mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2025-01-25 20:19:18 -05:00
activation: Set the right owner for home directories.
This fixes a regression introduced in
ae763b5b0b whereby home directories and
skeletons would be root-owned.
* gnu/build/activation.scm (copy-account-skeletons): Make 'directory' a
keyword parameter. Add #:uid and #:gid and honor them.
[set-owner]: New procedure.
(activate-user-home): Add call to 'getpw' and 'chown'. Pass UID and GID
to 'copy-account-skeletons'.
* gnu/tests/base.scm (run-basic-test)["skeletons in home directories"]:
Test file ownership under HOME.
This commit is contained in:
Ludovic Courtès
parent
33f7b5d20e
commit
cf98d342b0
2 changed files with 49 additions and 13 deletions
|
|
@ -85,16 +85,27 @@ (define (make-file-writable file)
|
||||||
(chmod file (logior #o600 (stat:perms stat)))))
|
(chmod file (logior #o600 (stat:perms stat)))))
|
||||||
|
|
||||||
(define* (copy-account-skeletons home
|
(define* (copy-account-skeletons home
|
||||||
#:optional (directory %skeleton-directory))
|
#:key
|
||||||
"Copy the account skeletons from DIRECTORY to HOME."
|
(directory %skeleton-directory)
|
||||||
|
uid gid)
|
||||||
|
"Copy the account skeletons from DIRECTORY to HOME. When UID is an integer,
|
||||||
|
make it the owner of all the files created; likewise for GID."
|
||||||
|
(define (set-owner file)
|
||||||
|
(when (or uid gid)
|
||||||
|
(chown file (or uid -1) (or gid -1))))
|
||||||
|
|
||||||
(let ((files (scandir directory (negate dot-or-dot-dot?)
|
(let ((files (scandir directory (negate dot-or-dot-dot?)
|
||||||
string<?)))
|
string<?)))
|
||||||
(mkdir-p home)
|
(mkdir-p home)
|
||||||
|
(set-owner home)
|
||||||
(for-each (lambda (file)
|
(for-each (lambda (file)
|
||||||
(let ((target (string-append home "/" file)))
|
(let ((target (string-append home "/" file)))
|
||||||
(copy-recursively (string-append directory "/" file)
|
(copy-recursively (string-append directory "/" file)
|
||||||
target
|
target
|
||||||
#:log (%make-void-port "w"))
|
#:log (%make-void-port "w"))
|
||||||
|
(for-each set-owner
|
||||||
|
(find-files target (const #t)
|
||||||
|
#:directories? #t))
|
||||||
(make-file-writable target)))
|
(make-file-writable target)))
|
||||||
files)))
|
files)))
|
||||||
|
|
||||||
|
|
@ -277,9 +288,14 @@ (define ensure-user-home
|
||||||
((name uid group supplementary-groups comment home create-home?
|
((name uid group supplementary-groups comment home create-home?
|
||||||
shell password system?)
|
shell password system?)
|
||||||
(unless (or (not home) (directory-exists? home))
|
(unless (or (not home) (directory-exists? home))
|
||||||
(mkdir-p home)
|
(let* ((pw (getpwnam name))
|
||||||
(unless system?
|
(uid (passwd:uid pw))
|
||||||
(copy-account-skeletons home))))))
|
(gid (passwd:gid pw)))
|
||||||
|
(mkdir-p home)
|
||||||
|
(chown home uid gid)
|
||||||
|
(unless system?
|
||||||
|
(copy-account-skeletons home
|
||||||
|
#:uid uid #:gid gid)))))))
|
||||||
|
|
||||||
(for-each ensure-user-home users))
|
(for-each ensure-user-home users))
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -166,21 +166,41 @@ (define marionette
|
||||||
marionette)))
|
marionette)))
|
||||||
|
|
||||||
(test-assert "skeletons in home directories"
|
(test-assert "skeletons in home directories"
|
||||||
(let ((homes
|
(let ((users+homes
|
||||||
'#$(filter-map (lambda (account)
|
'#$(filter-map (lambda (account)
|
||||||
(and (user-account-create-home-directory?
|
(and (user-account-create-home-directory?
|
||||||
account)
|
account)
|
||||||
(not (user-account-system? account))
|
(not (user-account-system? account))
|
||||||
(user-account-home-directory account)))
|
(list (user-account-name account)
|
||||||
|
(user-account-home-directory
|
||||||
|
account))))
|
||||||
(operating-system-user-accounts os))))
|
(operating-system-user-accounts os))))
|
||||||
(marionette-eval
|
(marionette-eval
|
||||||
`(begin
|
`(begin
|
||||||
(use-modules (srfi srfi-1) (ice-9 ftw))
|
(use-modules (srfi srfi-1) (ice-9 ftw)
|
||||||
(every (lambda (home)
|
(ice-9 match))
|
||||||
(null? (lset-difference string=?
|
|
||||||
(scandir "/etc/skel/")
|
(every (match-lambda
|
||||||
(scandir home))))
|
((user home)
|
||||||
',homes))
|
;; Make sure HOME has all the skeletons...
|
||||||
|
(and (null? (lset-difference string=?
|
||||||
|
(scandir "/etc/skel/")
|
||||||
|
(scandir home)))
|
||||||
|
|
||||||
|
;; ... and that everything is user-owned.
|
||||||
|
(let* ((pw (getpwnam user))
|
||||||
|
(uid (passwd:uid pw))
|
||||||
|
(gid (passwd:gid pw))
|
||||||
|
(st (lstat home)))
|
||||||
|
(define (user-owned? file)
|
||||||
|
(= uid (stat:uid (lstat file))))
|
||||||
|
|
||||||
|
(and (= uid (stat:uid st))
|
||||||
|
(eq? 'directory (stat:type st))
|
||||||
|
(every user-owned?
|
||||||
|
(find-files home
|
||||||
|
#:directories? #t)))))))
|
||||||
|
',users+homes))
|
||||||
marionette)))
|
marionette)))
|
||||||
|
|
||||||
(test-equal "login on tty1"
|
(test-equal "login on tty1"
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue