#!/bin/sh
#
# Copyright (c) International Business Machines Corp., 2001
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See
# the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
#
# FILE : IDcheck.sh
# DESCRIPTION : checks for req'd users/groups and will create them if requested.
# HISTORY : see the cvs log
#
# Prompt user if ids/groups should be created
echo "Checking for required user/group ids"
echo ""
# Check ids and create if needed.
NO_NOBODY_ID=1
NO_BIN_ID=1
NO_DAEMON_ID=1
NO_NOBODY_GRP=1
NO_BIN_GRP=1
NO_DAEMON_GRP=1
NO_USERS_GRP=1
NO_SYS_GRP=1
group="$DESTDIR/etc/group"
passwd="$DESTDIR/etc/passwd"
# find entry.
fe() {
ID=$1
FILE=$2
[ -e "$FILE" ] || return $?
grep -q "^$ID:" "$FILE"
}
prompt_for_create() {
if [ -z "$CREATE_ENTRIES" ] ; then
if [ $NO_NOBODY_ID -ne 0 -o $NO_BIN_ID -ne 0 -o $NO_DAEMON_ID -ne 0 -o $NO_NOBODY_GRP -ne 0 -o $NO_BIN_GRP -ne 0 -o $NO_DAEMON_GRP -ne 0 -o $NO_USERS_GRP -ne 0 -o $NO_SYS_GRP -ne 0 ] ; then
echo -n "If any required user ids and/or groups are missing, would you like these created? [y/N]"
read ans
case "$ans" in
[Yy]*) CREATE_ENTRIES=1 ;;
*) CREATE_ENTRIES=0 ;;
esac
else
CREATE_ENTRIES=0
fi
fi
}
if [ -z ${EUID} ] ; then
EUID=$(id -u)
fi
for i in "$passwd" "$group"; do
if [ -e "$i" -a ! -r "$i" ] ; then
echo "$i not readable by uid $EUID"
exit 1
fi
done
fe bin "$passwd"; NO_BIN_ID=$?
fe daemon "$passwd"; NO_DAEMON_ID=$?
fe nobody "$passwd"; NO_NOBODY_ID=$?
fe bin "$group"; NO_BIN_GRP=$?
fe daemon "$group"; NO_DAEMON_GRP=$?
fe nobody "$group" || fe nogroup "$group"; NO_NOBODY_GRP=$?
fe sys "$group"; NO_SYS_GRP=$?
fe users "$group"; NO_USERS_GRP=$?
prompt_for_create
debug_vals() {
echo "Missing the following group / user entries:"
echo "Group file: $group"
echo "Password file: $passwd"
echo "nobody: $NO_NOBODY_ID"
echo "bin: $NO_BIN_ID"
echo "daemon: $NO_DAEMON_ID"
echo "nobody[/nogroup] grp: $NO_NOBODY_GRP"
echo "bin grp: $NO_BIN_GRP"
echo "daemon grp: $NO_DAEMON_GRP"
echo "sys grp: $NO_SYS_GRP"
echo "users grp: $NO_USERS_GRP"
echo ""
}
#debug_vals
if [ $CREATE_ENTRIES -ne 0 ] ; then
if ! touch "$group" "$passwd" 2>/dev/null; then
echo "Failed to touch $group or $passwd"
exit 1
fi
fi
make_user_group() {
local name=$1 id=$2 no_id=$3 no_grp=$4
if [ $no_id -eq 0 -a $no_grp -eq 0 ] ; then
echo "'$name' user id and group found."
elif [ $CREATE_ENTRIES -ne 0 ] ; then
echo "Creating entries for $name"
# Avoid chicken and egg issue with id(1) call
# made above and below.
if ! fe "$name" "$passwd" && [ $no_id -ne 0 ] ; then
echo "${name}:x:${id}:${id}:${name}::" >> "$passwd"
fi
if [ $no_grp -ne 0 ] ; then
echo "${name}:x:$(id -u ${name}):" >> "$group"
fi
fi
}
make_user_group nobody 65534 $NO_NOBODY_ID $NO_NOBODY_GRP
make_user_group bin 1 $NO_BIN_ID $NO_BIN_GRP
make_user_group daemon 2 $NO_DAEMON_ID $NO_DAEMON_GRP
if [ $NO_USERS_GRP -eq 0 ] ; then
echo "Users group found."
elif [ $CREATE_ENTRIES -ne 0 ] ; then
echo 'users:x:100:' >> "$group"
fi
if [ $NO_SYS_GRP -eq 0 ] ; then
echo "Sys group found."
elif [ $CREATE_ENTRIES -ne 0 ] ; then
echo 'sys:x:3:' >> "$group"
fi
MISSING_ENTRY=0
# For entries that exist in both $group and $passwd.
for i in bin daemon; do
for file in "$group" "$passwd"; do
if ! fe "$i" "$file"; then
MISSING_ENTRY=1
break
fi
done
if [ $MISSING_ENTRY -ne 0 ]; then
break
fi
done
# nobody is a standard group on all distros, apart from debian based ones;
# let's account for the fact that they use the nogroup group instead.
if ! fe "nobody" "$passwd" || ! (fe "nogroup" "$group" || fe "nobody" "$group")
then
MISSING_ENTRY=1
fi
# For entries that only exist in $group.
for i in users sys; do
if ! fe "$i" "$group" ; then
MISSING_ENTRY=1
fi
done
if [ $MISSING_ENTRY -eq 0 ] ; then
echo "Required users/groups exist."
exit 0
fi
echo ""
echo "*****************************************"
echo "* Required users/groups do NOT exist!!! *"
echo "* *"
echo "* Some kernel/syscall tests will FAIL! *"
echo "*****************************************"
exit 1