add daemon user to required groups

bareos storage daemon user must be in groups tape and/or disk to be able to access tape devices. Due to different behavior of different distributions (install order if not always the same), every package that requires a specific group/user set this up on its own. preinstall: bareos-common: setup default daemon group bareos and user bareos bareos-filedaemon: setup fd group (bareos) and user (root) bareos-storage: setup sd group (bareos) and user (bareos) bareos-director: setup dir group (bareos) and user (bareos) postinstall: bareos-storage: call bareos-config setup_sd_user, which checks if sd group and user exists, otherwise it creates them, and add the sd user (bareos) to the groups tape and disk, if they exists. Tested on: Debian 6, Ubuntu 12.04 (32bit), SLES11SP2, Centos5 Fixes #99: user bareos unable to operate tape changer due to wrong permissions Signed-off-by: Marco van Wieringen <marco.van.wieringen@bareos.com>
bareos · Feb 17, 2015 · 9a69ea9 · 9a69ea9
1 parent 2651ba4
commit 9a69ea9
Show file tree

Hide file tree

Showing 11 changed files with 301 additions and 297 deletions.
diff --git a/autoconf/configure.in b/autoconf/configure.in
@@ -3631,6 +3631,10 @@ fi
 AC_OUTPUT([autoconf/Make.common \
 	   Makefile \
 	   manpages/Makefile \
+	   debian/bareos-common.preinst \
+	   debian/bareos-filedaemon.preinst \
+	   debian/bareos-director.preinst \
+	   debian/bareos-storage.preinst \
 	   scripts/bareos-config \
 	   scripts/btraceback \
 	   scripts/bconsole \

diff --git a/debian/bareos-common.preinst → debian/bareos-common.preinst.in b/debian/bareos-common.preinst → debian/bareos-common.preinst.in
@@ -16,37 +16,34 @@ set -e
 daemon_user=bareos
 daemon_group=bareos
 
-working_dir=/var/lib/bareos
+WORKING_DIR="@working_dir@"
+
 
 create_group()
 {
-  # creating group if he isn't already there
-  if ! getent group $daemon_group >/dev/null; then
-        # Adding system group
-        addgroup --system $daemon_group >/dev/null
-  fi
+    [ -z "$1" ] && return
+    # creating group if he isn't already there.
+    # use addgroup instead of groupadd,
+    # because "addgroup" uses the next available number,
+    # while "groupadd" uses uses GID_MIN -1 (999)
+    getent group $1 > /dev/null || addgroup -q --system $1
 }
 
 create_user()
 {
-  # creating user if he isn't already there
-  if ! getent passwd $daemon_user >/dev/null; then
-        # Adding system user
-        adduser \
-          --system \
-          --disabled-login \
-          --ingroup $daemon_group \
-          --home $working_dir \
-          --gecos "Bareos" \
-          --shell /bin/false \
-          $daemon_user  >/dev/null
-  fi
+    [ -z "$1" ] && return
+    # creating user if he isn't already there.
+    # use adduser instead of useradd,
+    # because "adduser" uses the next available number,
+    # while "useradd" uses uses UID_MIN -1 (999)
+    getent passwd $1 > /dev/null || adduser -q --system --ingroup $daemon_group --home "$WORKING_DIR" --no-create-home --gecos "$1" $1
 }
 
+
 case "$1" in
     install|upgrade)
-      create_group
-      create_user
+      create_group $daemon_group
+      create_user  $daemon_user
     ;;
 
     abort-upgrade)

diff --git a/debian/bareos-director.preinst b/debian/bareos-director.preinst
diff --git a/debian/bareos-director.preinst.in b/debian/bareos-director.preinst.in
@@ -0,0 +1,63 @@
+#!/bin/sh
+# preinst script for bareos
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+daemon_group=@dir_group@
+daemon_user=@dir_user@
+
+WORKING_DIR="@working_dir@"
+
+
+create_group()
+{
+    [ -z "$1" ] && return
+    # creating group if he isn't already there.
+    # use addgroup instead of groupadd,
+    # because "addgroup" uses the next available number,
+    # while "groupadd" uses uses GID_MIN -1 (999)
+    getent group $1 > /dev/null || addgroup -q --system $1
+}
+
+create_user()
+{
+    [ -z "$1" ] && return
+    # creating user if he isn't already there.
+    # use adduser instead of useradd,
+    # because "adduser" uses the next available number,
+    # while "useradd" uses uses UID_MIN -1 (999)
+    getent passwd $1 > /dev/null || adduser -q --system --ingroup $daemon_group --home "$WORKING_DIR" --no-create-home --gecos "$1" $1
+}
+
+
+case "$1" in
+    install|upgrade)
+      create_group ${daemon_group}
+      create_user  ${daemon_user}
+    ;;
+
+    abort-upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/bareos-filedaemon.preinst b/debian/bareos-filedaemon.preinst
diff --git a/debian/bareos-filedaemon.preinst.in b/debian/bareos-filedaemon.preinst.in
@@ -0,0 +1,63 @@
+#!/bin/sh
+# preinst script for bareos
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+#        * <new-preinst> `install'
+#        * <new-preinst> `install' <old-version>
+#        * <new-preinst> `upgrade' <old-version>
+#        * <old-preinst> `abort-upgrade' <new-version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+daemon_group=@dir_group@
+daemon_user=@dir_user@
+
+WORKING_DIR="@working_dir@"
+
+
+create_group()
+{
+    [ -z "$1" ] && return
+    # creating group if he isn't already there.
+    # use addgroup instead of groupadd,
+    # because "addgroup" uses the next available number,
+    # while "groupadd" uses uses GID_MIN -1 (999)
+    getent group $1 > /dev/null || addgroup -q --system $1
+}
+
+create_user()
+{
+    [ -z "$1" ] && return
+    # creating user if he isn't already there.
+    # use adduser instead of useradd,
+    # because "adduser" uses the next available number,
+    # while "useradd" uses uses UID_MIN -1 (999)
+    getent passwd $1 > /dev/null || adduser -q --system --ingroup $daemon_group --home "$WORKING_DIR" --no-create-home --gecos "$1" $1
+}
+
+
+case "$1" in
+    install|upgrade)
+      create_group ${daemon_group}
+      create_user  ${daemon_user}
+    ;;
+
+    abort-upgrade)
+    ;;
+
+    *)
+        echo "preinst called with unknown argument \`$1'" >&2
+        exit 1
+    ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff --git a/debian/bareos-storage.postinst b/debian/bareos-storage.postinst
@@ -40,6 +40,7 @@ enable_rc_scripts()
 case "$1" in
     configure)
         permissions
+        /usr/lib/bareos/scripts/bareos-config setup_sd_user
         /usr/lib/bareos/scripts/bareos-config initialize_local_hostname
         /usr/lib/bareos/scripts/bareos-config initialize_passwords
         enable_rc_scripts