YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1538 from YunoHost/change-loginShell

Browse source 
be able to change the loginShell of a user
This commit is contained in:
Alexandre Aubin 2023-01-19 16:25:06 +01:00 committed by GitHub
commit 285200a2c7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 43 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
locales/en.json
View file

@ -471,6 +471,7 @@
"invalid_number_max": "Must be lesser than {max}", "invalid_number_max": "Must be lesser than {max}",
"invalid_number_min": "Must be greater than {min}", "invalid_number_min": "Must be greater than {min}",
"invalid_regex": "Invalid regex:'{regex}'", "invalid_regex": "Invalid regex:'{regex}'",
"invalid_shell": "Invalid shell: {shell}",
"ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it", "ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it",
"iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it", "iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it",
"ldap_attribute_already_exists": "LDAP attribute '{attribute}' already exists with value '{value}'", "ldap_attribute_already_exists": "LDAP attribute '{attribute}' already exists with value '{value}'",

9
share/actionsmap.yml
View file

@ -116,6 +116,11 @@ user:
pattern: &pattern_mailbox_quota pattern: &pattern_mailbox_quota
- !!str ^(\d+[bkMGT])|0$ - !!str ^(\d+[bkMGT])|0$
- "pattern_mailbox_quota" - "pattern_mailbox_quota"
-s:
full: --loginShell
help: The login shell used
default: "/bin/bash"
### user_delete() ### user_delete()
delete: delete:
@ -195,6 +200,10 @@ user:
metavar: "{SIZE|0}" metavar: "{SIZE|0}"
extra: extra:
pattern: *pattern_mailbox_quota pattern: *pattern_mailbox_quota
-s:
full: --loginShell
help: The login shell used
default: "/bin/bash"
### user_info() ### user_info()
info: info:

35
src/user.py
View file

@ -123,6 +123,18 @@ def user_list(fields=None):
return {"users": users} return {"users": users}
def list_shells():
with open("/etc/shells", "r") as f:
content = f.readlines()
return [line.strip() for line in content if line.startswith("/")]
def shellexists(shell):
"""Check if the provided shell exists and is executable."""
return os.path.isfile(shell) and os.access(shell, os.X_OK)
@is_unit_operation([("username", "user")]) @is_unit_operation([("username", "user")])
def user_create( def user_create(
operation_logger, operation_logger,
@ -135,6 +147,7 @@ def user_create(
mailbox_quota="0", mailbox_quota="0",
admin=False, admin=False,
from_import=False, from_import=False,
loginShell=None,
): ):
if firstname or lastname: if firstname or lastname:
@ -230,6 +243,12 @@ def user_create(
uid = str(random.randint(1001, 65000)) uid = str(random.randint(1001, 65000))
uid_guid_found = uid not in all_uid and uid not in all_gid uid_guid_found = uid not in all_uid and uid not in all_gid
if not loginShell:
loginShell = "/bin/bash"
else:
if not shellexists(loginShell) or loginShell not in list_shells():
raise YunohostValidationError("invalid_shell", shell=loginShell)
attr_dict = { attr_dict = {
"objectClass": [ "objectClass": [
"mailAccount", "mailAccount",
@ -249,7 +268,7 @@ def user_create(
"gidNumber": [uid], "gidNumber": [uid],
"uidNumber": [uid], "uidNumber": [uid],
"homeDirectory": ["/home/" + username], "homeDirectory": ["/home/" + username],
"loginShell": ["/bin/bash"], "loginShell": [loginShell],
} }
try: try:
@ -359,6 +378,7 @@ def user_update(
mailbox_quota=None, mailbox_quota=None,
from_import=False, from_import=False,
fullname=None, fullname=None,
loginShell=None,
): ):
if firstname or lastname: if firstname or lastname:
@ -519,6 +539,12 @@ def user_update(
new_attr_dict["mailuserquota"] = [mailbox_quota] new_attr_dict["mailuserquota"] = [mailbox_quota]
env_dict["YNH_USER_MAILQUOTA"] = mailbox_quota env_dict["YNH_USER_MAILQUOTA"] = mailbox_quota
if loginShell is not None:
if not shellexists(loginShell) or loginShell not in list_shells():
raise YunohostValidationError("invalid_shell", shell=loginShell)
new_attr_dict["loginShell"] = [loginShell]
env_dict["YNH_USER_LOGINSHELL"] = loginShell
if not from_import: if not from_import:
operation_logger.start() operation_logger.start()
@ -527,6 +553,10 @@ def user_update(
except Exception as e: except Exception as e:
raise YunohostError("user_update_failed", user=username, error=e) raise YunohostError("user_update_failed", user=username, error=e)
# Invalidate passwd and group to update the loginShell
subprocess.call(["nscd", "-i", "passwd"])
subprocess.call(["nscd", "-i", "group"])
# Trigger post_user_update hooks # Trigger post_user_update hooks
hook_callback("post_user_update", env=env_dict) hook_callback("post_user_update", env=env_dict)
@ -548,7 +578,7 @@ def user_info(username):
ldap = _get_ldap_interface() ldap = _get_ldap_interface()
user_attrs = ["cn", "mail", "uid", "maildrop", "mailuserquota"] user_attrs = ["cn", "mail", "uid", "maildrop", "mailuserquota", "loginShell"]
if len(username.split("@")) == 2: if len(username.split("@")) == 2:
filter = "mail=" + username filter = "mail=" + username
@ -566,6 +596,7 @@ def user_info(username):
"username": user["uid"][0], "username": user["uid"][0],
"fullname": user["cn"][0], "fullname": user["cn"][0],
"mail": user["mail"][0], "mail": user["mail"][0],
"loginShell": user["loginShell"][0],
"mail-aliases": [], "mail-aliases": [],
"mail-forward": [], "mail-forward": [],
} }