From 18f64ce80b2c20f5248158546103b2a06de62ac8 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 3 Oct 2022 17:03:13 +0200 Subject: [PATCH] Moar friskies --- src/migrations/0026_new_admins_group.py | 7 +++---- src/user.py | 5 +++++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/migrations/0026_new_admins_group.py b/src/migrations/0026_new_admins_group.py index 23bbf213d..afe299cfe 100644 --- a/src/migrations/0026_new_admins_group.py +++ b/src/migrations/0026_new_admins_group.py @@ -1,5 +1,4 @@ import os -import subprocess from moulinette.utils.log import getActionLogger from yunohost.utils.error import YunohostError @@ -27,6 +26,7 @@ class MyMigration(Migration): from yunohost.user import user_list, user_info, user_group_update, user_update from yunohost.utils.ldap import _get_ldap_interface + from yunohost.permission import permission_sync_to_user ldap = _get_ldap_interface() @@ -94,6 +94,8 @@ yunohost tools migrations run""", } ) + permission_sync_to_user() + if new_admin_user: user_group_update(groupname="admins", add=new_admin_user, sync_perm=True) @@ -122,9 +124,6 @@ yunohost tools migrations run""", ldap.add("uid=admin,ou=users", attr_dict) user_group_update(groupname="admins", add="admin", sync_perm=True) - subprocess.call(["nscd", "-i", "passwd"]) - subprocess.call(["nscd", "-i", "group"]) - def run_after_system_restore(self): self.run() diff --git a/src/user.py b/src/user.py index 1f6cbc5c8..efffbdc7e 100644 --- a/src/user.py +++ b/src/user.py @@ -208,6 +208,11 @@ def user_create( all_uid = {str(x.pw_uid) for x in pwd.getpwall()} all_gid = {str(x.gr_gid) for x in grp.getgrall()} + # Prevent users from obtaining uid 1007 which is the uid of the legacy admin, + # and there could be a edge case where a new user becomes owner of an old, removed admin user + all_uid.add("1007") + all_gid.add("1007") + uid_guid_found = False while not uid_guid_found: # LXC uid number is limited to 65536 by default