|
|
3020c4 |
#!/usr/bin/python3
|
|
|
3020c4 |
#
|
|
|
3020c4 |
# Copyright 2017 Peter Jones <Peter Jones@random>
|
|
|
3020c4 |
#
|
|
|
3020c4 |
# Distributed under terms of the GPLv3 license.
|
|
|
3020c4 |
|
|
|
3020c4 |
"""
|
|
|
3020c4 |
mock plugin to make sure pesign and mockbuild users have the right uid and
|
|
|
3020c4 |
gid.
|
|
|
3020c4 |
"""
|
|
|
3020c4 |
|
|
|
3020c4 |
from mockbuild.trace_decorator import getLog, traceLog
|
|
|
3020c4 |
import mockbuild.util
|
|
|
3020c4 |
|
|
|
3020c4 |
requires_api_version = "1.1"
|
|
|
3020c4 |
|
|
|
3020c4 |
@traceLog()
|
|
|
3020c4 |
def init(plugins, conf, buildroot):
|
|
|
3020c4 |
""" hello """
|
|
|
3020c4 |
Pesign(plugins, conf, buildroot)
|
|
|
3020c4 |
|
|
|
3020c4 |
def getuid(name):
|
|
|
3020c4 |
""" get a uid for a user name """
|
|
|
3020c4 |
output = mockbuild.util.do(["getent", "passwd", "%s" % (name,)],
|
|
|
3020c4 |
returnOutput=1, printOutput=True)
|
|
|
3020c4 |
output = output.split(':')
|
|
|
3020c4 |
return output[2], output[3]
|
|
|
3020c4 |
|
|
|
3020c4 |
def getgid(name):
|
|
|
3020c4 |
""" get a gid for a group name """
|
|
|
3020c4 |
output = mockbuild.util.do(["getent", "group", "%s" % (name,)],
|
|
|
3020c4 |
returnOutput=1, printOutput=True)
|
|
|
3020c4 |
return output.split(':')[2]
|
|
|
3020c4 |
|
|
|
3020c4 |
def newgroup(name, gid, rootdir):
|
|
|
3020c4 |
""" create a group with a gid """
|
|
|
3020c4 |
getLog().info("creating group %s with gid %s" % (name, gid))
|
|
|
3020c4 |
mockbuild.util.do(["groupadd",
|
|
|
3020c4 |
"-g", "%s" % (gid,),
|
|
|
3020c4 |
"-R", "%s" % (rootdir,),
|
|
|
3020c4 |
"%s" % (name,),
|
|
|
3020c4 |
])
|
|
|
3020c4 |
|
|
|
3020c4 |
def newuser(name, uid, gid, rootdir):
|
|
|
3020c4 |
""" create a user with a uid """
|
|
|
3020c4 |
getLog().info("creating user %s with uid %s" % (name, uid))
|
|
|
3020c4 |
mockbuild.util.do(["useradd",
|
|
|
3020c4 |
"-u", "%s" % (uid,),
|
|
|
3020c4 |
"-g", "%s" % (gid,),
|
|
|
3020c4 |
"-R", "%s" % (rootdir,),
|
|
|
3020c4 |
"%s" % (name,)])
|
|
|
3020c4 |
|
|
|
3020c4 |
class Pesign(object):
|
|
|
3020c4 |
""" Creates some stuff in our mock root """
|
|
|
3020c4 |
# pylint: disable=too-few-public-methods
|
|
|
3020c4 |
@traceLog()
|
|
|
3020c4 |
def __init__(self, plugins, conf, buildroot):
|
|
|
3020c4 |
""" Effectively we're doing:
|
|
|
3020c4 |
getent group pesign >/dev/null || groupadd -r pesign
|
|
|
3020c4 |
getent passwd pesign >/dev/null || \
|
|
|
3020c4 |
useradd -r -g pesign -d /var/run/pesign -s /sbin/nologin \
|
|
|
3020c4 |
-c "Group for the pesign signing daemon" pesign
|
|
|
3020c4 |
"""
|
|
|
3020c4 |
|
|
|
3020c4 |
self.buildroot = buildroot
|
|
|
3020c4 |
self.pesign_opts = conf
|
|
|
3020c4 |
self.config = buildroot.config
|
|
|
3020c4 |
self.state = buildroot.state
|
|
|
3020c4 |
self.users = {}
|
|
|
3020c4 |
self.groups = {}
|
|
|
3020c4 |
plugins.add_hook("postinit", self._pesignPostInitHook)
|
|
|
3020c4 |
|
|
|
3020c4 |
@traceLog()
|
|
|
3020c4 |
def _pesignPostInitHook(self):
|
|
|
3020c4 |
""" find our uid and gid lists """
|
|
|
3020c4 |
for user in self.pesign_opts['users']:
|
|
|
3020c4 |
uid, gid = getuid(user)
|
|
|
3020c4 |
self.users[user] = [user, uid, gid]
|
|
|
3020c4 |
for group in self.pesign_opts['groups']:
|
|
|
3020c4 |
gid = getgid(group)
|
|
|
3020c4 |
self.groups[group] = [group, gid]
|
|
|
3020c4 |
|
|
|
3020c4 |
# create our users
|
|
|
3020c4 |
rootdir = self.buildroot.make_chroot_path()
|
|
|
3020c4 |
for name, gid in self.groups.values():
|
|
|
3020c4 |
newgroup(name, gid, rootdir)
|
|
|
3020c4 |
for name, uid, gid in self.users.values():
|
|
|
3020c4 |
newuser(name, uid, gid, rootdir)
|
|
|
3020c4 |
|
|
|
3020c4 |
# -*- coding: utf-8 -*-
|
|
|
3020c4 |
# vim:fenc=utf-8:tw=75
|