From a29ef37c56b0d249e1971da018d2c76120baaad9 Mon Sep 17 00:00:00 2001 From: Adithya Rajendran Date: Mon, 1 Jul 2024 12:33:49 -0700 Subject: [PATCH 1/4] charmhelpers/core/host.py Add shell to system user if provided --- charmhelpers/core/host.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charmhelpers/core/host.py b/charmhelpers/core/host.py index def403c51..e8077eea7 100644 --- a/charmhelpers/core/host.py +++ b/charmhelpers/core/host.py @@ -390,6 +390,8 @@ def adduser(username, password=None, shell='/bin/bash', cmd.extend(['--home', str(home_dir)]) if system_user or password is None: cmd.append('--system') + if shell != adduser.__defaults__[1]: + cmd.extend(['--shell', shell]) else: cmd.extend([ '--create-home', From 8c23752e758d64f4655ccdff32cc21e7f2119020 Mon Sep 17 00:00:00 2001 From: Adithya Rajendran Date: Mon, 1 Jul 2024 12:34:11 -0700 Subject: [PATCH 2/4] Added tests for system user with different shell --- tests/core/test_host.py | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/tests/core/test_host.py b/tests/core/test_host.py index 50c742c03..b86ad41d8 100644 --- a/tests/core/test_host.py +++ b/tests/core/test_host.py @@ -793,6 +793,28 @@ def test_adds_a_systemuser_with_home_dir(self, log, check_call, getpwnam): ]) getpwnam.assert_called_with(username) + @patch('pwd.getpwnam') + @patch('subprocess.check_call') + @patch.object(host, 'log') + def test_adds_a_systemuser_with_different_shell(self, log, check_call, getpwnam): + username = 'johndoe' + shell = '/usr/sbin/nologin' + existing_user_pwnam = KeyError('user not found') + new_user_pwnam = 'some user pwnam' + + getpwnam.side_effect = [existing_user_pwnam, new_user_pwnam] + + result = host.adduser(username, system_user=True, shell=shell) + + self.assertEqual(result, new_user_pwnam) + check_call.assert_called_with([ + 'useradd', + '--system', + '--shell', shell, + username + ]) + getpwnam.assert_called_with(username) + @patch('pwd.getpwnam') @patch('pwd.getpwuid') @patch('grp.getgrnam') From 1902124e073d437ace7221c9253f14c79f35c476 Mon Sep 17 00:00:00 2001 From: Adithya Rajendran Date: Mon, 1 Jul 2024 13:09:59 -0700 Subject: [PATCH 3/4] Added default shell for system users --- charmhelpers/core/host.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/charmhelpers/core/host.py b/charmhelpers/core/host.py index e8077eea7..8371daac3 100644 --- a/charmhelpers/core/host.py +++ b/charmhelpers/core/host.py @@ -357,7 +357,7 @@ def init_is_systemd(service_name=None): return os.path.isdir(SYSTEMD_SYSTEM) -def adduser(username, password=None, shell='/bin/bash', +def adduser(username, password=None, shell=None, system_user=False, primary_group=None, secondary_groups=None, uid=None, home_dir=None): """Add a user to the system. @@ -389,13 +389,14 @@ def adduser(username, password=None, shell='/bin/bash', if home_dir: cmd.extend(['--home', str(home_dir)]) if system_user or password is None: - cmd.append('--system') - if shell != adduser.__defaults__[1]: - cmd.extend(['--shell', shell]) + cmd.extend([ + '--system', + '--shell', shell if shell else '/usr/sbin/nologin' + ]) else: cmd.extend([ '--create-home', - '--shell', shell, + '--shell', shell if shell else '/bin/bash', '--password', password, ]) if not primary_group: From 4f84f6d115efbec4c34949b2ccd3c92f90f338a5 Mon Sep 17 00:00:00 2001 From: Adithya Rajendran Date: Mon, 1 Jul 2024 13:10:19 -0700 Subject: [PATCH 4/4] Updated tests for default shell --- tests/core/test_host.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/tests/core/test_host.py b/tests/core/test_host.py index b86ad41d8..4cf04be5d 100644 --- a/tests/core/test_host.py +++ b/tests/core/test_host.py @@ -755,6 +755,7 @@ def test_adduser_with_groups(self, log, check_call, getpwnam, getgrnam): @patch.object(host, 'log') def test_adds_a_systemuser(self, log, check_call, getpwnam): username = 'johndoe' + shell = '/usr/sbin/nologin' existing_user_pwnam = KeyError('user not found') new_user_pwnam = 'some user pwnam' @@ -766,6 +767,7 @@ def test_adds_a_systemuser(self, log, check_call, getpwnam): check_call.assert_called_with([ 'useradd', '--system', + '--shell', shell, username ]) getpwnam.assert_called_with(username) @@ -775,6 +777,7 @@ def test_adds_a_systemuser(self, log, check_call, getpwnam): @patch.object(host, 'log') def test_adds_a_systemuser_with_home_dir(self, log, check_call, getpwnam): username = 'johndoe' + shell = '/usr/sbin/nologin' existing_user_pwnam = KeyError('user not found') new_user_pwnam = 'some user pwnam' @@ -789,6 +792,7 @@ def test_adds_a_systemuser_with_home_dir(self, log, check_call, getpwnam): '--home', '/var/lib/johndoe', '--system', + '--shell', shell, username ]) getpwnam.assert_called_with(username) @@ -798,7 +802,7 @@ def test_adds_a_systemuser_with_home_dir(self, log, check_call, getpwnam): @patch.object(host, 'log') def test_adds_a_systemuser_with_different_shell(self, log, check_call, getpwnam): username = 'johndoe' - shell = '/usr/sbin/nologin' + shell = '/bin/bash' existing_user_pwnam = KeyError('user not found') new_user_pwnam = 'some user pwnam' @@ -823,6 +827,7 @@ def test_adds_a_systemuser_with_different_shell(self, log, check_call, getpwnam) def test_add_user_uid(self, log, check_call, getgrnam, getpwuid, getpwnam): user_name = 'james' user_id = 1111 + shell = '/usr/sbin/nologin' uid_key_error = KeyError('user not found') getpwuid.side_effect = uid_key_error host.adduser(user_name, uid=user_id) @@ -832,6 +837,7 @@ def test_add_user_uid(self, log, check_call, getgrnam, getpwuid, getpwnam): '--uid', str(user_id), '--system', + '--shell', shell, '-g', user_name, user_name