[debian-edu-commits] debian-edu/upstream/ 68/71: Next upload will include the robustness rewrite.

Petter Reinholdtsen pere at moszumanska.debian.org
Mon Jun 9 18:25:41 UTC 2014 

This is an automated email from the git hooks/post-receive script.

pere pushed a commit to branch master
in repository libpam-mklocaluser.

commit f144d28bb39b8db1473bc9023aaf7d6c6f12a0c0
Author: Petter Reinholdtsen <pere at hungry.com>
Date:   Sat May 4 11:40:04 2013 +0000

    Next upload will include the robustness rewrite.
---
 debian/changelog     | 15 +++++++++++++++
 debian/pam-python.py | 43 ++++++++++++++++++++++++++++---------------
 2 files changed, 43 insertions(+), 15 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 3fbdc9c..d54b504 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,18 @@
+libpam-mklocaluser (0.9) UNRELEASED; urgency=low
+
+  * Make PAM module more robust:
+  * Add to /etc/passwd and /etc/shadow using python code instead of
+    calling "echo 'something' >> /etc/file" in a subshell.
+  * Do not try to syslog an exception, as a string is needed in newer
+    python versions.
+  * Do not call chown -R, implement it in python instead.
+  * Correct test pam_handler function arguments and make it output
+    more info during testing.
+  * Make sure syslog message make it clear that both passwd and shadow
+    is updated by the module.
+
+ -- Petter Reinholdtsen <pere at debian.org>  Sat, 04 May 2013 08:25:53 +0200
+
 libpam-mklocaluser (0.8) unstable; urgency=low
 
   * Rewrite runcmd() to work with Python on Wheezy (Closes: #706753).
diff --git a/debian/pam-python.py b/debian/pam-python.py
index bd53708..0a79c1c 100755
--- a/debian/pam-python.py
+++ b/debian/pam-python.py
@@ -15,6 +15,19 @@ import math
 import time
 import syslog
 
+def append_line(filename, line):
+  f = open(filename, 'a')
+  f.write(line)
+  f.close()
+
+def chown_recursive(path, uid, gid):
+  os.chown(path, uid, gid)
+  for root, dirs, files in os.walk(path):  
+    for dirname in dirs:  
+      os.chown(os.path.join(root, dirname), uid, gid)
+    for filename in files:
+      os.chown(os.path.join(root, filename), uid, gid)
+
 def runcmd(pamh, cmd):
   proc = subprocess.Popen(cmd, shell=True, \
                             stdout=subprocess.PIPE, \
@@ -80,21 +93,21 @@ def check_and_create_localuser(pamh, user):
       syslog.syslog("Unknown primary group with gid %d" % gid)
       groupname = "[unknown]"
 
-    syslog.syslog("Creating local passwd entry uid=%d(%s) gid=%d(%s) gecos='%s' home=%s" % (uid, user, gid, groupname, gecos, newhomedir))
+    syslog.syslog("Creating local passwd/shadow entry uid=%d(%s) gid=%d(%s) gecos='%s' home=%s" % (uid, user, gid, groupname, gecos, newhomedir))
     try:
       # Add user entry with overridden home directory in /etc/passwd.
 
       # Can not use adduser, as it refuses to add a user if it already
       # is visible via NSS.
-      cmd = "/bin/echo '%s:x:%d:%d:%s:%s:%s' >> /etc/passwd" \
-            % (user, uid, gid, gecos, newhomedir, shell)
-      runcmd(pamh, cmd)
+      append_line('/etc/passwd', \
+                    '%s:x:%d:%d:%s:%s:%s' % \
+                    (user, uid, gid, gecos, newhomedir, shell))
 
       # Add shadow entry too.
-      # XXX Should only add it if it is missing
-      cmd = "/bin/echo '%s:x:%d:%d:%d:%d:::' >> /etc/shadow" \
-            % (user, pwlastchange, pwminage, pwmaxage, pwwarn)
-      runcmd(pamh, cmd)
+      # FIXME Should only add it if it is missing.  
+      append_line('/etc/shadow', \
+                    '%s:x:%d:%d:%d:%d:::' \
+                    % (user, pwlastchange, pwminage, pwmaxage, pwwarn))
 
       syslog.syslog("Creating local home directory for user '%s'" % user)
       # Copy content of /etc/skel
@@ -102,15 +115,14 @@ def check_and_create_localuser(pamh, user):
 
       # Change perm of new home dir
       os.chmod(newhomedir, dirmode)
-      # os.chown(newhomedir, uid, gid) - not recursive
-      runcmd(pamh, "/bin/chown -R %d:%d '%s'" % (uid, gid, newhomedir))
+      chown_recursive(newhomedir, uid, gid)
 
       # Flush nscd cache to get rid of original user entry
       if os.access("/usr/sbin/nscd", os.X_OK):
         runcmd(pamh, "/usr/sbin/nscd -i passwd")
 
       # Hook for adjusting the freshly created home directory
-      # XXX Should be rewritten in python, I guess
+      # FIXME Should be rewritten in python, I guess
       runcmd(pamh, "if [ -d /etc/mklocaluser.d ]; then ORIGHOMEDIR='%s' USER='%s' /bin/run-parts /etc/mklocaluser.d ; fi" % (homedir, user))
 
       # Let the user know what is going on
@@ -122,7 +134,7 @@ def check_and_create_localuser(pamh, user):
       # and need to be restarted.
       return pamh.PAM_TRY_AGAIN
     except Exception, e:
-      syslog.syslog(e)
+      syslog.syslog("Failure while creating local user: %s " % (e))
       pass
 
   return pamh.PAM_SUCCESS
@@ -178,9 +190,10 @@ if __name__ == '__main__':
     PAM_SYSTEM_ERR = 3
     PAM_TRY_AGAIN = 4
     PAM_TEXT_INFO = 5
-    def Message(tag, str):
-      return
-    def conversation(msg):
+    def Message(self, tag, str):
+      return str
+    def conversation(self, msg):
+      print "PAM conversation: " + msg
       return
   pamh = pam_handler()
   user = sys.argv[1]

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/upstream/libpam-mklocaluser.git

More information about the debian-edu-commits mailing list