[FreeNX-kNX] nxsetup patch to handle issues around NIS/NIS+
Ed Warnicke
eaw at cisco.com
Sun Jul 31 21:24:21 UTC 2005
It's been pointed out that luseradd and lgroupadd
are Redhat specific. So you could below replace:
+ # Do we want to force a local user with luseradd?
+ if [ -n $SETUP_LOCAL_USER ]
with
+ # Do we want to force a local user with luseradd?
+ if [ -n $SETUP_LOCAL_USER -a -f /etc/redhat-release]
and
+ # If we are setting up a local user, we need to
+ # make sure there's a local group.
+ if [ -n $SETUP_GID -a -n $SETUP_LOCAL_USER ]
with
+ # If we are setting up a local user, we need to
+ # make sure there's a local group.
+ if [ -n $SETUP_GID -a -n $SETUP_LOCAL_USER -a -f /etc/redhat-release ]
which would scope the solution for those issues to
Redhat.
Ed
Ed Warnicke wrote:
> Attached is a patch to deal with some issues around
> NIS/NIS+ causing problems with setting up the nx
> user in nxsetup.
>
> First:
>
> getent passwd | egrep "^nx"
>
> is VERY unpleasant in a NIS/NIS+
> environment where getent passwd
> is pulling tens of thousand of
> passwd db entries over the network.
> It basically takes hours.
>
> To the best of my knowledge,
>
> getent passwd nx
>
> is just as good, and quite speedy
> on both NIS/NIS+ and traditional
> passwd file systems.
>
> Second, useradd, at least on RedHat
> vintage distros on a NIS/NIS+ machine
> is a problem. It basically takes hours
> to return. This is because it's traversing
> the WHOLE NIS/NIS+ passwd db (over
> the network) to make sure the user
> doesn't already exist. The workaround in
> such situations is to use luseradd, which only
> searches the local passwd db.
>
> Third, sometimes in a NIS/NIS+ environment
> that is supporting multiple different platforms,
> you will get a conflict with the nx user. Imagine
> someone puts an nx user in the NIS, but with
> a home directory of /home/nx, and you need the
> nx home dir in /var/lib/nxserver/nxhome. In
> this case you want to specify:
>
> --localuser
>
> and have the check nx user existence only look
> at the local passwd db (grep "^nx" /etc/passwd)
> rather than look through the whole passwd
> db (getent passwd nx). In addition you want to
> override precisely the uid use for the NIS nx
> user (which is already supported by the --uid flag).
> Unfortunately, luseradd blows it's little brains out if
> you try to add a user nx, and an nx group exists
> in the NIS but not the local /etc/groups file. So I
> added a
>
> --gid
>
> to specify the gid of the nx group.
> Naturally, for the --localuser case, this needs to
> be added with lgroupadd before running luseradd.
>
> Please consider the attached patch, which makes
> these changes for inclusion in FreeNX :)
>
> Ed
>
>------------------------------------------------------------------------
>
>Index: nxsetup
>===================================================================
>RCS file: /cvsroot/freenx/freenx/nxsetup,v
>retrieving revision 1.29
>diff -u -r1.29 nxsetup
>--- nxsetup 16 Jul 2005 15:45:37 -0000 1.29
>+++ nxsetup 29 Jul 2005 08:26:05 -0000
>@@ -18,6 +18,23 @@
> SETUP_SSH2_KEY="no"
> BUILD_KNOWN_HOSTS="yes"
>
>+nx_user_exists() {
>+ if [ -n $SETUP_LOCAL_USER ]
>+ then
>+ if { egrep "^nx" /etc/passwd; }
>+ then
>+ return 0
>+ else
>+ return 1
>+ fi
>+ elif { getent passwd nx; }
>+ then
>+ return 0
>+ else
>+ return 1
>+ fi
>+}
>+
> while [ "$1" ]
> do
> case "$1" in
>@@ -27,6 +44,8 @@
> --ssh2) SETUP_SSH2_KEY="yes"; shift;;
> --dont-build-known-hosts) BUILD_KNOWN_HOSTS="no"; shift;;
> --uid) SETUP_UID=$2; shift 2 ;;
>+ --gid) SETUP_GID=$2; shift 2 ;;
>+ --localuser) SETUP_LOCAL_USER="yes"; shift;;
> --clean) CLEAN="yes"; shift ;;
> --uninstall) UNINSTALL="yes"; shift ;;
> --purge) PURGE="yes"; shift ;;
>@@ -59,6 +78,8 @@
> echo " --ssh2 Additionally create commercial pubkey-support, beware"
> echo " own _commercial_ ssh2-key is not supported!."
> echo " --uid <number> The nx user will be given the uid <number>."
>+ echo " --gid <number> The nx user will be given the gid <number>."
>+ echo " --localuser The nx user will be created locally using luseradd, for use in NIS and NISplus environments."
> echo " --clean Performs an uninstall prior to the installation"
> echo " --uninstall Remove log and session files, as well as the nx user"
> echo " --purge Uninstall will remove extra configuration files and ssh"
>@@ -86,23 +107,52 @@
> # In any case create the basedir of the HOME directory before,
> # because useradd will fail to make more than one directory
> mkdir -p $(dirname "$NX_HOME_DIR")
>+
>+ # Default useradd command
>+ COMMAND_USERADD="/usr/sbin/useradd"
>+
>+ # Default useradd options
>+ USERADD_OPTIONS="-d $NX_HOME_DIR -s $PATH_BIN/nxserver"
>+
>+ # If we are setting up a local user, we need to
>+ # make sure there's a local group.
>+ if [ -n $SETUP_GID -a -n $SETUP_LOCAL_USER ]
>+ then
>+ /usr/sbin/lgroupadd -g $SETUP_GID nx
>+ fi
>+
>+ # Is the uid specified ?
>+ if [ -n $SETUP_GID ]
>+ then
>+ USERADD_OPTIONS="-g $SETUP_GID $USERADD_OPTIONS"
>+ fi
>
>- # Are uid specified
>- if [ -n "$SETUP_UID" ]
>+ # I the gid specified
>+ if [ -n $SETUP_UID ]
> then
>- useradd -u $SETUP_UID -d $NX_HOME_DIR -s $PATH_BIN/nxserver nx
>- # Is it a debian?
>- elif [ -f /etc/debian_version ]
>+ USERADD_OPTIONS="-u $SETUP_UID $USERADD_OPTIONS"
>+ fi
>+
>+ # Is it SuSE?
>+ if [ -f /etc/SuSE-release ]
> then
>- adduser --system --home $NX_HOME_DIR --shell $PATH_BIN/nxserver nx
>- # or is it a SuSE?
>- elif [ -f /etc/SuSE-release ]
>+ USERADD_OPTIONS="-r $USERADD_OPTIONS"
>+ fi
>+
>+ # Do we want to force a local user with luseradd?
>+ if [ -n $SETUP_LOCAL_USER ]
>+ then
>+ COMMAND_USERADD="/usr/sbin/luseradd"
>+ # Is it debian?
>+ elif [ -f /etc/debian_version ]
> then
>- useradd -r -d $NX_HOME_DIR -s $PATH_BIN/nxserver nx
>- # we don't know the system, fallback
>- else
>- useradd -d $NX_HOME_DIR -s $PATH_BIN/nxserver nx
>+ COMMAND_USERADD="/usr/sbin/adduser"
>+ USERADD_OPTIONS="--system --home $NX_HOME_DIR --shell $PATH_BIN/nxserver"
> fi
>+
>+ # Add the user :)
>+ $COMMAND_USERADD $USERADD_OPTIONS nx
>+
> }
>
> install_nx()
>@@ -142,7 +192,7 @@
> chmod 600 "$NX_LOGFILE"
> echo "done"
>
>- if ! { getent passwd | egrep -q "^nx:"; }
>+ if ! { nx_user_exists; }
> then
> echo -n "Setting up user nx ..."
> useradd_nx
>@@ -226,10 +276,15 @@
>
> uninstall_nx()
> {
>- if { getent passwd | egrep -q "^nx:"; }
>+ if { nx_user_exists; }
> then
>+ COMMAND_USERDEL=/usr/sbin/userdel
>+ if [ -n $SETUP_LOCAL_USER ]
>+ then
>+ COMMAND_USERDEL=/usr/sbin/luserdel
>+ fi
> echo -n "Removing user nx ..."
>- userdel nx
>+ $COMMAND_USERDEL nx
> echo "done"
> fi
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>FreeNX-kNX mailing list
>FreeNX-kNX at kde.org
>https://mail.kde.org/mailman/listinfo/freenx-knx
>
>
More information about the FreeNX-kNX
mailing list