[Pkg-shadow-devel] [Git][debian/adduser][feature-refactor-existing] 17 commits: add --no-copy-skel option
Marc Haber (@zugschlus)
gitlab at salsa.debian.org
Tue Oct 14 06:30:16 BST 2025
Marc Haber pushed to branch feature-refactor-existing at Debian / adduser
Commits:
ae36756e by Matt Barry at 2025-09-14T14:38:02+02:00
add --no-copy-skel option
Fixes: #1099633
- - - - -
1150d03a by Matt Barry at 2025-09-14T14:38:02+02:00
document --no-copy-skel
- - - - -
53262f1e by Marc Haber at 2025-10-14T06:35:17+02:00
rename testsuite file names for better ordering
Git-Dch: ignore
- - - - -
6711e06b by Marc Haber at 2025-10-14T06:35:17+02:00
remove doubled semicolon.
Git-Dch: ignore
- - - - -
9f48853a by Marc Haber at 2025-10-14T06:35:17+02:00
fix brace position
Git-Dch: ignore
- - - - -
dc525e22 by Marc Haber at 2025-10-14T06:35:17+02:00
fix readding -> reading
Git-Dch: ignore
- - - - -
77331713 by Marc Haber at 2025-10-14T06:35:17+02:00
fix indent
Git-Dch: ignore
- - - - -
c1ea85e2 by Marc Haber at 2025-10-14T07:08:02+02:00
add test for deluser --group
Git-Dch: ignore
- - - - -
c68dcbb6 by Marc Haber at 2025-10-14T07:08:02+02:00
make deluser --group work as documented
This a drive-by fix 1109329, when another user reported an unrelated
issue
- - - - -
3d9569f1 by Marc Haber at 2025-10-14T07:08:02+02:00
add a test for deluser with a user-specific option
Git-Dch: ignore
- - - - -
d8e3b97d by Marc Haber at 2025-10-14T07:08:02+02:00
have delgroup reject user-specific command line options
This a drive-by fix 1109329, when another user reported an unrelated
issue
- - - - -
02ad950a by Marc Haber at 2025-10-14T07:08:02+02:00
correctly sanitize names in deluser
Thanks: Dagfinn Ilmari Mannsåker
Closes: #1109329
- - - - -
173cf4d2 by Matt Barry at 2025-10-14T07:30:07+02:00
refactor existing_*_ok
replace with new existing_(user|group)_status, which return a bitmask
value corresponding to these constants:
EXISTING_NOT_FOUND EXISTING_FOUND EXISTING_SYSTEM EXISTING_ID_MISMATCH
(and EXISTING_LOCKED, which is unused in this branch)
- - - - -
8239f3a3 by Marc Haber at 2025-10-14T07:30:07+02:00
fixup! refactor existing_*_ok
- - - - -
6df2ceaa by Marc Haber at 2025-10-14T07:30:07+02:00
more instrumentation output for system_status.t
Git-Dch: ignore
- - - - -
65d8bea2 by Marc Haber at 2025-10-14T07:30:07+02:00
more instrumentation to identify tests
Git-Dch: ignore
- - - - -
b7c9d3a1 by Marc Haber at 2025-10-14T07:30:07+02:00
adap test9 for new message output
Git-Dch: ignore
- - - - -
16 changed files:
- AdduserCommon.pm
- AdduserLogging.pm
- adduser
- debian/tests/f/adduser_system.t
- debian/tests/f/system_status.t
- deluser
- doc/adduser.8
- testsuite/test1.pl → testsuite/test01.pl
- testsuite/test2.pl → testsuite/test02.pl
- testsuite/test3.pl → testsuite/test03.pl
- testsuite/test4.pl → testsuite/test04.pl
- testsuite/test5.pl → testsuite/test05.pl
- testsuite/test6.pl → testsuite/test06.pl
- testsuite/test7.pl → testsuite/test07.pl
- testsuite/test8.pl → testsuite/test08.pl
- testsuite/test9.pl → testsuite/test09.pl
Changes:
=====================================
AdduserCommon.pm
=====================================
@@ -94,6 +94,15 @@ use constant {
def_min_regex => qr(^[^-+~:,\s/][^:,\s/]*$)aa,
};
+# constants used in existing_*_status
+use constant {
+ EXISTING_NOT_FOUND => 0,
+ EXISTING_FOUND => 1,
+ EXISTING_SYSTEM => 2,
+ EXISTING_ID_MISMATCH => 4,
+ EXISTING_LOCKED => 8,
+};
+
@EXPORT = (
'get_group_members',
'read_config',
@@ -122,6 +131,13 @@ use constant {
'def_sys_name_regex',
'def_ieee_name_regex',
'def_min_regex',
+ 'EXISTING_NOT_FOUND',
+ 'EXISTING_FOUND',
+ 'EXISTING_SYSTEM',
+ 'EXISTING_ID_MISMATCH',
+ 'EXISTING_LOCKED',
+ 'existing_user_status',
+ 'existing_group_status',
);
sub sanitize_string {
@@ -336,8 +352,7 @@ sub read_pool {
close $pool || die "$!";
}
-sub get_group_members
-{
+sub get_group_members {
my $group = shift;
my @members;
@@ -567,6 +582,62 @@ END {
release_lock(1);
}
+# existing_user_status: check if there is already a user present
+# on the system which satisfies the requirements
+# parameter:
+# new_name: the name of the user to check
+# new_uid : the UID of the user
+# return value:
+# bitwise combination of these constants:
+# EXISTING_NOT_FOUND => 0
+# EXISTING_FOUND => 1
+# EXISTING_SYSTEM => 2
+# EXISTING_ID_MISMATCH => 4
+# EXISTING_LOCKED => 8
+# e.g. if the requested account name exists as a locked system user,
+# return 8|2|1 == 11
+sub existing_user_status {
+ my ($config, $new_name,$new_uid) = @_;
+ my ($dummy1,$pw,$uid);
+ my $ret = EXISTING_NOT_FOUND;
+ log_trace( "existing_user_status called with new_name %s, new_uid %s, first_system_uid %s, last_system_uid %s", $new_name, $new_uid, $config->{"first_system_uid"}, $config->{"last_system_uid"} );
+ if (($dummy1,$pw,$uid) = egetpwnam($new_name)) {
+ log_trace( "egetpwnam(%s) returns %s, %s, %s", $new_name, $dummy1, $pw, $uid );
+ $ret |= EXISTING_FOUND;
+ $ret |= EXISTING_ID_MISMATCH if (defined($new_uid) && $uid != $new_uid);
+ $ret |= EXISTING_SYSTEM if
+ (($uid >= $config->{"first_system_uid"}) && ($uid <= $config->{"last_system_uid"}));
+ $ret |= EXISTING_LOCKED if (substr($pw,0,1) eq "!"); # TODO: also check expiry?
+ }
+ log_trace( "existing_user_status returning %d", $ret );
+ return $ret;
+}
+
+# existing_group_status: check if there is already a group which satisfies the requirements
+# parameter:
+# new_name: the name of the group
+# new_gid : the GID of the group
+# return value:
+# bitwise combination of these constants:
+# EXISTING_NOT_FOUND => 0
+# EXISTING_FOUND => 1
+# EXISTING_SYSTEM => 2
+# EXISTING_ID_MISMATCH => 4
+sub existing_group_status {
+ my ($config, $new_name,$new_gid) = @_;
+ my ($dummy1,$dummy2,$gid);
+ my $ret = EXISTING_NOT_FOUND;
+ log_trace( "existing_group_status called with new_name %s, new_gid %s", $new_name, $new_gid );
+ if (($dummy1,$dummy2,$gid) = egetgrnam($new_name)) {
+ $ret |= EXISTING_FOUND;
+ $ret |= EXISTING_ID_MISMATCH if (defined($new_gid) && $gid != $new_gid);
+ $ret |= EXISTING_SYSTEM if
+ (($gid >= $config->{"first_system_gid"} && $gid <= $config->{"last_system_gid"}));
+ }
+ log_trace( "existing_group_status returning %d", $ret );
+ return $ret;
+}
+
1;
# Local Variables:
=====================================
AdduserLogging.pm
=====================================
@@ -49,7 +49,7 @@ BEGIN {
my $stderrmsglevel="error";
my $stdoutmsglevel="error";
-my $logmsglevel="info";;
+my $logmsglevel="info";
my $loggerparms="";
my $has_sys_admin;
my $logger_id_option;
=====================================
adduser
=====================================
@@ -88,14 +88,6 @@ BEGIN {
}
}
-use constant {
- EXISTING_NOT_FOUND => 0,
- EXISTING_FOUND => 1,
- EXISTING_SYSTEM => 2,
- EXISTING_ID_MISMATCH => 4,
- EXISTING_LOCKED => 8,
-};
-
my $yesexpr = langinfo(YESEXPR());
my $charset = langinfo($codeset);
if ($encode_loaded) {
@@ -103,7 +95,7 @@ if ($encode_loaded) {
binmode(STDERR, ":encoding($charset)");
}
-my %config; # configuration hash
+my %config = ();
my $nogroup_id = egetgrnam("nogroup") || 65534;
$0 =~ s+.*/++;
@@ -132,6 +124,7 @@ our $new_lastgid = undef;
our $new_lastuid = undef;
our $new_uid = undef;
our $no_create_home = undef;
+our $no_copy_skel = undef;
our $special_home = undef;
our $special_shell = undef;
our $add_extra_groups;
@@ -188,6 +181,7 @@ GetOptions(
'lastgid=i' => \$new_lastgid,
'lastuid=i' => \$new_lastuid,
'no-create-home' => \$no_create_home,
+ 'no-copy-skel' => \$no_copy_skel,
'quiet|q' => sub { $verbose = 0; },
'shell=s' => \$special_shell,
'system' => \$found_sys_opt,
@@ -332,6 +326,15 @@ if ($found_group_opt) {
}
}
+# $new_firstuid = $new_firstuid || $config{"first_uid"} || 1000;
+# $new_lastuid = $new_lastuid || $config{"last_uid"} || 59999;
+# $new_firstgid = $new_firstgid || $config{"first_gid"} || 1000;
+# $new_lastgid = $new_lastgid || $config{"last_gid"} || 59999;
+# $new_firstuid = $new_firstuid || $config{"first_uid"} || 1000;
+# $new_lastuid = $new_lastuid || $config{"last_uid"} || 59999;
+# $new_firstgid = $new_firstgid || $config{"first_gid"} || 1000;
+# $new_lastgid = $new_lastgid || $config{"last_gid"} || 59999;
+
# read the uid and gid pool
if ($config{"uid_pool"}) {
@@ -385,7 +388,7 @@ if( defined $new_firstuid ) {
}
if( defined $new_lastuid ) {
- log_trace("sanitize new_lastgud");
+ log_trace("sanitize new_lastuid");
$new_lastuid = sanitize_string($new_lastuid, numberre);
}
@@ -437,23 +440,26 @@ $SIG{'INT'} = $SIG{'QUIT'} = $SIG{'HUP'} = 'handler';
if ($action eq "addsysgroup") {
acquire_lock();
+
+ log_trace( "addsysuser %s, uid %s", $new_name, $new_uid );
# Check if requested group already exists and we can exit safely
- my $asgret = existing_group_status($new_name, $gid_option);
+ my $asgret = existing_group_status(\%config, $new_name, $gid_option);
log_trace( "existing_group_status( %s, %s ) returns %s", $new_name, $gid_option, $asgret );
+ if ($asgret & EXISTING_FOUND) {
+ # a group with this name already exists; it's a problem when it's not a system group
+ if ( ( $asgret & EXISTING_SYSTEM ) == 0 ) {
+ log_fatal( mtx("The group `%s' already exists, but is not a system group. Exiting."), $new_name );
+ exit( RET_WRONG_OBJECT_PROPERTIES );
+ }
+ }
if ($asgret & EXISTING_ID_MISMATCH) {
log_err( mtx("The group `%s' already exists, but has a different GID. Exiting."), $new_name );
exit( RET_WRONG_OBJECT_PROPERTIES );
}
if ($asgret & EXISTING_FOUND) {
- log_trace( "existing_found" );
- if ($asgret & (EXISTING_SYSTEM)) {
- log_info( mtx("The group `%s' already exists as a system group."), $new_name );
- exit( RET_OK );
- } else {
- log_err( mtx("The group `%s' already exists and is not a system group. Exiting."), $new_name );
- exit( RET_WRONG_OBJECT_PROPERTIES );
- }
+ log_info( mtx("The system group `%s' already exists. Exiting.\n"), $new_name );
+ exit( RET_OK );
}
if (defined($gid_option) && defined(getgrgid($gid_option))) {
log_fatal( mtx("The GID `%s' is already in use."), $gid_option );
@@ -565,11 +571,14 @@ if ($action eq 'addusertogroup') {
if ($action eq "addsysuser") {
acquire_lock();
- my $ret = existing_user_status($new_name, $new_uid);
- if (($ret & EXISTING_FOUND) && !($ret & EXISTING_SYSTEM)) {
+ log_trace( "addsysuser %s, uid %s", $new_name, $new_uid );
+ my $ret = existing_user_status(\%config, $new_name, $new_uid);
+ if ($ret & (EXISTING_FOUND)) {
# a user with this name already exists; it's a problem when it's not a system user
- log_fatal( mtx("The user `%s' already exists, but is not a system user. Exiting."), $new_name );
- exit( RET_WRONG_OBJECT_PROPERTIES );
+ if ( ($ret & EXISTING_SYSTEM) == 0 ) {
+ log_fatal( mtx("The user `%s' already exists, but is not a system user. Exiting."), $new_name );
+ exit( RET_WRONG_OBJECT_PROPERTIES );
+ }
}
if ($ret & EXISTING_ID_MISMATCH) {
log_fatal( mtx("The user `%s' already exists with a different UID. Exiting."), $new_name );
@@ -581,7 +590,7 @@ if ($action eq "addsysuser") {
}
if (!$ingroup_name && !defined($gid_option) && !$make_group_also) {
- $gid_option = $nogroup_id;
+ $gid_option = $nogroup_id;
}
check_user_group(1);
@@ -926,7 +935,7 @@ if ($action eq "adduser") {
$returnvalue = RET_INVALID_NAME_FROM_USERADD;
}
- create_homedir (1, 0); # copy skeleton data
+ create_homedir ($no_copy_skel ? 0 : 1, 0); # copy skeleton data
# useradd without -p has left the account disabled (password string is '!')
my $yesexpr = langinfo(YESEXPR());
@@ -1138,66 +1147,6 @@ sub mktree {
return 1;
}
-# existing_user_status: check if there is already a user present
-# on the system which satisfies the requirements
-# parameter:
-# new_name: the name of the user to check
-# new_uid : the UID of the user
-# return value:
-# bitwise combination of these constants:
-# EXISTING_NOT_FOUND => 0
-# EXISTING_FOUND => 1
-# EXISTING_SYSTEM => 2
-# EXISTING_ID_MISMATCH => 4
-# EXISTING_LOCKED => 8
-# e.g. if the requested account name exists as a locked system user,
-# return 8|2|1 == 11
-sub existing_user_status {
- my ($new_name,$new_uid) = @_;
- my ($pw,$uid);
- my $ret = EXISTING_NOT_FOUND;
- log_trace( "existing_user_status called with new_name %s, new_uid %s", $new_name, $new_uid );
- if ((undef,$pw,$uid) = egetpwnam($new_name)) {
- log_trace("egetpwnam %s returned successfully, uid = %s", $new_name, $uid);
- $ret |= EXISTING_FOUND;
- $ret |= EXISTING_ID_MISMATCH if (defined($new_uid) && $uid != $new_uid);
- $ret |= EXISTING_SYSTEM if
- ($uid >= $config{"first_system_uid"} && $uid <= $config{"last_system_uid"});
- } elsif ($new_uid && getpwuid($new_uid)) {
- $ret |= EXISTING_ID_MISMATCH;
- }
- log_trace( "existing_user_status( %s, %s ) returns %s", $new_name, $new_uid, $ret );
- return $ret;
-}
-
-# existing_group_status: check if there is already a group which satisfies the requirements
-# parameter:
-# new_name: the name of the group
-# new_gid : the GID of the group
-# return value:
-# bitwise combination of these constants:
-# EXISTING_NOT_FOUND => 0
-# EXISTING_FOUND => 1
-# EXISTING_SYSTEM => 2
-# EXISTING_ID_MISMATCH => 4
-sub existing_group_status {
- my ($new_name,$new_gid) = @_;
- my $gid;
- my $ret = EXISTING_NOT_FOUND;
- log_trace( "existing_group_status called with new_name %s, new_gid %s", $new_name, $new_gid );
- if ((undef,undef,$gid) = egetgrnam($new_name)) {
- log_trace("egetgrnam %s returned successfully, gid = %s", $new_name, $gid);
- $ret |= EXISTING_FOUND;
- $ret |= EXISTING_ID_MISMATCH if (defined($new_gid) && $gid != $new_gid);
- $ret |= EXISTING_SYSTEM if
- ($gid >= $config{"first_system_gid"} && $gid <= $config{"last_system_gid"});
- } elsif ($new_gid && getgrgid($new_gid)) {
- $ret |= EXISTING_ID_MISMATCH;
- }
- log_trace( "existing_group_status( %s, %s ) returns %s", $new_name, $new_gid, $ret );
- return $ret;
-}
-
# check_user_group: ???
# parameters:
# system: 0 if the user is not a system user, 1 otherwise
@@ -1207,27 +1156,25 @@ sub existing_group_status {
sub check_user_group {
my ($system) = @_;
log_debug( "check_user_group %s called, make_group_also %s", $system, $make_group_also );
-
- my $ustat = existing_user_status($new_name, $new_uid);
- if ($system) {
- if (($ustat & EXISTING_FOUND) && !($ustat & EXISTING_SYSTEM)) {
- log_fatal( mtx("The user `%s' already exists, and is not a system user."), $new_name);
- exit( RET_WRONG_OBJECT_PROPERTIES );
+ if( !$system || !existing_user_status(\%config, $new_name, $new_uid) ) {
+ if( defined egetpwnam($new_name) ) {
+ if( $system ) {
+ log_fatal( mtx("The user `%s' already exists, and is not a system user."), $new_name);
+ exit( RET_WRONG_OBJECT_PROPERTIES );
+ } else {
+ log_fatal( mtx("The user `%s' already exists."), $new_name);
+ exit( RET_OBJECT_EXISTS );
+ }
}
- # if ($new_uid && !($ustat & EXISTING_SYSTEM)) {
- # log_fatal( mtx("The uid `%s' is invalid for system users."), $new_name);
- # exit( RET_OBJECT_EXISTS );
- # }
- } else {
- if ($ustat & EXISTING_FOUND) {
- log_fatal( mtx("The user `%s' already exists."), $new_name);
- exit( RET_OBJECT_EXISTS );
+ if (defined($new_uid) && getpwuid($new_uid)) {
+ log_fatal( mtx("The UID %d is already in use."), $new_uid);
+ exit( RET_ID_IN_USE );
}
}
if ($make_group_also) {
log_trace( "make_group_also 1, new_name %s, new_uid %s", $new_name, $new_uid );
- if( !$system || !existing_group_status($new_name, $new_uid) ) {
+ if( !$system || !existing_group_status(\%config, $new_name, $new_uid) ) {
if (defined egetgrnam($new_name)) {
log_fatal( mtx("The group `%s' already exists."),$new_name );
exit( RET_OBJECT_EXISTS );
=====================================
debian/tests/f/adduser_system.t
=====================================
@@ -184,6 +184,7 @@ assert_user_exists('aust');
assert_user_is_system('aust');
system('echo "aust:*" | chpasswd --encrypted');
+ok(1, "set passwd to *");
assert_command_success(
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -195,6 +196,7 @@ assert_user_exists('aust');
assert_user_is_system('aust');
system('echo "aust:!foobar" | chpasswd --encrypted');
+ok(1, "set passwd to !foobar");
assert_command_success(
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -206,6 +208,7 @@ assert_user_exists('aust');
assert_user_is_system('aust');
system('echo "aust:*foobar" | chpasswd --encrypted');
+ok(1, "set passwd to *foobar");
assert_command_success(
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -291,6 +294,7 @@ assert_command_success(
);
# clean up
+# en passant test delgroup and deluser --group
assert_command_success(
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -310,10 +314,15 @@ assert_command_success(
'aust'
);
assert_command_success(
- '/usr/sbin/delgroup',
+ '/usr/sbin/deluser',
+ '--group',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
'--system',
'aust2'
);
+assert_user_does_not_exist('aust');
+assert_user_does_not_exist('aust2');
+assert_group_does_not_exist('aust');
+assert_group_does_not_exist('aust2');
# vim: tabstop=4 shiftwidth=4 expandtab
=====================================
debian/tests/f/system_status.t
=====================================
@@ -56,6 +56,7 @@ my $name = "sys-stat-t";
# number existing before operation result existing after
# 11 nothing create system success system
+ok(1, "sys-stat-t 11");
assert_user_does_not_exist($name);
assert_command_success(
@@ -71,6 +72,7 @@ assert_user_is_system($name);
# 12 system create system success system
# above: assert_user_exists($name);
# above: assert_user_is_system($name);
+ok(1, "sys-stat-t 12");
assert_command_success(
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -84,6 +86,7 @@ assert_user_is_system($name);
# 13 system delete system success nothing
# above: assert_user_exists($name);
# above: assert_user_is_system($name);
+ok(1, "sys-stat-t 13");
assert_command_success(
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -95,6 +98,7 @@ assert_user_does_not_exist($name);
# number existing before operation result existing after
# 14 nothing delete system obj_not_ex nothing
# above: assert_user_does_not_exist($name);
+ok(1, "sys-stat-t 14");
assert_command_success(
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -106,6 +110,7 @@ assert_user_does_not_exist($name);
# number existing before operation result existing after
# 15 nothing delete nonsys obj_not_ex nothing
# above: assert_user_does_not_exist($name);
+ok(1, "sys-stat-t 15");
assert_command_result_silent(RET_OBJECT_DOES_NOT_EXIST,
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -117,6 +122,7 @@ assert_user_does_not_exist($name);
# 21 nothing create system success system
# above: assert_user_does_not_exist($name);
+ok(1, "sys-stat-t 21");
assert_command_success(
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -129,6 +135,7 @@ assert_user_is_system($name);
# number existing before operation result existing after
# 22 system create nonsys obj_exists system
# above: assert_user_is_system($name);
+ok(1, "sys-stat-t 22");
assert_command_result_silent(RET_OBJECT_EXISTS,
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -145,6 +152,7 @@ assert_user_is_system($name);
# in adduser 3.145, this succeeds!
# above: assert_user_is_system($name);
#assert_command_result_silent(RET_WRONG_OBJECT_PROPERTIES,
+ok(1, "sys-stat-t 23");
assert_command_success(
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -164,6 +172,7 @@ assert_user_is_system($name);
# number existing before operation result existing after
# 24 system delete system success nothing
# above: assert_user_is_system($name);
+ok(1, "sys-stat-t 24");
assert_command_success(
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -175,6 +184,7 @@ assert_user_does_not_exist($name);
# number existing before operation result existing after
# 31 nothing create nonsys success nonsys
# above: assert_user__does_not_exist($name);
+ok(1, "sys-stat-t 31");
assert_command_success(
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -190,6 +200,7 @@ assert_user_is_non_system($name);
# 32 nonsys create nonsys obj_exists nonsys
# above: assert_user_exists($name);
# above: assert_user_is_non_system($name);
+ok(1, "sys-stat-t 32");
assert_command_result_silent(RET_OBJECT_EXISTS,
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -205,6 +216,7 @@ assert_user_is_non_system($name);
# 33 nonsys delete sys wrong_prop nonsys
# above: assert_user_exists($name);
# above: assert_user_is_non_system($name);
+ok(1, "sys-stat-t 33");
assert_command_result_silent(RET_WRONG_OBJECT_PROPERTIES,
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -218,6 +230,7 @@ assert_user_is_non_system($name);
# 34 nonsys create sys wrong_prop nonsys
# above: assert_user_exists($name);
# above: assert_user_is_non_system($name);
+ok(1, "sys-stat-t 34a");
assert_command_result_silent(RET_WRONG_OBJECT_PROPERTIES,
'/usr/sbin/adduser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -231,6 +244,7 @@ assert_user_is_non_system($name);
# 35 nonsys delete nonsys success nothing
# above: assert_user_exists($name);
# above: assert_user_is_non_system($name);
+ok(1, "sys-stat-t 35");
assert_command_success(
'/usr/sbin/deluser',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -243,6 +257,7 @@ assert_user_does_not_exist($name);
# number existing before operation result existing after
# 11 nothing create system success system
+ok(1, "sys-stat-t 11");
assert_group_does_not_exist($name);
assert_command_success(
@@ -258,6 +273,7 @@ assert_group_is_system($name);
# 12 system create system success system
# above: assert_group_exists($name);
# above: assert_group_is_system($name);
+ok(1, "sys-stat-t 12");
assert_command_success(
'/usr/sbin/addgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -271,6 +287,7 @@ assert_group_is_system($name);
# 13 system delete system success nothing
# above: assert_group_exists($name);
# above: assert_group_is_system($name);
+ok(1, "sys-stat-t 13");
assert_command_success(
'/usr/sbin/delgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -282,6 +299,7 @@ assert_group_does_not_exist($name);
# number existing before operation result existing after
# 14 nothing delete system obj_not_ex nothing
# above: assert_group_does_not_exist($name);
+ok(1, "sys-stat-t 14");
assert_command_success(
'/usr/sbin/delgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -293,6 +311,7 @@ assert_group_does_not_exist($name);
# number existing before operation result existing after
# 15 nothing delete nonsys obj_not_ex nothing
# above: assert_group_does_not_exist($name);
+ok(1, "sys-stat-t 15");
assert_command_result_silent(RET_OBJECT_DOES_NOT_EXIST,
'/usr/sbin/delgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -304,6 +323,7 @@ assert_group_does_not_exist($name);
# 21 nothing create system success system
# above: assert_group_does_not_exist($name);
+ok(1, "sys-stat-t 21");
assert_command_success(
'/usr/sbin/addgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -316,6 +336,7 @@ assert_group_is_system($name);
# number existing before operation result existing after
# 22 system create nonsys obj_exists system
# above: assert_group_is_system($name);
+ok(1, "sys-stat-t 22");
assert_command_result_silent(RET_OBJECT_EXISTS,
'/usr/sbin/addgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -332,6 +353,7 @@ assert_group_is_system($name);
# in addgroup 3.145, this succeeds!
# above: assert_group_is_system($name);
#assert_command_result_silent(RET_WRONG_OBJECT_PROPERTIES,
+ok(1, "sys-stat-t 23");
assert_command_success(
'/usr/sbin/delgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -351,6 +373,7 @@ assert_group_is_system($name);
# number existing before operation result existing after
# 24 system delete system success nothing
# above: assert_group_is_system($name);
+ok(1, "sys-stat-t 24");
assert_command_success(
'/usr/sbin/delgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -362,6 +385,7 @@ assert_group_does_not_exist($name);
# number existing before operation result existing after
# 31 nothing create nonsys success nonsys
# above: assert_group__does_not_exist($name);
+ok(1, "sys-stat-t 31");
assert_command_success(
'/usr/sbin/addgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -377,6 +401,7 @@ assert_group_is_non_system($name);
# 32 nonsys create nonsys obj_exists nonsys
# above: assert_group_exists($name);
# above: assert_group_is_non_system($name);
+ok(1, "sys-stat-t 32");
assert_command_result_silent(RET_OBJECT_EXISTS,
'/usr/sbin/addgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -392,6 +417,7 @@ assert_group_is_non_system($name);
# 33 nonsys delete sys wrong_prop nonsys
# above: assert_group_exists($name);
# above: assert_group_is_non_system($name);
+ok(1, "sys-stat-t 33");
assert_command_result_silent(RET_WRONG_OBJECT_PROPERTIES,
'/usr/sbin/delgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -405,6 +431,7 @@ assert_group_is_non_system($name);
# 34 nonsys create sys wrong_prop nonsys
# above: assert_group_exists($name);
# above: assert_group_is_non_system($name);
+ok(1, "sys-stat-t 34b");
assert_command_result_silent(RET_WRONG_OBJECT_PROPERTIES,
'/usr/sbin/addgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
@@ -418,6 +445,7 @@ assert_group_is_non_system($name);
# 35 nonsys delete nonsys success nothing
# above: assert_group_exists($name);
# above: assert_group_is_non_system($name);
+ok(1, "sys-stat-t 35");
assert_command_success(
'/usr/sbin/delgroup',
'--stdoutmsglevel=error', '--stderrmsglevel=error',
=====================================
deluser
=====================================
@@ -106,7 +106,7 @@ if ($encode_loaded) {
binmode(STDERR, ":encoding($charset)");
}
-our $action;
+our $action = "";
our $verbose;
our $stdoutmsglevel = "warn";
our $stderrmsglevel = "warn";
@@ -187,7 +187,9 @@ if( defined $verbose ) {
}
# detect the operation mode
-$action = $0 =~ /delgroup$/ ? "delgroup" : "deluser";
+if ($action eq "") {
+ $action = $0 =~ /delgroup$/ ? "delgroup" : "deluser";
+}
############################
# checks related to @names #
@@ -212,13 +214,13 @@ if ( (! defined $names[0]) || length($names[0]) == 0 || @names > 2) {
if(@names == 2) { # must be deluserfromgroup
$action = "deluserfromgroup";
- $user = sanitize_string( shift(@names) );
- $group = sanitize_string( shift(@names) );
+ $user = sanitize_string( shift(@names), anynamere );
+ $group = sanitize_string( shift(@names), anynamere );
} else { # 1 parameter, must be delgroup
if($action eq "delgroup") {
- $group = shift(@names);
+ $group = sanitize_string( shift(@names), anynamere );
} else {
- $user = shift(@names);
+ $user = sanitize_string( shift(@names), anynamere );
}
}
@@ -451,6 +453,10 @@ if($action eq "deluser") {
if ($action eq 'delgroup') {
+ if ( $pconfig{'remove_home'} || $pconfig{'remove_all_files'} || $pconfig{'backup'} || $pconfig{'backup_to'} || $pconfig{'backup_suffix'} || $no_preserve_root ) {
+ log_warn( mtx("incompatible options for deluser given to deluser --group or delgroup") );
+ exit( RET_EXCLUSIVE_PARAMETERS );
+ }
unless (exist_group($group)) {
if( $config{'system'} ) {
log_warn( mtx("The group `%s' does not exist."), $group);
=====================================
doc/adduser.8
=====================================
@@ -9,7 +9,7 @@
.\" 2016 Afif Elghraoui <afif at debian.org>
.\" 2016 Helge Kreutzmann <debian at helgefjell.de>
.\" 2021-2022 Jason Franklin <jason at oneway.dev>
-.\" 2022 Matt Barry <matt at hazelmollusk.org>
+.\" 2022 Matt Barry <matt at hazelmollusc.org>
.\"
.\" This is free software; see the GNU General Public License version
.\" 2 or later for copying conditions. There is NO warranty.
@@ -34,6 +34,7 @@ adduser, addgroup \- add or manipulate users or groups
.OP \-\-lastgid id
.OP \-\-lastuid id
.OP \-\-no\-create\-home
+.OP \-\-no\-copy\-skel
.OP \-\-shell shell
.OP \-\-quiet
.OP \-\-uid id
@@ -53,6 +54,7 @@ adduser, addgroup \- add or manipulate users or groups
.OP \-\-home dir
.OP \-\-ingroup group
.OP \-\-no\-create\-home
+.OP \-\-no\-copy\-skel
.OP \-\-shell shell
.OP \-\-uid id
.OP \-\-quiet
@@ -437,6 +439,12 @@ that some other mechanism will be responsible
for initializing the new user's home directory.
Valid modes: \fBadduser\fP, \fBadduser \-\-system\fP.
.TP
+.B \-\-no\-copy\-skel
+Do not populate the home directory for the new user with
+files from \fI\%/etc/skel\fP. If the home directory is
+newly created, it will be empty.
+Valid modes: \fBadduser\fP, \fBadduser \-\-system\fP.
+.TP
.B \-\-quiet
Synonymous to
.B \-\-stdoutmsglevel=warn.
=====================================
testsuite/test1.pl → testsuite/test01.pl
=====================================
=====================================
testsuite/test2.pl → testsuite/test02.pl
=====================================
=====================================
testsuite/test3.pl → testsuite/test03.pl
=====================================
=====================================
testsuite/test4.pl → testsuite/test04.pl
=====================================
=====================================
testsuite/test5.pl → testsuite/test05.pl
=====================================
=====================================
testsuite/test6.pl → testsuite/test06.pl
=====================================
=====================================
testsuite/test7.pl → testsuite/test07.pl
=====================================
=====================================
testsuite/test8.pl → testsuite/test08.pl
=====================================
@@ -91,6 +91,34 @@ unless (!defined getgrnam($newgroup)) {
print "ok\n";
}
+my $newgroup = find_unused_name();
+
+$cmd = "adduser --group $newgroup";
+unless (defined getgrnam($newgroup)) {
+ print "Testing $cmd... ";
+ `$cmd`;
+ my $error = ($?>>8);
+ if ($error) {
+ print "failed\n addgroup returned an errorcode != 0 ($error)\n";
+ exit $error;
+ }
+ assert(check_group_exist ($newgroup));
+ print "ok\n";
+}
+
+$cmd = "deluser --group $newgroup";
+unless (!defined getgrnam($newgroup)) {
+ print "Testing $cmd... ";
+ `$cmd`;
+ my $error = ($?>>8);
+ if ($error) {
+ print "failed\n delgroup returned an errorcode != 0 ($error)\n";
+ exit $error;
+ }
+ assert(!check_group_exist ($newgroup));
+ print "ok\n";
+}
+
my $sysusername = find_unused_name();
$cmd = "adduser --system --comment test --disabled-password --add-extra-groups $sysusername";
=====================================
testsuite/test9.pl → testsuite/test09.pl
=====================================
@@ -2,11 +2,11 @@
# expect:
# - a new non-system group $groupname
-# - readding the group fails
-# - readding the group as a system group fails
+# - reading the group fails
+# - reading the group as a system group fails
# - a new system group $groupname
-# - readding the group succeeds
-# - readding the group as a non-system group fails
+# - reading the group succeeds
+# - reading the group as a non-system group fails
use strict;
@@ -56,17 +56,30 @@ if ($error ne 13) {
print "failed\n $cmd returned an errorcode != 13 ($error)\n";
exit $error;
}
-if ($output !~ /^err: The group `addusertest\d+' already exists and is not a system group. Exiting.$/ ) {
+if ($output !~ /^fatal: The group `addusertest\d+' already exists, but is not a system group. Exiting.$/ ) {
print "failed\n $cmd returned unexpected output ($output)\n";
exit 1;
}
print "ok\n";
+# now testing whether trying to delete the group with --remove-home
+# fails as it should
+
+$cmd = "delgroup --system --remove-home $groupname";
+print "Testing (9.4) $cmd... ";
+$output=`$cmd 2>&1`;
+$error = ($?>>8);
+if ($error ne 53) {
+ print "failed\n $cmd returned an errorcode != 53 ($error)\n";
+ exit $error;
+}
+print "ok\n";
+
my $sysgroupname = find_unused_name();
$cmd = "addgroup --system $sysgroupname";
if (!defined (getgrnam($sysgroupname))) {
- print "Testing (9.4) $cmd... ";
+ print "Testing (9.5) $cmd... ";
$output=`$cmd 2>&1`;
$error = ($?>>8);
if ($error) {
@@ -82,7 +95,7 @@ if (!defined (getgrnam($sysgroupname))) {
# ("already exists as a system group")
$cmd = "addgroup --system $sysgroupname" ;
-print "Testing (9.5) $cmd... ";
+print "Testing (9.6) $cmd... ";
$output=`$cmd 2>&1`;
$error = ($?>>8);
if ($error) {
@@ -95,7 +108,7 @@ print "ok\n";
# fails as it should
$cmd = "addgroup $sysgroupname";
-print "Testing (9.6) $cmd... ";
+print "Testing (9.7) $cmd... ";
$output=`$cmd 2>&1`;
$error = ($?>>8);
if ($error ne 11) {
View it on GitLab: https://salsa.debian.org/debian/adduser/-/compare/85f0d62fbcf50185e010ae24b2422c3a22d18fc0...b7c9d3a138f37a0f174968ebb3600f6c5e0de454
--
View it on GitLab: https://salsa.debian.org/debian/adduser/-/compare/85f0d62fbcf50185e010ae24b2422c3a22d18fc0...b7c9d3a138f37a0f174968ebb3600f6c5e0de454
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-shadow-devel/attachments/20251014/5a0766b2/attachment-0001.htm>
More information about the Pkg-shadow-devel
mailing list