SCR->Execute (".target.bash_output", $command); if ($out->{"exit"} ne 0 && $out->{"stderr"}) { y2error ("error calling $command: ", $out->{"stderr"}); return 0; } $command = "$cryptconfig pm-disable $username"; - y2debug ("cmd: $command"); + y2milestone ("cmd: $command"); $out = SCR->Execute (".target.bash_output", $command); if ($out->{"exit"} ne 0 && $out->{"stderr"}) { y2error ("error calling $command: ", $out->{"stderr"}); @@ -385,7 +392,7 @@ return 0; } $command = "$cryptconfig close $org_img"; - y2debug ("cmd: $command"); + y2milestone ("cmd: $command"); $out = SCR->Execute (".target.bash_output", $command); if ($out->{"exit"} ne 0 && $out->{"stderr"}) { y2error ("error calling $command: ", $out->{"stderr"}); @@ -402,7 +409,6 @@ SCR->Execute (".target.bash", "/bin/rm -rf $org_key"); return 1; } - # check user renaming or directory move if ($home ne $org_home || $org_username ne $username) { if (FileUtils->Exists ($org_img)) { @@ -428,22 +434,27 @@ } } } - SCR->Write (".target.string", $pw_path, $pw); + if (defined $user->{"take_existing_image"}) { + $image_file = "$home.img" if FileUtils->Exists ("$home.img"); + $key_file = "$home.key" if FileUtils->Exists ("$home.key"); + y2milestone ("going to yake image $image_file by user $username"); + } if (defined $key_file || defined $image_file) { $cmd = "$cryptconfig pm-enable --replace "; $cmd = $cmd."--key-file=$key_file " if defined $key_file; $cmd = $cmd."--image-file=$image_file " if defined $image_file; $cmd = $cmd."$username"; - y2debug ("cmd: $cmd"); + y2milestone ("cmd: $cmd"); my $out = SCR->Execute (".target.bash_output", $cmd); if ($out->{"exit"} ne 0 && $out->{"stderr"}) { Report->Error ($out->{"stderr"}); - SCR->Execute (".target.remove", $pw_path); return 0; } } + SCR->Write (".target.string", $pw_path, $pw); + # now check if existing image doesn't need resizing $key_file = $org_key if (!defined $key_file && FileUtils->Exists ($org_key)); $image_file = $org_img if (!defined $image_file && FileUtils->Exists ($org_img)); @@ -452,7 +463,7 @@ if ($modified eq "edited" && defined $key_file && defined $new_pw && $new_pw ne $pw) { SCR->Write (".target.string", $pw_path, "$pw\n$new_pw"); my $command = "$cryptconfig passwd --no-verify $key_file < $pw_path"; - y2debug ("cmd: $command"); + y2milestone ("cmd: $command"); my $out = SCR->Execute (".target.bash_output", $command); if ($out->{"exit"} ne 0) { y2error ("error calling $command"); @@ -478,12 +489,12 @@ } # ok, only password change was needed else { - y2debug ("nothing to do"); + y2milestone ("nothing to do"); SCR->Execute (".target.remove", $pw_path); return 1; } - y2debug ("cmd: $cmd"); + y2milestone ("cmd: $cmd"); my $out = SCR->Execute (".target.bash_output", $cmd); if ($out->{"exit"} ne 0 && $out->{"stderr"}) { Report->Error ($out->{"stderr"}); @@ -528,6 +539,10 @@ my $username = $usermap->{"user"}; next if !defined $username; $pam_mount->{$username} = $usermap; + my $img = $usermap->{"path"} || ""; + $img2user->{$img} = $username if $img; + my $key = $usermap->{"fskeypath"} || ""; + $key2user->{$key} = $username if $key; } } } @@ -541,6 +556,38 @@ } ##------------------------------------ +# Return the owner of given crypted directory image +# @param image name +# @return string +BEGIN { $TYPEINFO{CryptedImageOwner} = ["function", "string", "string"];} +sub CryptedImageOwner { + + my $self = shift; + my $img_file= shift; + + if ($self->ReadCryptedHomesInfo ()) { + return $img2user->{$img_file} || ""; + } + return ""; +} + +##------------------------------------ +# Return the owner of given crypted directory key +# @param key name +# @return string +BEGIN { $TYPEINFO{CryptedKeyOwner} = ["function", "string", "string"];} +sub CryptedKeyOwner { + + my $self = shift; + my $key_file= shift; + + if ($self->ReadCryptedHomesInfo ()) { + return $key2user->{$key_file} || ""; + } + return ""; +} + +##------------------------------------ # Return the path to user's crypted directory image; returns empty string if there is none defined # @param user name # @return string Modified: trunk/users/src/dialogs.ycp URL: http://svn.opensuse.org/viewcvs/yast/trunk/users/src/dialogs.ycp?rev=63559&r1=63558&r2=63559&view=diff ============================================================================== --- trunk/users/src/dialogs.ycp (original) +++ trunk/users/src/dialogs.ycp Thu Mar 10 16:00:13 2011 @@ -309,6 +309,20 @@ } /** + * helper function: show a popup if existing crypted home directory file + * should be used by current user + */ + boolean ask_take_image (string img_file, string key_file) { + + // yes/no popup label, %1,%2 are file paths + return Popup::YesNo (sformat (_("Crypted directory image and key files +'%1' and '%2' +were found. Use them for current user? + +This means that data from this image will be used instead of current home directory."), img_file, key_file)); + } + + /** * helper function: show a popup if existing home directory should be used * and its ownership should be changed */ @@ -324,7 +338,7 @@ `CheckBox (`id(`chown_home), _("&Change directory owner"), chown_default) ), - `HBox( + `ButtonBox( `PushButton (`id(`yes), `opt(`default), Label::YesButton()), `PushButton (`id(`no), Label::NoButton()) ), @@ -1736,8 +1750,26 @@ ) ) { + string img_file = sformat ("%1.img", home); + string key_file = sformat ("%1.key", home); + // ask to take existing orphaned image by user + // without current directory encrypted (bnc#425745) + if (org_crypted_home_size == 0 && + FileUtils::Exists (img_file) && FileUtils::Exists (key_file) && + UsersRoutines::CryptedImageOwner (img_file) == "" && + UsersRoutines::CryptedImageOwner (key_file) == "" && + ask_take_image (img_file, key_file) + ) + { + user["take_existing_image"] = img_file; + } + + // do not ask when enabling for first time and password was already entered - if ((user["encrypted"]:false == false || user["text_userpassword"]:nil != nil) && + // do not ask when taking existing image, pw not needed for that FIXME really? + if ((user["encrypted"]:false == false || + user["text_userpassword"]:nil != nil || + user["take_existing_image"]:"" != "") && org_crypted_home_size == 0) { user["current_text_userpassword"] = (user["text_userpassword"]:nil != nil) ? -- To unsubscribe, e-mail: yast-commit+unsubscribe@opensuse.org For additional commands, e-mail: yast-commit+help@opensuse.org