YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

check if the shell exists

Browse source
This commit is contained in:
Kay0u 2022-11-24 15:13:59 +01:00
parent 7372dc2079
commit af1c1d8c02
No known key found for this signature in database
GPG key ID: AAFEEB16CFA2AE2D
2 changed files with 35 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
locales/en.json
View file

@ -459,6 +459,7 @@
"invalid_number_max": "Must be lesser than {max}", "invalid_number_max": "Must be lesser than {max}",
"invalid_number_min": "Must be greater than {min}", "invalid_number_min": "Must be greater than {min}",
"invalid_regex": "Invalid regex:'{regex}'", "invalid_regex": "Invalid regex:'{regex}'",
"invalid_shell": "Invalid shell: {shell}",
"ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it", "ip6tables_unavailable": "You cannot play with ip6tables here. You are either in a container or your kernel does not support it",
"iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it", "iptables_unavailable": "You cannot play with iptables here. You are either in a container or your kernel does not support it",
"ldap_attribute_already_exists": "LDAP attribute '{attribute}' already exists with value '{value}'", "ldap_attribute_already_exists": "LDAP attribute '{attribute}' already exists with value '{value}'",

36
src/user.py
View file

@ -122,6 +122,29 @@ def user_list(fields=None):
return {"users": users} return {"users": users}
def list_shells():
import ctypes
import ctypes.util
import os
import sys
"""List the shells from /etc/shells."""
libc = ctypes.CDLL(ctypes.util.find_library("c"))
getusershell = libc.getusershell
getusershell.restype = ctypes.c_char_p
libc.setusershell()
while True:
shell = getusershell()
if not shell:
break
yield shell.decode()
libc.endusershell()
def shellexists(shell):
"""Check if the provided shell exists and is executable."""
return os.path.isfile(shell) and os.access(shell, os.X_OK)
@is_unit_operation([("username", "user")]) @is_unit_operation([("username", "user")])
def user_create( def user_create(
@ -134,8 +157,8 @@ def user_create(
lastname=None, lastname=None,
mailbox_quota="0", mailbox_quota="0",
admin=False, admin=False,
loginShell="/bin/bash",
from_import=False, from_import=False,
loginShell=None,
): ):
if firstname or lastname: if firstname or lastname:
@ -235,6 +258,12 @@ def user_create(
uid = str(random.randint(1001, 65000)) uid = str(random.randint(1001, 65000))
uid_guid_found = uid not in all_uid and uid not in all_gid uid_guid_found = uid not in all_uid and uid not in all_gid
if not loginShell:
loginShell = "/bin/bash"
else:
if not shellexists(loginShell) or loginShell not in list_shells():
raise YunohostValidationError("invalid_shell", shell=loginShell)
attr_dict = { attr_dict = {
"objectClass": [ "objectClass": [
"mailAccount", "mailAccount",
@ -527,6 +556,8 @@ def user_update(
env_dict["YNH_USER_MAILQUOTA"] = mailbox_quota env_dict["YNH_USER_MAILQUOTA"] = mailbox_quota
if loginShell is not None: if loginShell is not None:
if not shellexists(loginShell) or loginShell not in list_shells():
raise YunohostValidationError("invalid_shell", shell=loginShell)
new_attr_dict["loginShell"] = [loginShell] new_attr_dict["loginShell"] = [loginShell]
env_dict["YNH_USER_LOGINSHELL"] = loginShell env_dict["YNH_USER_LOGINSHELL"] = loginShell
@ -563,7 +594,7 @@ def user_info(username):
ldap = _get_ldap_interface() ldap = _get_ldap_interface()
user_attrs = ["cn", "mail", "uid", "maildrop", "mailuserquota"] user_attrs = ["cn", "mail", "uid", "maildrop", "mailuserquota", "loginShell"]
if len(username.split("@")) == 2: if len(username.split("@")) == 2:
filter = "mail=" + username filter = "mail=" + username
@ -581,6 +612,7 @@ def user_info(username):
"username": user["uid"][0], "username": user["uid"][0],
"fullname": user["cn"][0], "fullname": user["cn"][0],
"mail": user["mail"][0], "mail": user["mail"][0],
"loginShell": user["loginShell"][0],
"mail-aliases": [], "mail-aliases": [],
"mail-forward": [], "mail-forward": [],
} }