From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1248751-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 2BB1813835D
	for <garchives@archives.gentoo.org>; Sun,  7 Feb 2021 03:20:10 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 65951E0876;
	Sun,  7 Feb 2021 03:20:09 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 379DCE0876
	for <gentoo-commits@lists.gentoo.org>; Sun,  7 Feb 2021 03:20:09 +0000 (UTC)
Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id A837C342071
	for <gentoo-commits@lists.gentoo.org>; Sun,  7 Feb 2021 03:20:07 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 984104C4
	for <gentoo-commits@lists.gentoo.org>; Sun,  7 Feb 2021 03:20:04 +0000 (UTC)
From: "Jason Zaman" <perfinion@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" <perfinion@gentoo.org>
Message-ID: <1612644851.16fa2fe4be80df6b61c0ecfa755ce7ad0ea9d358.perfinion@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: support/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: support/genhomedircon.py
X-VCS-Directories: support/
X-VCS-Committer: perfinion
X-VCS-Committer-Name: Jason Zaman
X-VCS-Revision: 16fa2fe4be80df6b61c0ecfa755ce7ad0ea9d358
X-VCS-Branch: master
Date: Sun,  7 Feb 2021 03:20:04 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 40f368ea-32e5-4696-9e92-c2fd836dbcc7
X-Archives-Hash: cdd21f060c8b799d098dc40a371bb31b

commit:     16fa2fe4be80df6b61c0ecfa755ce7ad0ea9d358
Author:     Christian Göttsche <cgzones <AT> googlemail <DOT> com>
AuthorDate: Sun Jan 31 20:50:27 2021 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Feb  6 20:54:11 2021 +0000
URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=16fa2fe4

genhomedircon: improve error messages for min uid search

Only grep if the files exist.
grep returns 1 on no match, check against 1 instead of 256.

Signed-off-by: Christian Göttsche <cgzones <AT> googlemail.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

 support/genhomedircon.py | 56 +++++++++++++++++++++++++-----------------------
 1 file changed, 29 insertions(+), 27 deletions(-)

diff --git a/support/genhomedircon.py b/support/genhomedircon.py
index e4475f5c..2721bd7d 100644
--- a/support/genhomedircon.py
+++ b/support/genhomedircon.py
@@ -40,7 +40,7 @@
 #  are always "real" (including root, in the default configuration).
 #
 
-import sys, pwd, getopt, re
+import sys, pwd, getopt, re, os
 from subprocess import getstatusoutput
 
 EXCLUDE_LOGINS=["/sbin/nologin", "/bin/false"]
@@ -71,32 +71,34 @@ def getStartingUID():
 
 def getDefaultHomeDir():
 	ret = []
-	rc=getstatusoutput("grep -h '^HOME' /etc/default/useradd")
-	if rc[0] == 0:
-		homedir = rc[1].split("=")[1]
-		homedir = homedir.split("#")[0]
-		homedir = homedir.strip()
-		if not homedir in ret:
-			ret.append(homedir)
-	else:
-		#rc[0] == 256 means the file was there, we read it, but the grep didn't match
-		if rc[0] != 256:
-			sys.stderr.write("%s\n" % rc[1])
-			sys.stderr.write("You do not have access to /etc/default/useradd HOME=\n")
-			sys.stderr.flush()
-	rc=getstatusoutput("grep -h '^LU_HOMEDIRECTORY' /etc/libuser.conf")
-	if rc[0] == 0:
-		homedir = rc[1].split("=")[1]
-		homedir = homedir.split("#")[0]
-		homedir = homedir.strip()
-		if not homedir in ret:
-			ret.append(homedir)
-	else:
-		#rc[0] == 256 means the file was there, we read it, but the grep didn't match
-		if rc[0] != 256:
-			sys.stderr.write("%s\n" % rc[1])
-			sys.stderr.write("You do not have access to /etc/libuser.conf LU_HOMEDIRECTORY=\n")
-			sys.stderr.flush()
+	if os.path.isfile('/etc/default/useradd'):
+		rc=getstatusoutput("grep -h '^HOME' /etc/default/useradd")
+		if rc[0] == 0:
+			homedir = rc[1].split("=")[1]
+			homedir = homedir.split("#")[0]
+			homedir = homedir.strip()
+			if not homedir in ret:
+				ret.append(homedir)
+		else:
+			#rc[0] == 1 means the file was there, we read it, but the grep didn't match
+			if rc[0] != 1:
+				sys.stderr.write("(%d): %s\n" % (rc[0], rc[1]))
+				sys.stderr.write("You do not have access to /etc/default/useradd HOME=\n")
+				sys.stderr.flush()
+	if os.path.isfile('/etc/libuser.conf'):
+		rc=getstatusoutput("grep -h '^LU_HOMEDIRECTORY' /etc/libuser.conf")
+		if rc[0] == 0:
+			homedir = rc[1].split("=")[1]
+			homedir = homedir.split("#")[0]
+			homedir = homedir.strip()
+			if not homedir in ret:
+				ret.append(homedir)
+		else:
+			#rc[0] == 1 means the file was there, we read it, but the grep didn't match
+			if rc[0] != 1:
+				sys.stderr.write("(%d): %s\n" % (rc[0], rc[1]))
+				sys.stderr.write("You do not have access to /etc/libuser.conf LU_HOMEDIRECTORY=\n")
+				sys.stderr.flush()
 	if ret == []:
 		ret.append("/home")
 	return ret