From 9f06fbb03c8061c9e59479a3101e4e0e7656cac1 Mon Sep 17 00:00:00 2001 From: Ken Moore Date: Thu, 25 Aug 2016 11:13:25 -0400 Subject: [PATCH 1/2] Fix up the addition/modification of users in the sysadm/users class. --- src/server/library/sysadm-users.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/server/library/sysadm-users.cpp b/src/server/library/sysadm-users.cpp index 05bd8bd..618ac11 100644 --- a/src/server/library/sysadm-users.cpp +++ b/src/server/library/sysadm-users.cpp @@ -100,7 +100,7 @@ bool UserManager::addUser(QJsonObject* out, QJsonObject obj){ pwfile.close(); //closed but still exists - will go out of scope and get removed in a moment args << "-h" << "0"; //read from std input args << "-m"; //automatically create users home dir - ok = (0== system("cat "+pwfile.fileName().toUtf8()+" | pw "+args.join(" ").toUtf8()) ); + ok = (0== system("cat "+pwfile.fileName().toUtf8()+" | pw \""+args.join("\" \"").toUtf8()+"\"") ); usercreated = ok; }else{ out->insert("error","Could not open temporary file for password"); //should never happen @@ -187,7 +187,7 @@ bool UserManager::modifyUser(QJsonObject* out, QJsonObject obj){ pwfile.write( obj.value("password").toString().toUtf8().data() ); pwfile.close(); //closed but still exists - will go out of scope and get removed in a moment args << "-h" << "0"; //read from std input - ok = (0== system("cat "+pwfile.fileName().toUtf8()+" | pw "+args.join(" ").toUtf8()) ); + ok = (0== system("cat "+pwfile.fileName().toUtf8()+" | pw \""+args.join("\" \"").toUtf8()+"\"") ); }else{ out->insert("error","Could not open temporary file for password"); //should never happen } From 9312915ccf10be64ac83f890b4226470a985f270 Mon Sep 17 00:00:00 2001 From: Ken Moore Date: Thu, 25 Aug 2016 12:25:01 -0400 Subject: [PATCH 2/2] Cleanup the home dir creation routine a bit more in the sysadm/users class: *DO NOT* try to create a home dir if /nonexistant or /var/empty are specified. --- src/server/library/sysadm-users.cpp | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/src/server/library/sysadm-users.cpp b/src/server/library/sysadm-users.cpp index 618ac11..8a3d4a4 100644 --- a/src/server/library/sysadm-users.cpp +++ b/src/server/library/sysadm-users.cpp @@ -67,11 +67,16 @@ bool UserManager::addUser(QJsonObject* out, QJsonObject obj){ //OPTIONAL: "personacrypt_import"= if(obj.contains("password") && obj.contains("name") ){ QString username = obj.value("name").toString(); + bool needsHomeCreated = false; QStringList args; args << "useradd"; args << "-n" << username; if(obj.contains("uid")){ args << "-u" << obj.value("uid").toString(); } if(obj.contains("comment")){ args << "-c" << obj.value("comment").toString(); } - if(obj.contains("home_dir")){ args << "-d" << obj.value("home_dir").toString(); } + if(obj.contains("home_dir")){ + QString home = obj.value("home_dir").toString(); + args << "-d" << home; + if( !home.endsWith("/nonexistant") && !home.contains("/var/empty") ){ needsHomeCreated = true; } + } if(obj.contains("expire")){ args << "-e" << obj.value("expire").toString(); } if(obj.contains("change")){ args << "-p" << obj.value("change").toString(); } if(obj.contains("shell")){ args << "-s" << obj.value("shell").toString(); } @@ -99,13 +104,20 @@ bool UserManager::addUser(QJsonObject* out, QJsonObject obj){ pwfile.write( obj.value("password").toString().toUtf8().data() ); pwfile.close(); //closed but still exists - will go out of scope and get removed in a moment args << "-h" << "0"; //read from std input - args << "-m"; //automatically create users home dir + if(needsHomeCreated){ args << "-m"; }//automatically create users home dir ok = (0== system("cat "+pwfile.fileName().toUtf8()+" | pw \""+args.join("\" \"").toUtf8()+"\"") ); usercreated = ok; }else{ out->insert("error","Could not open temporary file for password"); //should never happen } - + if(usercreated && needsHomeCreated){ + //Verify that the home directory was indeed created - otherwise we might need to create a ZFS dataset for it and mount it + QString home = obj.value("home_dir").toString(); + if(!QFile::exists(home)){ + //Need to try alternate method for creating home dir + // TODO - advanced ZFS functionality + } + } if(usercreated && !PCdev.isEmpty()){ // INIT PERSONACRYPT DEVICE NOW //User created fine - go ahead and initialize the PersonaCrypt device for this user now