2016-07-27 02:52:16 +00:00
|
|
|
# Copyright 2016 Canonical, Ltd.
|
|
|
|
#
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU Affero General Public License as
|
|
|
|
# published by the Free Software Foundation, either version 3 of the
|
|
|
|
# License, or (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU Affero General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
|
|
import logging
|
|
|
|
import os
|
|
|
|
import time
|
|
|
|
|
2016-07-27 03:15:15 +00:00
|
|
|
from subiquitycore.utils import run_command
|
2016-07-27 02:52:16 +00:00
|
|
|
|
|
|
|
|
|
|
|
log = logging.getLogger("subiquitycore.user")
|
|
|
|
|
|
|
|
|
2016-07-27 04:05:47 +00:00
|
|
|
def create_user(userinfo, dryrun=False, extra_args=[]):
|
2016-07-27 02:52:16 +00:00
|
|
|
"""Create a user according to the information in userinfo."""
|
|
|
|
usercmds = []
|
2016-07-27 03:15:15 +00:00
|
|
|
username = userinfo['username']
|
|
|
|
|
2016-07-27 04:05:47 +00:00
|
|
|
useradd = ["useradd", "-m", "-p", userinfo['confirm_password'], username] + extra_args
|
2016-07-27 03:15:15 +00:00
|
|
|
usercmds.append(useradd)
|
2016-07-27 02:52:16 +00:00
|
|
|
if 'ssh_import_id' in userinfo:
|
2016-07-27 03:15:15 +00:00
|
|
|
target = "/home/{}/.ssh/authorized_keys".format(username)
|
|
|
|
ssh_id = userinfo['ssh_import_id']
|
2016-07-27 02:52:16 +00:00
|
|
|
if ssh_id.startswith('sso'):
|
|
|
|
log.info('call out to SSO login')
|
|
|
|
else:
|
2016-07-27 03:15:15 +00:00
|
|
|
ssh_import_id = ["ssh-import-id", "-o", target, ssh_id]
|
|
|
|
usercmds.append(ssh_import_id)
|
2016-07-27 02:52:16 +00:00
|
|
|
|
|
|
|
if not dryrun:
|
|
|
|
for cmd in usercmds:
|
2016-07-27 03:15:15 +00:00
|
|
|
# TODO(mwhudson): Check return value!
|
|
|
|
run_command(cmd, shell=False)
|
2016-07-27 02:52:16 +00:00
|
|
|
|
|
|
|
# always run chown last
|
2016-07-27 03:15:15 +00:00
|
|
|
homedir = '/home/' + username
|
2016-07-27 02:52:16 +00:00
|
|
|
retries = 10
|
|
|
|
while not os.path.exists(homedir) and retries > 0:
|
|
|
|
log.debug('waiting on homedir')
|
|
|
|
retries -= 1
|
|
|
|
time.sleep(0.2)
|
|
|
|
|
|
|
|
if retries <= 0:
|
|
|
|
raise ValueError('Failed to create homedir')
|
|
|
|
|
2016-07-27 03:15:15 +00:00
|
|
|
chown = ["chown", "{0}.{0}".format(username), "-R", homedir]
|
|
|
|
# TODO(mwhudson): Check return value!
|
|
|
|
run_command(chown, shell=False)
|
2016-07-27 02:52:16 +00:00
|
|
|
|
|
|
|
# add sudo rule
|
|
|
|
with open('/etc/sudoers.d/firstboot-user', 'w') as fh:
|
|
|
|
fh.write('# firstboot config added user\n\n')
|
2016-07-27 03:15:15 +00:00
|
|
|
fh.write('{} ALL=(ALL) NOPASSWD:ALL\n'.format(username))
|
2016-07-27 02:52:16 +00:00
|
|
|
else:
|
|
|
|
log.info('dry-run, skiping user configuration')
|