From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id D0528158089 for ; Mon, 23 Oct 2023 20:43:11 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C71D82BC037; Mon, 23 Oct 2023 20:43:07 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 8CECC2BC013 for ; Mon, 23 Oct 2023 20:43:07 +0000 (UTC) From: =?UTF-8?q?Ulrich=20M=C3=BCller?= To: gentoo-dev@lists.gentoo.org Cc: =?UTF-8?q?Ulrich=20M=C3=BCller?= , Mike Gilbert Subject: [gentoo-dev] [PATCH v2] acct-user.eclass: Warn when the user is removed from a group Date: Mon, 23 Oct 2023 22:41:37 +0200 Message-ID: <20231023204145.27236-2-ulm@gentoo.org> X-Mailer: git-send-email 2.42.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: f7853267-25cb-49c0-815f-cca0be80ecda X-Archives-Hash: e95063c354d46994b9671e31cb0ad888 Acked-by: Mike Gilbert Signed-off-by: Ulrich Müller --- v2: Add explanation and documentation reference to warning message eclass/acct-user.eclass | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/eclass/acct-user.eclass b/eclass/acct-user.eclass index f658aa0eabc3..c9d335c4e558 100644 --- a/eclass/acct-user.eclass +++ b/eclass/acct-user.eclass @@ -431,6 +431,20 @@ acct-user_pkg_postinst() { opts+=( --prefix "${ROOT}" ) fi + local g old_groups del_groups="" + old_groups=$(egetgroups "${ACCT_USER_NAME}") + for g in ${old_groups//,/ }; do + has "${g}" "${groups[@]}" || del_groups+="${del_groups:+, }${g}" + done + if [[ -n ${del_groups} ]]; then + ewarn "Removing user ${ACCT_USER_NAME} from group(s): ${del_groups}" + ewarn "To retain the user's group membership in the local system" + ewarn "config, override with ACCT_USER_${ACCT_USER_NAME^^}_GROUPS" + ewarn "or ACCT_USER_${ACCT_USER_NAME^^}_GROUPS_ADD in make.conf." + ewarn "Documentation reference:" + ewarn "https://wiki.gentoo.org/wiki/Practical_guide_to_the_GLEP_81_migration#Override_user_groups" + fi + elog "Updating user ${ACCT_USER_NAME}" # usermod outputs a warning if unlocking the account would result in an # empty password. Hide stderr in a text file and display it if usermod fails. -- 2.42.0