From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 49B39138334 for ; Sun, 9 Jun 2019 11:33:22 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 2ECBCE099C; Sun, 9 Jun 2019 11:28:43 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id B6855E0990 for ; Sun, 9 Jun 2019 11:28:42 +0000 (UTC) Received: from localhost.localdomain (d202-252.icpnet.pl [109.173.202.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: mgorny) by smtp.gentoo.org (Postfix) with ESMTPSA id 9CCA5345AC8; Sun, 9 Jun 2019 11:28:40 +0000 (UTC) From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= To: gentoo-dev@lists.gentoo.org Cc: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= Subject: [gentoo-dev] [PATCH v3 14/19] acct-group.eclass: A new eclass to maintain group accounts Date: Sun, 9 Jun 2019 13:28:09 +0200 Message-Id: <20190609112814.15907-15-mgorny@gentoo.org> X-Mailer: git-send-email 2.22.0.rc3 In-Reply-To: <20190609112814.15907-1-mgorny@gentoo.org> References: <20190609112814.15907-1-mgorny@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: 24828158-3b3f-49df-903f-12c9a19fb6b1 X-Archives-Hash: d1aa35cc8572f6894e9b004f27e11333 A GLEP 81-compliant eclass to create group packages. --- eclass/acct-group.eclass | 124 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 124 insertions(+) create mode 100644 eclass/acct-group.eclass diff --git a/eclass/acct-group.eclass b/eclass/acct-group.eclass new file mode 100644 index 000000000000..4b28615387c0 --- /dev/null +++ b/eclass/acct-group.eclass @@ -0,0 +1,124 @@ +# Copyright 2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +# @ECLASS: acct-group.eclass +# @MAINTAINER: +# Michał Górny +# @AUTHOR: +# Michael Orlitzky +# Michał Górny +# @BLURB: Eclass used to create and maintain a single group entry +# @DESCRIPTION: +# This eclass represents and creates a single group entry. The name +# of the group is derived from ${PN}, while (preferred) GID needs to +# be specified via ACCT_GROUP_ID. Packages (and users) needing the group +# in question should depend on the package providing it. +# +# Example: +# If your package needs group 'foo', you create 'acct-group/foo' package +# and add an ebuild with the following contents: +# +# @CODE +# EAPI=7 +# inherit acct-group +# ACCT_GROUP_ID=200 +# @CODE +# +# Then you add appropriate dependency to your package. The dependency +# type(s) should be: +# - DEPEND (+ RDEPEND) if the group is already needed at build time, +# - RDEPEND if it is needed at install time (e.g. you 'fowners' files +# in pkg_preinst) or run time. + +if [[ -z ${_ACCT_GROUP_ECLASS} ]]; then +_ACCT_GROUP_ECLASS=1 + +case ${EAPI:-0} in + 7) ;; + *) die "EAPI=${EAPI} not supported";; +esac + +inherit user + +[[ ${CATEGORY} == acct-group ]] || + die "Ebuild error: this eclass can be used only in acct-group category!" + + +# << Eclass variables >> + +# @ECLASS-VARIABLE: ACCT_GROUP_NAME +# @INTERNAL +# @DESCRIPTION: +# The name of the group. This is forced to ${PN} and the policy +# prohibits it from being changed. +ACCT_GROUP_NAME=${PN} +readonly ACCT_GROUP_NAME + +# @ECLASS-VARIABLE: ACCT_GROUP_ID +# @REQUIRED +# @DESCRIPTION: +# Preferred GID for the new group. This variable is obligatory, and its +# value must be unique across all group packages. + +# @ECLASS-VARIABLE: ACCT_GROUP_ENFORCE_ID +# @DESCRIPTION: +# If set to a non-null value, the eclass will require the group to have +# specified GID. If the group already exists with another GID, or +# the GID is taken by another group, the install will fail. +: ${ACCT_GROUP_ENFORCE_ID:=} + + +# << Boilerplate ebuild variables >> +: ${DESCRIPTION:="Service group: ${ACCT_GROUP_NAME}"} +: ${HOMEPAGE:=https://www.gentoo.org/} +: ${SLOT:=0} +: ${KEYWORDS:=alpha amd64 arm arm64 hppa ia64 m68k ~mips ppc ppc64 ~riscv s390 sh sparc x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris} +S=${WORKDIR} + + +# << Phase functions >> +EXPORT_FUNCTIONS pkg_pretend pkg_preinst + +# @FUNCTION: acct-group_pkg_pretend +# @DESCRIPTION: +# Performs sanity checks for correct eclass usage, and early-checks +# whether requested GID can be enforced. +acct-group_pkg_pretend() { + debug-print-function ${FUNCNAME} "${@}" + + # verify ACCT_GROUP_ID + [[ -n ${ACCT_GROUP_ID} ]] || die "Ebuild error: ACCT_GROUP_ID must be set!" + [[ ${ACCT_GROUP_ID} -ge 0 ]] || die "Ebuild errors: ACCT_GROUP_ID=${ACCT_GROUP_ID} invalid!" + + # check for ACCT_GROUP_ID collisions early + if [[ -n ${ACCT_GROUP_ENFORCE_ID} ]]; then + local group_by_id=$(egetgroupname "${ACCT_GROUP_ID}") + local group_by_name=$(egetent group "${ACCT_GROUP_NAME}") + if [[ -n ${group_by_id} ]]; then + if [[ ${group_by_id} != ${ACCT_GROUP_NAME} ]]; then + eerror "The required GID is already taken by another group." + eerror " GID: ${ACCT_GROUP_ID}" + eerror " needed for: ${ACCT_GROUP_NAME}" + eerror " current group: ${group_by_id}" + die "GID ${ACCT_GROUP_ID} taken already" + fi + elif [[ -n ${group_by_name} ]]; then + eerror "The requested group exists already with wrong GID." + eerror " groupname: ${ACCT_GROUP_NAME}" + eerror " requested UID: ${ACCT_GROUP_ID}" + eerror " current entry: ${group_by_name}" + die "Group ${ACCT_GROUP_NAME} exists with wrong GID" + fi + fi +} + +# @FUNCTION: acct-group_pkg_preinst +# @DESCRIPTION: +# Creates the group if it does not exist yet. +acct-group_pkg_preinst() { + debug-print-function ${FUNCNAME} "${@}" + + enewgroup -F "${ACCT_GROUP_NAME}" "${ACCT_GROUP_ID}" +} + +fi -- 2.22.0.rc3