From patchwork Mon Jan 13 15:35:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Norbert Lange X-Patchwork-Id: 1222180 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=F7iL9+5E; dkim-atps=neutral Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 47xHjS2RNlz9sP6 for ; Tue, 14 Jan 2020 02:35:39 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 6D66684FAE; Mon, 13 Jan 2020 15:35:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oXO77Yror4ML; Mon, 13 Jan 2020 15:35:33 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 0B2D4842FC; Mon, 13 Jan 2020 15:35:33 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 7E3BC1BF365 for ; Mon, 13 Jan 2020 15:35:31 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 7AF3B85184 for ; Mon, 13 Jan 2020 15:35:31 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PCwwSGm7_xYd for ; Mon, 13 Jan 2020 15:35:30 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f68.google.com (mail-wm1-f68.google.com [209.85.128.68]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 7F315848C2 for ; Mon, 13 Jan 2020 15:35:30 +0000 (UTC) Received: by mail-wm1-f68.google.com with SMTP id a5so10203564wmb.0 for ; Mon, 13 Jan 2020 07:35:30 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=0Gs31Phr0vhhxyEPS/7snNNLelupn/0nmt/IA33kdxg=; b=F7iL9+5E7kabQohgMn7WReJc8tQ5A1IL1Yz0gza8qfS8FP4SAWewo1MjaKLgSB0ue/ TtPPxIlR+bwb+INeIqUXtqlByWW7UUOrJizqasWOsvLYIfKLxdQfRTYzo2XY/57uxGG4 xezPih6OGJI/lBVIJE2XZTkcckmtS8NKx3LYKEMQ0iFM8kbCFRrcGqnyl8P1WHM4O1hI rpIvtzCeCx8cukErYyiDgEl8BJxpgnHnyBVnvCR9UQHEACLSwPMj6+A4maQUwpfgj5XZ u3OpE1YIpdrLfajQ3pf1GB5s9W/+x/zLqRxr2GC3LLTjjkzWWhI1nE16w2Vkb5TPHJyL rFPA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=0Gs31Phr0vhhxyEPS/7snNNLelupn/0nmt/IA33kdxg=; b=JWnCK44aamQlCuLKinAPyb5iEEQzQAo5P8ZXt1utNgWS68WWTZu/I+CSPwQTAYl/vm vhshwLQNEAdgA8+CO60TUWU2h8/6BLxASBKZR82HTprneHmeVFzjXKpiVAxV0icYNZya DulddyBeQy09EHkNuBZWYj5MEXlzY5jR2zZCGRiyvf8nb8TvnHkiR1dEQ3O0GsPYO0FJ hTW79xaD4ckb0b94/qRsvTj2cMUDxGGe+YoQKLPDaJX7Ha5km4Ym0JG/jEcMtS13udPL aBwgtobyWMIlkeyCwrF0fGSAnz/R+7E/ecBk6+YN8o7BrNyCKrOOH+DzfsaPuz1c3hRI v6EA== X-Gm-Message-State: APjAAAWXNGLW0AEZU+cSmYh9olhSln+9HYPdhQwQQtKinQUPnR8PxhIT K79IXHPXdpCKCDs8/9KOHNQmYZMAY70= X-Google-Smtp-Source: APXvYqyzHcky3zhj2mRSOi6bO54QwIAYz+Z+iBuwAKZKIwVAvescLSv1Uop80v46HTdGG7GYsL9y5w== X-Received: by 2002:a7b:cc82:: with SMTP id p2mr21692469wma.159.1578929728573; Mon, 13 Jan 2020 07:35:28 -0800 (PST) Received: from lano-work.andritz.com ([80.120.136.76]) by smtp.gmail.com with ESMTPSA id c9sm14505199wmc.47.2020.01.13.07.35.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 13 Jan 2020 07:35:28 -0800 (PST) From: Norbert Lange To: buildroot@buildroot.org Date: Mon, 13 Jan 2020 16:35:13 +0100 Message-Id: <20200113153516.486106-1-nolange79@gmail.com> X-Mailer: git-send-email 2.24.1 MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/3] support/scripts/mkusers: allow option for system uid/gid X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Norbert Lange Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Extend the mkusers script to allow -2 for uid/gid. This value will take an identifier from the system range. Signed-off-by: Norbert Lange --- support/scripts/mkusers | 49 +++++++++++++++++++++++++++++------------ 1 file changed, 35 insertions(+), 14 deletions(-) diff --git a/support/scripts/mkusers b/support/scripts/mkusers index d00ba33823..1bf1336e48 100755 --- a/support/scripts/mkusers +++ b/support/scripts/mkusers @@ -8,6 +8,12 @@ MIN_UID=1000 MAX_UID=1999 MIN_GID=1000 MAX_GID=1999 +# use names from /etc/adduser.conf +FIRST_SYSTEM_UID=100 +LAST_SYSTEM_UID=999 +FIRST_SYSTEM_GID=100 +LAST_SYSTEM_GID=999 + # No more is configurable below this point #---------------------------------------------------------------------------- @@ -136,9 +142,9 @@ check_user_validity() { fail "invalid username '%s\n'" "${username}" fi - if [ ${gid} -lt -1 -o ${gid} -eq 0 ]; then + if [ ${gid} -lt -2 -o ${gid} -eq 0 ]; then fail "invalid gid '%d' for '%s'\n" ${gid} "${username}" - elif [ ${gid} -ne -1 ]; then + elif [ ${gid} -gt -1 ]; then # check the gid is not already used for another group if [ -n "${_group}" -a "${_group}" != "${group}" ]; then fail "gid '%d' for '%s' is already used by group '%s'\n" \ @@ -162,9 +168,9 @@ check_user_validity() { fi fi - if [ ${uid} -lt -1 -o ${uid} -eq 0 ]; then + if [ ${uid} -lt -2 -o ${uid} -eq 0 ]; then fail "invalid uid '%d' for '%s'\n" ${uid} "${username}" - elif [ ${uid} -ne -1 ]; then + elif [ ${uid} -gt -1 ]; then # check the uid is not already used for another user if [ -n "${_username}" -a "${_username}" != "${username}" ]; then fail "uid '%d' for '%s' already used by user '%s'\n" \ @@ -198,16 +204,18 @@ check_user_validity() { # - not already used by a group generate_gid() { local group="${1}" + local mingid="${2:-$MIN_UID}" + local maxgid="${3:-$MAX_UID}" local gid gid="$( get_gid "${group}" )" if [ -z "${gid}" ]; then - for(( gid=MIN_GID; gid<=MAX_GID; gid++ )); do + for(( gid=mingid; gid<=maxgid; gid++ )); do if [ -z "$( get_group "${gid}" )" ]; then break fi done - if [ ${gid} -gt ${MAX_GID} ]; then + if [ ${gid} -gt ${maxgid} ]; then fail "can not allocate a GID for group '%s'\n" "${group}" fi fi @@ -222,8 +230,13 @@ add_one_group() { local members # Generate a new GID if needed - if [ ${gid} -eq -1 ]; then - gid="$( generate_gid "${group}" )" + if [ ${gid} -le -1 ]; then + if [ ${gid} -eq -1 ]; then + gid="$( generate_gid "${group}" )" + else + gid="$( generate_gid "${group}" $FIRST_SYSTEM_GID $LAST_SYSTEM_GID )" + + fi fi members=$(get_members "$group") @@ -247,16 +260,19 @@ add_one_group() { # - not already used by a user generate_uid() { local username="${1}" + local minuid="${2:-$MIN_UID}" + local maxuid="${3:-$MAX_UID}" + local uid uid="$( get_uid "${username}" )" if [ -z "${uid}" ]; then - for(( uid=MIN_UID; uid<=MAX_UID; uid++ )); do + for(( uid=minuid; uid<=maxuid; uid++ )); do if [ -z "$( get_username "${uid}" )" ]; then break fi done - if [ ${uid} -gt ${MAX_UID} ]; then + if [ ${uid} -gt ${maxuid} ]; then fail "can not allocate a UID for user '%s'\n" "${username}" fi fi @@ -307,8 +323,13 @@ add_one_user() { check_user_validity "${username}" "${uid}" "${group}" "${gid}" # Generate a new UID if needed - if [ ${uid} -eq -1 ]; then - uid="$( generate_uid "${username}" )" + if [ ${uid} -le -1 ]; then + if [ ${uid} -eq -1 ]; then + uid="$( generate_uid "${username}" )" + else + uid="$( generate_uid "${username}" $FIRST_SYSTEM_UID $LAST_SYSTEM_UID )" + + fi fi # Remove any previous instance of this user @@ -399,7 +420,7 @@ main() { # Then, create all the main groups which gid *is* automatic for line in "${ENTRIES[@]}"; do read username uid group gid passwd home shell groups comment <<<"${line}" - [ ${gid} -eq -1 ] || continue # Non-automatic gid + [ ${gid} -le -1 ] || continue # Non-automatic gid add_one_group "${group}" "${gid}" done @@ -433,7 +454,7 @@ main() { for line in "${ENTRIES[@]}"; do read username uid group gid passwd home shell groups comment <<<"${line}" [ "${username}" != "-" ] || continue # Magic string to skip user creation - [ ${uid} -eq -1 ] || continue # Non-automatic uid + [ ${uid} -le -1 ] || continue # Non-automatic uid add_one_user "${username}" "${uid}" "${group}" "${gid}" "${passwd}" \ "${home}" "${shell}" "${groups}" "${comment}" done