Moar friskies

src/migrations/0026_new_admins_group.py

@@ -1,5 +1,4 @@
 import os
-import subprocess
 from moulinette.utils.log import getActionLogger
 
 from yunohost.utils.error import YunohostError
@@ -27,6 +26,7 @@ class MyMigration(Migration):
 
         from yunohost.user import user_list, user_info, user_group_update, user_update
         from yunohost.utils.ldap import _get_ldap_interface
+        from yunohost.permission import permission_sync_to_user
 
         ldap = _get_ldap_interface()
 
@@ -94,6 +94,8 @@ yunohost tools migrations run""",
             }
         )
 
+        permission_sync_to_user()
+
         if new_admin_user:
             user_group_update(groupname="admins", add=new_admin_user, sync_perm=True)
 
@@ -122,9 +124,6 @@ yunohost tools migrations run""",
         ldap.add("uid=admin,ou=users", attr_dict)
         user_group_update(groupname="admins", add="admin", sync_perm=True)
 
-        subprocess.call(["nscd", "-i", "passwd"])
-        subprocess.call(["nscd", "-i", "group"])
-
 
     def run_after_system_restore(self):
         self.run()

src/user.py

@@ -208,6 +208,11 @@ def user_create(
     all_uid = {str(x.pw_uid) for x in pwd.getpwall()}
     all_gid = {str(x.gr_gid) for x in grp.getgrall()}
 
+    # Prevent users from obtaining uid 1007 which is the uid of the legacy admin,
+    # and there could be a edge case where a new user becomes owner of an old, removed admin user
+    all_uid.add("1007")
+    all_gid.add("1007")
+
     uid_guid_found = False
     while not uid_guid_found:
         # LXC uid number is limited to 65536 by default