summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorFĂ©lix Sipma2015-12-14 11:31:25 +0100
committerJoey Hess2015-12-14 14:53:45 -0400
commit9a7a6c1557f3d9839db42c82b82ed8aad1653bde (patch)
tree026c1bb43467b02a7382bb576a85966cf8ac0248 /src
parentcfe29b861122485304a9e18317524cc6a2c4101d (diff)
User: add systemAccountFor and simpleSystemAccount properties
(cherry picked from commit 4075a38db0fad4ef6e0c99e13c40ad9e0d54ec8b)
Diffstat (limited to 'src')
-rw-r--r--src/Propellor/Property/User.hs26
1 files changed, 25 insertions, 1 deletions
diff --git a/src/Propellor/Property/User.hs b/src/Propellor/Property/User.hs
index ea88a1b3..aef9ee57 100644
--- a/src/Propellor/Property/User.hs
+++ b/src/Propellor/Property/User.hs
@@ -18,6 +18,30 @@ accountFor user@(User u) = check nohomedir go
, u
]
+simpleSystemAccount :: User -> Property NoInfo
+simpleSystemAccount u = systemAccountFor u Nothing (Just (Group "nogroup"))
+
+systemAccountFor :: User -> Maybe FilePath -> Maybe Group -> Property NoInfo
+systemAccountFor (User u) mhome mgroup = check nouser go
+ `describe` ("system account for " ++ u)
+ where
+ nouser = isNothing <$> catchMaybeIO (getUserEntryForName u)
+ go = cmdProperty "adduser" $
+ [ "--system" ]
+ ++
+ "--home" : maybe
+ ["/nonexistent", "--no-create-home"]
+ ( \h -> [ h ] )
+ mhome
+ ++
+ maybe [] ( \(Group g) -> ["--ingroup", g] ) mgroup
+ ++
+ [ "--shell", "/usr/bin/nologin"
+ , "--disabled-login"
+ , "--disabled-password"
+ , u
+ ]
+
-- | Removes user home directory!! Use with caution.
nuked :: User -> Eep -> Property NoInfo
nuked user@(User u) _ = check hashomedir go
@@ -131,7 +155,7 @@ hasDesktopGroups user@(User u) = property desc $ do
desc = "user " ++ u ++ " is in standard desktop groups"
-- This list comes from user-setup's debconf
-- template named "passwd/user-default-groups"
- desktopgroups =
+ desktopgroups =
[ "audio"
, "cdrom"
, "dip"