[Pkg-shadow-devel] [Git][debian/adduser][wip/bug-1109329] 12 commits: add --no-copy-skel option
Marc Haber (@zugschlus)
gitlab at salsa.debian.org
Tue Oct 14 06:08:09 BST 2025
Marc Haber pushed to branch wip/bug-1109329 at Debian / adduser
Commits:
ae36756e by Matt Barry at 2025-09-14T14:38:02+02:00
add --no-copy-skel option
Fixes: #1099633
- - - - -
1150d03a by Matt Barry at 2025-09-14T14:38:02+02:00
document --no-copy-skel
- - - - -
53262f1e by Marc Haber at 2025-10-14T06:35:17+02:00
rename testsuite file names for better ordering
Git-Dch: ignore
- - - - -
6711e06b by Marc Haber at 2025-10-14T06:35:17+02:00
remove doubled semicolon.
Git-Dch: ignore
- - - - -
9f48853a by Marc Haber at 2025-10-14T06:35:17+02:00
fix brace position
Git-Dch: ignore
- - - - -
dc525e22 by Marc Haber at 2025-10-14T06:35:17+02:00
fix readding -> reading
Git-Dch: ignore
- - - - -
77331713 by Marc Haber at 2025-10-14T06:35:17+02:00
fix indent
Git-Dch: ignore
- - - - -
c1ea85e2 by Marc Haber at 2025-10-14T07:08:02+02:00
add test for deluser --group
Git-Dch: ignore
- - - - -
c68dcbb6 by Marc Haber at 2025-10-14T07:08:02+02:00
make deluser --group work as documented
This a drive-by fix 1109329, when another user reported an unrelated
issue
- - - - -
3d9569f1 by Marc Haber at 2025-10-14T07:08:02+02:00
add a test for deluser with a user-specific option
Git-Dch: ignore
- - - - -
d8e3b97d by Marc Haber at 2025-10-14T07:08:02+02:00
have delgroup reject user-specific command line options
This a drive-by fix 1109329, when another user reported an unrelated
issue
- - - - -
02ad950a by Marc Haber at 2025-10-14T07:08:02+02:00
correctly sanitize names in deluser
Thanks: Dagfinn Ilmari Mannsåker
Closes: #1109329
- - - - -
15 changed files:
- AdduserCommon.pm
- AdduserLogging.pm
- adduser
- debian/tests/f/adduser_system.t
- deluser
- doc/adduser.8
- testsuite/test1.pl → testsuite/test01.pl
- testsuite/test2.pl → testsuite/test02.pl
- testsuite/test3.pl → testsuite/test03.pl
- testsuite/test4.pl → testsuite/test04.pl
- testsuite/test5.pl → testsuite/test05.pl
- testsuite/test6.pl → testsuite/test06.pl
- testsuite/test7.pl → testsuite/test07.pl
- testsuite/test8.pl → testsuite/test08.pl
- testsuite/test9.pl → testsuite/test09.pl
Changes:
=====================================
AdduserCommon.pm
=====================================
@@ -336,8 +336,7 @@ sub read_pool {
close $pool || die "$!";
}
-sub get_group_members
-{
+sub get_group_members {
my $group = shift;
my @members;
=====================================
AdduserLogging.pm
=====================================
@@ -49,7 +49,7 @@ BEGIN {
my $stderrmsglevel="error";
my $stdoutmsglevel="error";
-my $logmsglevel="info";;
+my $logmsglevel="info";
my $loggerparms="";
my $has_sys_admin;
my $logger_id_option;
=====================================
adduser
=====================================
@@ -132,6 +132,7 @@ our $new_lastgid = undef;
our $new_lastuid = undef;
our $new_uid = undef;
our $no_create_home = undef;
+our $no_copy_skel = undef;
our $special_home = undef;
our $special_shell = undef;
our $add_extra_groups;
@@ -188,6 +189,7 @@ GetOptions(
'lastgid=i' => \$new_lastgid,
'lastuid=i' => \$new_lastuid,
'no-create-home' => \$no_create_home,
+ 'no-copy-skel' => \$no_copy_skel,
'quiet|q' => sub { $verbose = 0; },
'shell=s' => \$special_shell,
'system' => \$found_sys_opt,
@@ -581,7 +583,7 @@ if ($action eq "addsysuser") {
}
if (!$ingroup_name && !defined($gid_option) && !$make_group_also) {
- $gid_option = $nogroup_id;
+ $gid_option = $nogroup_id;
}
check_user_group(1);
@@ -926,7 +928,7 @@ if ($action eq "adduser") {
$returnvalue = RET_INVALID_NAME_FROM_USERADD;
}
- create_homedir (1, 0); # copy skeleton data
+ create_homedir ($no_copy_skel ? 0 : 1, 0); # copy skeleton data
# useradd without -p has left the account disabled (password string is '!')
my $yesexpr = langinfo(YESEXPR());
=====================================
debian/tests/f/adduser_system.t
=====================================
@@ -291,6 +291,7 @@ assert_command_success(
);
# clean up
+# en passant test delgroup and deluser --group
assert_command_success(
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -310,10 +311,15 @@ assert_command_success(
'aust'
);
assert_command_success(
- '/usr/sbin/delgroup',
+ '/usr/sbin/deluser',
+ '--group',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
'--system',
'aust2'
);
+assert_user_does_not_exist('aust');
+assert_user_does_not_exist('aust2');
+assert_group_does_not_exist('aust');
+assert_group_does_not_exist('aust2');
# vim: tabstop=4 shiftwidth=4 expandtab
=====================================
deluser
=====================================
@@ -106,7 +106,7 @@ if ($encode_loaded) {
binmode(STDERR, ":encoding($charset)");
}
-our $action;
+our $action = "";
our $verbose;
our $stdoutmsglevel = "warn";
our $stderrmsglevel = "warn";
@@ -187,7 +187,9 @@ if( defined $verbose ) {
}
# detect the operation mode
-$action = $0 =~ /delgroup$/ ? "delgroup" : "deluser";
+if ($action eq "") {
+ $action = $0 =~ /delgroup$/ ? "delgroup" : "deluser";
+}
############################
# checks related to @names #
@@ -212,13 +214,13 @@ if ( (! defined $names[0]) || length($names[0]) == 0 || @names > 2) {
if(@names == 2) { # must be deluserfromgroup
$action = "deluserfromgroup";
- $user = sanitize_string( shift(@names) );
- $group = sanitize_string( shift(@names) );
+ $user = sanitize_string( shift(@names), anynamere );
+ $group = sanitize_string( shift(@names), anynamere );
} else { # 1 parameter, must be delgroup
if($action eq "delgroup") {
- $group = shift(@names);
+ $group = sanitize_string( shift(@names), anynamere );
} else {
- $user = shift(@names);
+ $user = sanitize_string( shift(@names), anynamere );
}
}
@@ -451,6 +453,10 @@ if($action eq "deluser") {
if ($action eq 'delgroup') {
+ if ( $pconfig{'remove_home'} || $pconfig{'remove_all_files'} || $pconfig{'backup'} || $pconfig{'backup_to'} || $pconfig{'backup_suffix'} || $no_preserve_root ) {
+ log_warn( mtx("incompatible options for deluser given to deluser --group or delgroup") );
+ exit( RET_EXCLUSIVE_PARAMETERS );
+ }
unless (exist_group($group)) {
if( $config{'system'} ) {
log_warn( mtx("The group `%s' does not exist."), $group);
=====================================
doc/adduser.8
=====================================
@@ -9,7 +9,7 @@
.\" 2016 Afif Elghraoui <afif at debian.org>
.\" 2016 Helge Kreutzmann <debian at helgefjell.de>
.\" 2021-2022 Jason Franklin <jason at oneway.dev>
-.\" 2022 Matt Barry <matt at hazelmollusk.org>
+.\" 2022 Matt Barry <matt at hazelmollusc.org>
.\"
.\" This is free software; see the GNU General Public License version
.\" 2 or later for copying conditions. There is NO warranty.
@@ -34,6 +34,7 @@ adduser, addgroup \- add or manipulate users or groups
.OP \-\-lastgid id
.OP \-\-lastuid id
.OP \-\-no\-create\-home
+.OP \-\-no\-copy\-skel
.OP \-\-shell shell
.OP \-\-quiet
.OP \-\-uid id
@@ -53,6 +54,7 @@ adduser, addgroup \- add or manipulate users or groups
.OP \-\-home dir
.OP \-\-ingroup group
.OP \-\-no\-create\-home
+.OP \-\-no\-copy\-skel
.OP \-\-shell shell
.OP \-\-uid id
.OP \-\-quiet
@@ -437,6 +439,12 @@ that some other mechanism will be responsible
for initializing the new user's home directory.
Valid modes: \fBadduser\fP, \fBadduser \-\-system\fP.
.TP
+.B \-\-no\-copy\-skel
+Do not populate the home directory for the new user with
+files from \fI\%/etc/skel\fP. If the home directory is
+newly created, it will be empty.
+Valid modes: \fBadduser\fP, \fBadduser \-\-system\fP.
+.TP
.B \-\-quiet
Synonymous to
.B \-\-stdoutmsglevel=warn.
=====================================
testsuite/test1.pl → testsuite/test01.pl
=====================================
=====================================
testsuite/test2.pl → testsuite/test02.pl
=====================================
=====================================
testsuite/test3.pl → testsuite/test03.pl
=====================================
=====================================
testsuite/test4.pl → testsuite/test04.pl
=====================================
=====================================
testsuite/test5.pl → testsuite/test05.pl
=====================================
=====================================
testsuite/test6.pl → testsuite/test06.pl
=====================================
=====================================
testsuite/test7.pl → testsuite/test07.pl
=====================================
=====================================
testsuite/test8.pl → testsuite/test08.pl
=====================================
@@ -91,6 +91,34 @@ unless (!defined getgrnam($newgroup)) {
print "ok\n";
}
+my $newgroup = find_unused_name();
+
+$cmd = "adduser --group $newgroup";
+unless (defined getgrnam($newgroup)) {
+ print "Testing $cmd... ";
+ `$cmd`;
+ my $error = ($?>>8);
+ if ($error) {
+ print "failed\n addgroup returned an errorcode != 0 ($error)\n";
+ exit $error;
+ }
+ assert(check_group_exist ($newgroup));
+ print "ok\n";
+}
+
+$cmd = "deluser --group $newgroup";
+unless (!defined getgrnam($newgroup)) {
+ print "Testing $cmd... ";
+ `$cmd`;
+ my $error = ($?>>8);
+ if ($error) {
+ print "failed\n delgroup returned an errorcode != 0 ($error)\n";
+ exit $error;
+ }
+ assert(!check_group_exist ($newgroup));
+ print "ok\n";
+}
+
my $sysusername = find_unused_name();
$cmd = "adduser --system --comment test --disabled-password --add-extra-groups $sysusername";
=====================================
testsuite/test9.pl → testsuite/test09.pl
=====================================
@@ -2,11 +2,11 @@
# expect:
# - a new non-system group $groupname
-# - readding the group fails
-# - readding the group as a system group fails
+# - reading the group fails
+# - reading the group as a system group fails
# - a new system group $groupname
-# - readding the group succeeds
-# - readding the group as a non-system group fails
+# - reading the group succeeds
+# - reading the group as a non-system group fails
use strict;
@@ -62,11 +62,24 @@ if ($output !~ /^err: The group `addusertest\d+' already exists and is not a sys
}
print "ok\n";
+# now testing whether trying to delete the group with --remove-home
+# fails as it should
+
+$cmd = "delgroup --system --remove-home $groupname";
+print "Testing (9.4) $cmd... ";
+$output=`$cmd 2>&1`;
+$error = ($?>>8);
+if ($error ne 53) {
+ print "failed\n $cmd returned an errorcode != 53 ($error)\n";
+ exit $error;
+}
+print "ok\n";
+
my $sysgroupname = find_unused_name();
$cmd = "addgroup --system $sysgroupname";
if (!defined (getgrnam($sysgroupname))) {
- print "Testing (9.4) $cmd... ";
+ print "Testing (9.5) $cmd... ";
$output=`$cmd 2>&1`;
$error = ($?>>8);
if ($error) {
@@ -82,7 +95,7 @@ if (!defined (getgrnam($sysgroupname))) {
# ("already exists as a system group")
$cmd = "addgroup --system $sysgroupname" ;
-print "Testing (9.5) $cmd... ";
+print "Testing (9.6) $cmd... ";
$output=`$cmd 2>&1`;
$error = ($?>>8);
if ($error) {
@@ -95,7 +108,7 @@ print "ok\n";
# fails as it should
$cmd = "addgroup $sysgroupname";
-print "Testing (9.6) $cmd... ";
+print "Testing (9.7) $cmd... ";
$output=`$cmd 2>&1`;
$error = ($?>>8);
if ($error ne 11) {
View it on GitLab: https://salsa.debian.org/debian/adduser/-/compare/7a5c7cd158b369ae31773f39b7d2afd7ad9b3bbd...02ad950aafe8d7e09fc6987317654c41e8f15009
--
View it on GitLab: https://salsa.debian.org/debian/adduser/-/compare/7a5c7cd158b369ae31773f39b7d2afd7ad9b3bbd...02ad950aafe8d7e09fc6987317654c41e8f15009
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20251014/4b870dfe/attachment-0001.htm>
More information about the Pkg-shadow-devel
mailing list