initial commit
This commit is contained in:
commit
a6d7cf16e1
|
@ -0,0 +1,7 @@
|
|||
publik-common (0.1) jessie; urgency=medium
|
||||
|
||||
* Create consistent system users for Publik
|
||||
* Add recommends on entrouvert-archive-keyring, entrouvert-repository and
|
||||
locales
|
||||
|
||||
-- Christophe Siraut <csiraut@entrouvert.com> Tue, 04 Sep 2018 17:15:19 +0200
|
|
@ -0,0 +1 @@
|
|||
9
|
|
@ -0,0 +1,16 @@
|
|||
Source: publik-common
|
||||
Maintainer: Christophe Siraut <csiraut@entrouvert.com>
|
||||
Section: admin
|
||||
Priority: optional
|
||||
Build-Depends: debhelper (>= 9)
|
||||
Standards-Version: 4.1.3
|
||||
|
||||
Package: publik-common
|
||||
Architecture: all
|
||||
Depends: ${misc:Depends}, python3:any
|
||||
Recommends: entrouvert-archive-keyring,
|
||||
entrouvert-repository,
|
||||
locales
|
||||
Description: basic configuration and utilities for running a Publik server
|
||||
This package provides basic configuration and utilities for running a
|
||||
standalone or clustered Publik system.
|
|
@ -0,0 +1,25 @@
|
|||
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
|
||||
Upstream-Name: publik-common
|
||||
Source: https://www.entrouvert.com
|
||||
|
||||
Files: *
|
||||
Copyright: 2018 Christophe Siraut <csiraut@entrouvert.com>
|
||||
2018 Entrouvert Admins <admin@entrouvert.com>
|
||||
License: GPL-3.0+
|
||||
|
||||
License: GPL-3.0+
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
.
|
||||
This package is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
.
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||||
.
|
||||
On Debian systems, the complete text of the GNU General
|
||||
Public License version 3 can be found in "/usr/share/common-licenses/GPL-3".
|
|
@ -0,0 +1,7 @@
|
|||
[DEFAULT]
|
||||
cleaner = fakeroot debian/rules clean
|
||||
builder = debuild -us -uc
|
||||
|
||||
[buildpackage]
|
||||
export-dir = ../build-area
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
publik-create-users /usr/bin
|
||||
|
|
@ -0,0 +1,40 @@
|
|||
#!/bin/sh
|
||||
# postinst script for dummy
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -e
|
||||
|
||||
# summary of how this script can be called:
|
||||
# * <postinst> `configure' <most-recently-configured-version>
|
||||
# * <old-postinst> `abort-upgrade' <new version>
|
||||
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
|
||||
# <new-version>
|
||||
# * <postinst> `abort-remove'
|
||||
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
|
||||
# <failed-install-package> <version> `removing'
|
||||
# <conflicting-package> <version>
|
||||
# for details, see https://www.debian.org/doc/debian-policy/ or
|
||||
# the debian-policy package
|
||||
|
||||
|
||||
case "$1" in
|
||||
configure)
|
||||
publik-create-users
|
||||
;;
|
||||
|
||||
abort-upgrade|abort-remove|abort-deconfigure)
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "postinst called with unknown argument \`$1'" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
|
@ -0,0 +1,5 @@
|
|||
#!/usr/bin/make -f
|
||||
export PYBUILD_NAME=publik-common
|
||||
|
||||
%:
|
||||
dh $@
|
|
@ -0,0 +1 @@
|
|||
3.0 (native)
|
|
@ -0,0 +1,52 @@
|
|||
#!/usr/bin/python3
|
||||
# publik-create-users
|
||||
# 2018 Entr'ouvert
|
||||
|
||||
import subprocess
|
||||
|
||||
userlist = {
|
||||
'hobo': {'uid': '2101'},
|
||||
'authentic-multitenant': {'uid': '2102'},
|
||||
'wcs': {'uid': '2103'},
|
||||
'wcs-au-quotidien': {'uid': '2104'},
|
||||
'passerelle': {'uid': '2105'},
|
||||
'combo': {'uid': '2106'},
|
||||
'fargo': {'uid': '2107'},
|
||||
'welco': {'uid': '2108'},
|
||||
'chrono': {'uid': '2109'},
|
||||
'corbo': {'uid': '2110'},
|
||||
'bijoe': {'uid': '2111'},
|
||||
'mandayejs': {'uid': '2112'}
|
||||
}
|
||||
|
||||
def run(cmd, check=True):
|
||||
# when dropping jessie and python3.4 support better use:
|
||||
# rr = subprocess.run(cmd, stdout=PIPE, shell=True, check=check)
|
||||
# return (rr.returncode, rr.stdout)
|
||||
try:
|
||||
output = subprocess.check_output(cmd, shell=True)
|
||||
return (0, output)
|
||||
except subprocess.CalledProcessError:
|
||||
if check:
|
||||
raise(Exception('Command failed: "{}"'.format(cmd)))
|
||||
else:
|
||||
return (1, None)
|
||||
|
||||
for user, data in userlist.items():
|
||||
uid = data.get('uid')
|
||||
rc, ou = run('getent group {}'.format(user), check=False)
|
||||
if rc == 0:
|
||||
current_uid = ou.decode().split(':')[2]
|
||||
if current_uid != uid:
|
||||
raise(Exception('{} uid does not match'.format(user)))
|
||||
else:
|
||||
run('addgroup --system --gid {} {}'.format(uid, user))
|
||||
|
||||
|
||||
rc, ou = run('getent passwd {}'.format(user), check=False)
|
||||
if rc == 0:
|
||||
uid = ou.decode().split(':')[2]
|
||||
if uid != uid:
|
||||
raise(Exception('{} uid does not match'.format(user)))
|
||||
else:
|
||||
run('adduser --disabled-password --system --uid {uid} --gecos "{user} daemon" --ingroup {user} --no-create-home --home /var/lib/{user} {user}'.format(user=user, uid=uid))
|
Loading…
Reference in New Issue