[FreeNX-kNX] nxsetup patch to handle issues around NIS/NIS+

Ed Warnicke eaw at cisco.com
Sun Jul 31 21:24:21 UTC 2005 

It's been pointed out that luseradd and lgroupadd
are Redhat specific.  So you could below replace:

+       # Do we want to force a local user with luseradd?
+	if [ -n $SETUP_LOCAL_USER ]

with

+       # Do we want to force a local user with luseradd?
+	if [ -n $SETUP_LOCAL_USER -a -f /etc/redhat-release]

and

+       # If we are setting up a local user, we need to
+	# make sure there's a local group.
+	if [ -n $SETUP_GID -a -n $SETUP_LOCAL_USER ]

with
+       # If we are setting up a local user, we need to
+	# make sure there's a local group.
+	if [ -n $SETUP_GID -a -n $SETUP_LOCAL_USER -a -f /etc/redhat-release ]


which would scope the solution for those issues to
Redhat.

Ed

Ed Warnicke wrote:

> Attached is a patch to deal with some issues around
> NIS/NIS+ causing problems with setting up the nx
> user in nxsetup.
>
> First:
>
> getent passwd | egrep "^nx"
>
> is VERY unpleasant in a NIS/NIS+
> environment where getent passwd
> is pulling tens of thousand of
> passwd db entries over the network.
> It basically takes hours.
>
> To the best of my knowledge,
>
> getent passwd nx
>
> is just as good, and quite speedy
> on both NIS/NIS+ and traditional
> passwd file systems.
>
> Second, useradd, at least on RedHat
> vintage distros on a NIS/NIS+ machine
> is a problem.  It basically takes hours
> to return.  This is because it's traversing
> the WHOLE NIS/NIS+ passwd db (over
> the network) to make sure the user
> doesn't already exist.  The workaround in
> such situations is to use luseradd, which only
> searches the local passwd db.
>
> Third, sometimes in a NIS/NIS+ environment
> that is supporting multiple different platforms,
> you will get a conflict with the nx user.  Imagine
> someone puts an nx user in the NIS, but with
> a home directory of /home/nx, and you need the
> nx home dir in /var/lib/nxserver/nxhome.  In
> this case you want to specify:
>
> --localuser
>
> and have the check nx user existence only look
> at the local passwd db (grep "^nx" /etc/passwd)
> rather than look through the whole passwd
> db (getent passwd nx).  In addition you want to
> override precisely the uid use for the NIS nx
> user (which is already supported by the --uid flag).
> Unfortunately, luseradd blows it's little brains out if
> you try to add a user nx, and an nx group exists
> in the NIS but not the local /etc/groups file.  So I
> added a
>
> --gid
>
> to specify the gid of the nx group.
> Naturally, for the --localuser case, this needs to
> be added with lgroupadd before running luseradd.
>
> Please consider the attached patch, which makes
> these changes for inclusion in FreeNX :)
>
> Ed
>
>------------------------------------------------------------------------
>
>Index: nxsetup
>===================================================================
>RCS file: /cvsroot/freenx/freenx/nxsetup,v
>retrieving revision 1.29
>diff -u -r1.29 nxsetup
>--- nxsetup	16 Jul 2005 15:45:37 -0000	1.29
>+++ nxsetup	29 Jul 2005 08:26:05 -0000
>@@ -18,6 +18,23 @@
> SETUP_SSH2_KEY="no"
> BUILD_KNOWN_HOSTS="yes"
> 
>+nx_user_exists() {
>+    if [ -n $SETUP_LOCAL_USER ] 
>+    then
>+	if { egrep "^nx" /etc/passwd; }
>+	then 
>+	    return 0
>+	else
>+	    return 1
>+	fi
>+    elif { getent passwd nx; }
>+    then
>+        return 0
>+    else
>+	return 1
>+    fi	
>+}
>+
> while [ "$1" ]
> do
> 	case "$1" in
>@@ -27,6 +44,8 @@
> 		--ssh2) SETUP_SSH2_KEY="yes"; shift;;
> 		--dont-build-known-hosts) BUILD_KNOWN_HOSTS="no"; shift;;
> 		--uid) SETUP_UID=$2; shift 2 ;;
>+	        --gid) SETUP_GID=$2; shift 2 ;;
>+	        --localuser) SETUP_LOCAL_USER="yes"; shift;;
> 		--clean) CLEAN="yes"; shift ;;
> 		--uninstall) UNINSTALL="yes"; shift ;;
> 		--purge) PURGE="yes"; shift ;;
>@@ -59,6 +78,8 @@
> 	echo "  --ssh2		       Additionally create commercial pubkey-support, beware"
> 	echo "			       own _commercial_ ssh2-key is not supported!."
> 	echo "  --uid <number>         The nx user will be given the uid <number>."
>+	echo "  --gid <number>         The nx user will be given the gid <number>."
>+	echo "  --localuser            The nx user will be created locally using luseradd, for use in NIS and NISplus environments."
> 	echo "  --clean                Performs an uninstall prior to the installation"
> 	echo "  --uninstall            Remove log and session files, as well as the nx user"
> 	echo "  --purge                Uninstall will remove extra configuration files and ssh"
>@@ -86,23 +107,52 @@
> 	# In any case create the basedir of the HOME directory before, 
> 	# because useradd will fail to make more than one directory
> 	mkdir -p $(dirname "$NX_HOME_DIR")
>+
>+	# Default useradd command
>+	COMMAND_USERADD="/usr/sbin/useradd"
>+
>+	# Default useradd options
>+	USERADD_OPTIONS="-d $NX_HOME_DIR -s $PATH_BIN/nxserver"
>+
>+	# If we are setting up a local user, we need to
>+	# make sure there's a local group.
>+	if [ -n $SETUP_GID -a -n $SETUP_LOCAL_USER ]
>+	then
>+	        /usr/sbin/lgroupadd -g $SETUP_GID nx
>+	fi
>+
>+	# Is the uid specified ?
>+	if [ -n $SETUP_GID ]
>+	then
>+	        USERADD_OPTIONS="-g $SETUP_GID $USERADD_OPTIONS"
>+	fi
> 	
>-	# Are uid specified
>-	if [ -n "$SETUP_UID" ]
>+	# I the gid specified
>+	if [ -n $SETUP_UID ]
> 	then
>-		useradd -u $SETUP_UID -d $NX_HOME_DIR -s $PATH_BIN/nxserver nx
>-	# Is it a debian?
>-	elif [ -f /etc/debian_version ]
>+	        USERADD_OPTIONS="-u $SETUP_UID $USERADD_OPTIONS"
>+	fi
>+
>+	# Is it SuSE?
>+	if [ -f /etc/SuSE-release ]
> 	then
>-		adduser --system --home $NX_HOME_DIR --shell $PATH_BIN/nxserver nx
>-	# or is it a SuSE?
>-	elif [ -f /etc/SuSE-release ]
>+	        USERADD_OPTIONS="-r $USERADD_OPTIONS"
>+	fi
>+
>+	# Do we want to force a local user with luseradd?
>+	if [ -n $SETUP_LOCAL_USER ]
>+	then 
>+	        COMMAND_USERADD="/usr/sbin/luseradd"
>+	# Is it debian?
>+	elif [ -f /etc/debian_version ]
> 	then
>-		useradd -r -d $NX_HOME_DIR -s $PATH_BIN/nxserver nx
>-	# we don't know the system, fallback
>-	else
>-		useradd -d $NX_HOME_DIR -s $PATH_BIN/nxserver nx
>+	        COMMAND_USERADD="/usr/sbin/adduser"
>+		USERADD_OPTIONS="--system --home $NX_HOME_DIR --shell $PATH_BIN/nxserver"
> 	fi
>+
>+	# Add the user :)
>+	$COMMAND_USERADD $USERADD_OPTIONS nx
>+
> }
> 
> install_nx()
>@@ -142,7 +192,7 @@
> 	chmod 600 "$NX_LOGFILE"
> 	echo "done"
> 	
>-	if ! { getent passwd | egrep -q "^nx:"; }
>+	if ! { nx_user_exists; }
> 	then
> 		echo -n "Setting up user nx ..."
> 		useradd_nx
>@@ -226,10 +276,15 @@
> 
> uninstall_nx() 
> {
>-	if { getent passwd | egrep -q "^nx:"; }
>+	if { nx_user_exists; }
> 	then
>+	        COMMAND_USERDEL=/usr/sbin/userdel
>+	        if [ -n $SETUP_LOCAL_USER ]
>+		then
>+		    COMMAND_USERDEL=/usr/sbin/luserdel
>+		fi
> 		echo -n "Removing user nx ..."
>-		userdel nx
>+		$COMMAND_USERDEL nx
> 		echo "done"
> 	fi
> 	
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>FreeNX-kNX mailing list
>FreeNX-kNX at kde.org
>https://mail.kde.org/mailman/listinfo/freenx-knx
>  
>

More information about the FreeNX-kNX mailing list