This commit is contained in:
Jean-Philippe Pialasse 2024-03-14 16:00:28 -04:00
parent 097e08312b
commit 9a56b9e87b
8 changed files with 9 additions and 71 deletions

View File

@ -315,7 +315,6 @@ event_link("rmmod-bonding", $event, "10");
event_link("conf-startup", $event, "10"); event_link("conf-startup", $event, "10");
event_link("user-lock-passwd", $event, "15"); event_link("user-lock-passwd", $event, "15");
event_link("group-modify-unix", $event, "15"); event_link("group-modify-unix", $event, "15");
event_link("user-rsshd", $event, "16");
event_link("update-passwd", $event, "20"); event_link("update-passwd", $event, "20");
event_link("count-active-user-accounts", $event, "25"); event_link("count-active-user-accounts", $event, "25");
event_link("conf-modules", $event, "30"); event_link("conf-modules", $event, "30");
@ -343,7 +342,6 @@ templates2events("/etc/smartmontools/smartd.conf", $event);
templates2events("/home/e-smith/ssl.pem/pem", $event); templates2events("/home/e-smith/ssl.pem/pem", $event);
templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event); templates2events("/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf", $event);
event_link("set-hostname", $event, "10"); event_link("set-hostname", $event, "10");
event_link("user-rsshd", $event, "16");
event_link("conf-modules", $event, "30"); event_link("conf-modules", $event, "30");
event_link("conf-startup", $event, "60"); event_link("conf-startup", $event, "60");
event_link("systemd-default", $event, "88"); event_link("systemd-default", $event, "88");
@ -454,7 +452,6 @@ event_link("init-accounts", $event, "05");
event_link("rotate_logfiles", $event, "07"); event_link("rotate_logfiles", $event, "07");
event_link("init-passwords", $event, "10"); event_link("init-passwords", $event, "10");
event_link("conf-startup", $event, "10"); event_link("conf-startup", $event, "10");
event_link("user-rsshd", $event, "16");
event_link("conf-modules", $event, "30"); event_link("conf-modules", $event, "30");
event_link("create-mnt-floppy", $event, "50"); event_link("create-mnt-floppy", $event, "50");
event_link("systemd-default", $event, "88"); event_link("systemd-default", $event, "88");
@ -476,7 +473,6 @@ event_link("rotate_logfiles", $event, "07");
event_link("conf-startup", $event, "10"); event_link("conf-startup", $event, "10");
event_link("user-lock-passwd", $event, "15"); event_link("user-lock-passwd", $event, "15");
event_link("group-modify-unix", $event, "15"); event_link("group-modify-unix", $event, "15");
event_link("user-rsshd", $event, "16");
event_link("update-passwd", $event, "20"); event_link("update-passwd", $event, "20");
event_link("count-active-user-accounts", $event, "25"); event_link("count-active-user-accounts", $event, "25");
event_link("conf-modules", $event, "30"); event_link("conf-modules", $event, "30");
@ -513,7 +509,6 @@ event_link("systemd-reload", $event, "89");
$event = "user-create"; $event = "user-create";
event_link("user-create-unix", $event, "04"); event_link("user-create-unix", $event, "04");
event_link("user-rsshd", $event, "16");
event_link("count-active-user-accounts", $event, "25"); event_link("count-active-user-accounts", $event, "25");
event_link("user-group-modify", $event, "85"); event_link("user-group-modify", $event, "85");
@ -535,7 +530,6 @@ event_link("count-active-user-accounts", $event, "25");
$event = "user-modify"; $event = "user-modify";
event_link("user-modify-unix", $event, "15"); event_link("user-modify-unix", $event, "15");
event_link("user-rsshd", $event, "16");
event_link("user-group-modify", $event, "85"); event_link("user-group-modify", $event, "85");
$event = "user-modify-admin"; $event = "user-modify-admin";

View File

@ -72,7 +72,7 @@ my $company = $acct->prop('Company') || '';
my $dept = $acct->prop('Dept') || ''; my $dept = $acct->prop('Dept') || '';
my $city = $acct->prop('City') || ''; my $city = $acct->prop('City') || '';
my $street = $acct->prop('Street') || ''; my $street = $acct->prop('Street') || '';
my $shell = $acct->prop('Shell') || '/usr/bin/rssh'; my $shell = $acct->prop('Shell') || '/usr/bin/false';
my $groups = "shared"; my $groups = "shared";
if ($ldapauth ne 'enabled') if ($ldapauth ne 'enabled')

View File

@ -39,7 +39,7 @@ my ($user, $colon, @old_groups) = split(' ', `/usr/bin/groups $userName`);
# actions for all these groups # actions for all these groups
my %modified_groups = map { $_, 1 } @old_groups, $acctdb->user_group_list($userName); my %modified_groups = map { $_, 1 } @old_groups, $acctdb->user_group_list($userName);
# but omit "shared" and user private group # but omit "shared" and user private group
foreach ('shared', $userName, 'rsshusers') foreach ('shared', $userName)
{ {
delete $modified_groups{$_} if exists $modified_groups{$_}; delete $modified_groups{$_} if exists $modified_groups{$_};
} }

View File

@ -79,9 +79,9 @@ foreach my $u (@users)
my ($comment, $shell) = (getpwnam($userName))[6,8]; my ($comment, $shell) = (getpwnam($userName))[6,8];
endpwent; endpwent;
my $new_shell = $u->prop('Shell') my $new_shell = $u->prop('Shell')
|| (($shell eq "/bin/sshell") ? "/usr/bin/rssh" : $shell); || (($shell eq "/bin/sshell") ? "/usr/bin/false" : $shell);
$u->set_prop('Shell', $new_shell) unless (not defined $u->prop('Shell') && $new_shell eq "/usr/bin/rssh" ) ; $u->set_prop('Shell', $new_shell) unless (not defined $u->prop('Shell') && $new_shell eq "/usr/bin/false" ) ;
my $result; my $result;
#------------------------------------------------------------ #------------------------------------------------------------

View File

@ -1,57 +0,0 @@
#!/usr/bin/perl -w
package esmith;
use strict;
use Errno;
use esmith::ConfigDB;
use esmith::AccountsDB;
use File::Temp;
sub trim { my $s = shift; $s =~ s/^\s+|\s+$//g; return $s };
my $conf = esmith::ConfigDB->open_ro;
my $accounts = esmith::AccountsDB->open;
my $ldapauth = $conf->get('ldap')->prop('Authentication') || 'disabled';
my $x = 0; # exit value
my $groupName = 'rsshusers';
my $gid = getgrnam($groupName);
my $tmpattr = File::Temp->new();
my $event = $ARGV[0];
my $userName = $ARGV[1];
# finallement get all user
my @users = (not defined $ARGV[1])? $accounts->get_all_by_prop(type => "user" ) : map { $accounts->get($_); } $userName;
my @currents=split /\n/, `/usr/sbin/lid -ng rsshusers`;
@currents=map { trim($_) } @currents;
# here we could be emptying group, but we might want to let system user on this list.
#if ( $event ~~ ['user-modify','user-create'] ) {
# system("/usr/bin/gpasswd","-M ''", "rsshusers");
# print "deleting rsshusers group content ...";
#}
foreach my $user (@users) {
my $cuser=$user->key;
# we remove users that should not be there
if ( defined $user->prop('Shell') && $user->prop('Shell') ne '/usr/bin/rssh') {
next unless ( "$cuser" ~~ @currents ) ;
system("/usr/bin/gpasswd", "-d", $cuser, "rsshusers");
next;
}
# next if the user is already there
print $tmpattr "memberUid: $cuser\n";
next if ( "$cuser" ~~ @currents ) ;
print "Adding user $cuser to group rsshusers";
system("/usr/sbin/usermod", "-a", "-G", "rsshusers", $cuser);
}
# add all users to rsshusers
system("/usr/sbin/cpu", "-C/etc/cpu-system.conf", "groupmod", "-a", "$tmpattr", "$groupName") == 0
or
system( "/usr/sbin/cpu", "groupadd", "-g", $gid, "-a", "$tmpattr", $groupName ) == 0 or ( $x = $ldapauth ne 'enabled' ? $x : 255 , warn "Failed to create (ldap) group $groupName.\n" );
exit ($x);

View File

@ -1 +1 @@
DEFAULT_SHELL = /usr/bin/rssh DEFAULT_SHELL = /usr/bin/false

View File

@ -1 +0,0 @@
/usr/bin/rssh

View File

@ -4,7 +4,7 @@ Summary: smeserver server and gateway - base module
%define name smeserver-base %define name smeserver-base
Name: %{name} Name: %{name}
%define version 5.8.1 %define version 5.8.1
%define release 32 %define release 33
Version: %{version} Version: %{version}
Release: %{release}%{?dist} Release: %{release}%{?dist}
License: GPL License: GPL
@ -30,7 +30,6 @@ Requires: /usr/sbin/irqbalance
Requires: /usr/sbin/smartd Requires: /usr/sbin/smartd
Requires: dbus Requires: dbus
Requires: acpid Requires: acpid
Requires: rssh
Requires: bridge-utils Requires: bridge-utils
Requires: vconfig Requires: vconfig
Requires: e-smith-bootloader Requires: e-smith-bootloader
@ -180,6 +179,9 @@ fi
%changelog %changelog
* Thu Mar 14 2024 Jean-Philippe Pialasse <jpp@koozali.org> 5.8.1-33.sme
- drop rssh support and requirement [SME: 12509]
* Tue Mar 12 2024 Jean-Philippe Pialasse <jpp@koozali.org> 5.8.1-32.sme * Tue Mar 12 2024 Jean-Philippe Pialasse <jpp@koozali.org> 5.8.1-32.sme
- add gcc -g flag to allow el8 build - add gcc -g flag to allow el8 build