1 |
Introduce a few variables to allow easy overrides of common user account |
2 |
proprerties, that is: |
3 |
|
4 |
- ACCT_USER_<username>_SHELL |
5 |
- ACCT_USER_<username>_HOME |
6 |
- ACCT_USER_<username>_HOME_OWNER |
7 |
- ACCT_USER_<username>_HOME_PERMS |
8 |
- ACCT_USER_<username>_GROUPS |
9 |
- ACCT_USER_<username>_GROUPS_ADD |
10 |
|
11 |
The first five variables override the respective ACCT_USER_* variables, |
12 |
with ACCT_USER_*_GROUPS being a space-separated list. The *_GROUPS_ADD |
13 |
variable appends to groups present in the ebuild, as this seems a common |
14 |
necessity. |
15 |
|
16 |
We do realize that the original requirement of overriding ebuilds |
17 |
in a local repository was inconvenient. This new logic should permit |
18 |
easy updates via make.conf. Additionally, it has the advantage |
19 |
of clearly reporting the changes made in the build logs. |
20 |
|
21 |
This does not preclude other solutions to the problem. However, this |
22 |
is probably the best one and it should become the current |
23 |
recommendation. |
24 |
|
25 |
Signed-off-by: Michał Górny <mgorny@g.o> |
26 |
--- |
27 |
eclass/acct-user.eclass | 84 +++++++++++++++++++++++++++++------------ |
28 |
1 file changed, 60 insertions(+), 24 deletions(-) |
29 |
|
30 |
diff --git a/eclass/acct-user.eclass b/eclass/acct-user.eclass |
31 |
index 22b0038fbff7..5c55b8092c69 100644 |
32 |
--- a/eclass/acct-user.eclass |
33 |
+++ b/eclass/acct-user.eclass |
34 |
@@ -82,7 +82,8 @@ readonly ACCT_USER_NAME |
35 |
# @ECLASS-VARIABLE: ACCT_USER_SHELL |
36 |
# @DESCRIPTION: |
37 |
# The shell to use for the user. If not specified, a 'nologin' variant |
38 |
-# for the system is used. |
39 |
+# for the system is used. This can be overriden in make.conf through |
40 |
+# ACCT_USER_<UPPERCASE_USERNAME>_SHELL variable. |
41 |
: ${ACCT_USER_SHELL:=-1} |
42 |
|
43 |
# @ECLASS-VARIABLE: ACCT_USER_HOME |
44 |
@@ -90,6 +91,8 @@ readonly ACCT_USER_NAME |
45 |
# The home directory for the user. If not specified, /dev/null is used. |
46 |
# The directory will be created with appropriate permissions if it does |
47 |
# not exist. When updating, existing home directory will not be moved. |
48 |
+# This can be overriden in make.conf through |
49 |
+# ACCT_USER_<UPPERCASE_USERNAME>_HOME variable. |
50 |
: ${ACCT_USER_HOME:=/dev/null} |
51 |
|
52 |
# @ECLASS-VARIABLE: ACCT_USER_HOME_OWNER |
53 |
@@ -97,11 +100,14 @@ readonly ACCT_USER_NAME |
54 |
# @DESCRIPTION: |
55 |
# The ownership to use for the home directory, in chown ([user][:group]) |
56 |
# syntax. Defaults to the newly created user, and its primary group. |
57 |
+# This can be overriden in make.conf through |
58 |
+# ACCT_USER_<UPPERCASE_USERNAME>_HOME_OWNER variable. |
59 |
|
60 |
# @ECLASS-VARIABLE: ACCT_USER_HOME_PERMS |
61 |
# @DESCRIPTION: |
62 |
# The permissions to use for the home directory, in chmod (octal |
63 |
-# or verbose) form. |
64 |
+# or verbose) form. This can be overriden in make.conf through |
65 |
+# ACCT_USER_<UPPERCASE_USERNAME>_HOME_PERMS variable. |
66 |
: ${ACCT_USER_HOME_PERMS:=0755} |
67 |
|
68 |
# @ECLASS-VARIABLE: ACCT_USER_GROUPS |
69 |
@@ -110,6 +116,12 @@ readonly ACCT_USER_NAME |
70 |
# List of groups the user should belong to. This must be a bash |
71 |
# array. The first group specified is the user's primary group, while |
72 |
# the remaining groups (if any) become supplementary groups. |
73 |
+# |
74 |
+# This can be overriden in make.conf through |
75 |
+# ACCT_USER_<UPPERCASE_USERNAME>_GROUPS variable, or appended to |
76 |
+# via ACCT_USER_<UPPERCASE_USERNAME>_GROUPS_ADD. Please note that |
77 |
+# due to technical limitations, the override variables are not arrays |
78 |
+# but space-separated lists. |
79 |
|
80 |
|
81 |
# << Boilerplate ebuild variables >> |
82 |
@@ -316,23 +328,48 @@ acct-user_pkg_pretend() { |
83 |
acct-user_src_install() { |
84 |
debug-print-function ${FUNCNAME} "${@}" |
85 |
|
86 |
- if [[ ${ACCT_USER_HOME} != /dev/null ]]; then |
87 |
+ # serialize for override support |
88 |
+ local ACCT_USER_GROUPS=${ACCT_USER_GROUPS[*]} |
89 |
+ |
90 |
+ # support make.conf overrides |
91 |
+ local override_name=${ACCT_USER_NAME^^} |
92 |
+ override_name=${override_name//-/_} |
93 |
+ local var |
94 |
+ for var in ACCT_USER_{SHELL,HOME{,_OWNER,_PERMS},GROUPS}; do |
95 |
+ local var_name=ACCT_USER_${override_name}_${var#ACCT_USER_} |
96 |
+ if [[ -n ${!var_name} ]]; then |
97 |
+ ewarn "${var_name}=${!var_name} override in effect, support will not be provided." |
98 |
+ else |
99 |
+ var_name=${var} |
100 |
+ fi |
101 |
+ declare -g "_${var}=${!var_name}" |
102 |
+ done |
103 |
+ var_name=ACCT_USER_${override_name}_GROUPS_ADD |
104 |
+ if [[ -n ${!var_name} ]]; then |
105 |
+ ewarn "${var_name}=${!var_name} override in effect, support will not be provided." |
106 |
+ _ACCT_USER_GROUPS+=" ${!var_name}" |
107 |
+ fi |
108 |
+ |
109 |
+ # deserialize into an array |
110 |
+ local groups=( ${_ACCT_USER_GROUPS} ) |
111 |
+ |
112 |
+ if [[ ${_ACCT_USER_HOME} != /dev/null ]]; then |
113 |
# note: we can't set permissions here since the user isn't |
114 |
# created yet |
115 |
- keepdir "${ACCT_USER_HOME}" |
116 |
+ keepdir "${_ACCT_USER_HOME}" |
117 |
fi |
118 |
|
119 |
insinto /usr/lib/sysusers.d |
120 |
newins - ${CATEGORY}-${ACCT_USER_NAME}.conf < <( |
121 |
printf "u\t%q\t%q\t%q\t%q\t%q\n" \ |
122 |
"${ACCT_USER_NAME}" \ |
123 |
- "${ACCT_USER_ID/#-*/-}:${ACCT_USER_GROUPS[0]}" \ |
124 |
+ "${ACCT_USER_ID/#-*/-}:${groups[0]}" \ |
125 |
"${DESCRIPTION//[:,=]/;}" \ |
126 |
- "${ACCT_USER_HOME}" \ |
127 |
- "${ACCT_USER_SHELL/#-*/-}" |
128 |
- if [[ ${#ACCT_USER_GROUPS[@]} -gt 1 ]]; then |
129 |
+ "${_ACCT_USER_HOME}" \ |
130 |
+ "${_ACCT_USER_SHELL/#-*/-}" |
131 |
+ if [[ ${#groups[@]} -gt 1 ]]; then |
132 |
printf "m\t${ACCT_USER_NAME}\t%q\n" \ |
133 |
- "${ACCT_USER_GROUPS[@]:1}" |
134 |
+ "${groups[@]:1}" |
135 |
fi |
136 |
) |
137 |
} |
138 |
@@ -344,26 +381,26 @@ acct-user_src_install() { |
139 |
acct-user_pkg_preinst() { |
140 |
debug-print-function ${FUNCNAME} "${@}" |
141 |
|
142 |
- local groups=${ACCT_USER_GROUPS[*]} |
143 |
enewuser ${ACCT_USER_ENFORCE_ID:+-F} -M "${ACCT_USER_NAME}" \ |
144 |
- "${ACCT_USER_ID}" "${ACCT_USER_SHELL}" "${ACCT_USER_HOME}" \ |
145 |
- "${groups// /,}" |
146 |
+ "${ACCT_USER_ID}" "${_ACCT_USER_SHELL}" "${_ACCT_USER_HOME}" \ |
147 |
+ "${_ACCT_USER_GROUPS// /,}" |
148 |
|
149 |
- if [[ ${ACCT_USER_HOME} != /dev/null ]]; then |
150 |
+ if [[ ${_ACCT_USER_HOME} != /dev/null ]]; then |
151 |
# default ownership to user:group |
152 |
- if [[ -z ${ACCT_USER_HOME_OWNER} ]]; then |
153 |
- ACCT_USER_HOME_OWNER=${ACCT_USER_NAME}:${ACCT_USER_GROUPS[0]} |
154 |
+ if [[ -z ${_ACCT_USER_HOME_OWNER} ]]; then |
155 |
+ local group_array=( ${_ACCT_USER_GROUPS} ) |
156 |
+ _ACCT_USER_HOME_OWNER=${ACCT_USER_NAME}:${group_array[0]} |
157 |
fi |
158 |
# Path might be missing due to INSTALL_MASK, etc. |
159 |
# https://bugs.gentoo.org/691478 |
160 |
- if [[ ! -e "${ED}/${ACCT_USER_HOME#/}" ]]; then |
161 |
+ if [[ ! -e "${ED}/${_ACCT_USER_HOME#/}" ]]; then |
162 |
eerror "Home directory is missing from the installation image:" |
163 |
- eerror " ${ACCT_USER_HOME}" |
164 |
+ eerror " ${_ACCT_USER_HOME}" |
165 |
eerror "Check INSTALL_MASK for entries that would cause this." |
166 |
- die "${ACCT_USER_HOME} does not exist" |
167 |
+ die "${_ACCT_USER_HOME} does not exist" |
168 |
fi |
169 |
- fowners "${ACCT_USER_HOME_OWNER}" "${ACCT_USER_HOME}" |
170 |
- fperms "${ACCT_USER_HOME_PERMS}" "${ACCT_USER_HOME}" |
171 |
+ fowners "${_ACCT_USER_HOME_OWNER}" "${_ACCT_USER_HOME}" |
172 |
+ fperms "${_ACCT_USER_HOME_PERMS}" "${_ACCT_USER_HOME}" |
173 |
fi |
174 |
} |
175 |
|
176 |
@@ -380,10 +417,9 @@ acct-user_pkg_postinst() { |
177 |
fi |
178 |
|
179 |
# NB: eset* functions check current value |
180 |
- esethome "${ACCT_USER_NAME}" "${ACCT_USER_HOME}" |
181 |
- esetshell "${ACCT_USER_NAME}" "${ACCT_USER_SHELL}" |
182 |
- local groups=${ACCT_USER_GROUPS[*]} |
183 |
- esetgroups "${ACCT_USER_NAME}" "${groups// /,}" |
184 |
+ esethome "${ACCT_USER_NAME}" "${_ACCT_USER_HOME}" |
185 |
+ esetshell "${ACCT_USER_NAME}" "${_ACCT_USER_SHELL}" |
186 |
+ esetgroups "${ACCT_USER_NAME}" "${_ACCT_USER_GROUPS// /,}" |
187 |
# comment field can not contain colons |
188 |
esetcomment "${ACCT_USER_NAME}" "${DESCRIPTION//[:,=]/;}" |
189 |
eunlockuser "${ACCT_USER_NAME}" |
190 |
-- |
191 |
2.30.0 |