calamares/src/modules/users/CreateUserJob.cpp

/* === This file is part of Calamares - <https://github.com/calamares> ===
 *
 *   SPDX-FileCopyrightText: 2014-2016 Teo Mrnjavac <teo@kde.org>
 *   SPDX-FileCopyrightText: 2018 Adriaan de Groot <groot@kde.org>
 *   SPDX-License-Identifier: GPL-3.0-or-later
 *   License-Filename: LICENSE
 */

#include "CreateUserJob.h"

#include "GlobalStorage.h"
#include "JobQueue.h"
#include "utils/CalamaresUtilsSystem.h"
#include "utils/Logger.h"

#include <QDateTime>
#include <QDir>
#include <QFile>
#include <QFileInfo>
#include <QProcess>
#include <QTextStream>


CreateUserJob::CreateUserJob( const QString& userName,
                              const QString& fullName,
                              bool autologin,
                              const QStringList& defaultGroups )
    : Calamares::Job()
    , m_userName( userName )
    , m_fullName( fullName )
    , m_autologin( autologin )
    , m_defaultGroups( defaultGroups )
{
}


QString
CreateUserJob::prettyName() const
{
    return tr( "Create user %1" ).arg( m_userName );
}


QString
CreateUserJob::prettyDescription() const
{
    return tr( "Create user <strong>%1</strong>." ).arg( m_userName );
}


QString
CreateUserJob::prettyStatusMessage() const
{
    return tr( "Creating user %1." ).arg( m_userName );
}


Calamares::JobResult
CreateUserJob::exec()
{
    Calamares::GlobalStorage* gs = Calamares::JobQueue::instance()->globalStorage();
    QDir destDir( gs->value( "rootMountPoint" ).toString() );

    if ( gs->contains( "sudoersGroup" ) && !gs->value( "sudoersGroup" ).toString().isEmpty() )
    {
        cDebug() << "[CREATEUSER]: preparing sudoers";

        QFileInfo sudoersFi( destDir.absoluteFilePath( "etc/sudoers.d/10-installer" ) );

        if ( !sudoersFi.absoluteDir().exists() )
        {
            return Calamares::JobResult::error( tr( "Sudoers dir is not writable." ) );
        }

        QFile sudoersFile( sudoersFi.absoluteFilePath() );
        if ( !sudoersFile.open( QIODevice::WriteOnly | QIODevice::Text ) )
        {
            return Calamares::JobResult::error( tr( "Cannot create sudoers file for writing." ) );
        }

        QString sudoersGroup = gs->value( "sudoersGroup" ).toString();

        QTextStream sudoersOut( &sudoersFile );
        sudoersOut << QString( "%%1 ALL=(ALL) ALL\n" ).arg( sudoersGroup );

        if ( QProcess::execute( "chmod", { "440", sudoersFi.absoluteFilePath() } ) )
            return Calamares::JobResult::error( tr( "Cannot chmod sudoers file." ) );
    }

    cDebug() << "[CREATEUSER]: preparing groups";

    QFileInfo groupsFi( destDir.absoluteFilePath( "etc/group" ) );
    QFile groupsFile( groupsFi.absoluteFilePath() );
    if ( !groupsFile.open( QIODevice::ReadOnly | QIODevice::Text ) )
    {
        return Calamares::JobResult::error( tr( "Cannot open groups file for reading." ) );
    }
    QString groupsData = QString::fromLocal8Bit( groupsFile.readAll() );
    QStringList groupsLines = groupsData.split( '\n' );
    for ( QStringList::iterator it = groupsLines.begin(); it != groupsLines.end(); ++it )
    {
        int indexOfFirstToDrop = it->indexOf( ':' );
        it->truncate( indexOfFirstToDrop );
    }

    for ( const QString& group : m_defaultGroups )
    {
        if ( !groupsLines.contains( group ) )
        {
            CalamaresUtils::System::instance()->targetEnvCall( { "groupadd", group } );
        }
    }

    QString defaultGroups = m_defaultGroups.join( ',' );
    if ( m_autologin )
    {
        QString autologinGroup;
        if ( gs->contains( "autologinGroup" ) && !gs->value( "autologinGroup" ).toString().isEmpty() )
        {
            autologinGroup = gs->value( "autologinGroup" ).toString();
            CalamaresUtils::System::instance()->targetEnvCall( { "groupadd", autologinGroup } );
            defaultGroups.append( QString( ",%1" ).arg( autologinGroup ) );
        }
    }

    // If we're looking to reuse the contents of an existing /home
    if ( gs->value( "reuseHome" ).toBool() )
    {
        QString shellFriendlyHome = "/home/" + m_userName;
        QDir existingHome( destDir.absolutePath() + shellFriendlyHome );
        if ( existingHome.exists() )
        {
            QString backupDirName = "dotfiles_backup_" + QDateTime::currentDateTime().toString( "yyyy-MM-dd_HH-mm-ss" );
            existingHome.mkdir( backupDirName );

            CalamaresUtils::System::instance()->targetEnvCall(
                { "sh", "-c", "mv -f " + shellFriendlyHome + "/.* " + shellFriendlyHome + "/" + backupDirName } );
        }
    }

    cDebug() << "[CREATEUSER]: creating user";

    QStringList useradd { "useradd", "-m", "-U" };
    QString shell = gs->value( "userShell" ).toString();
    if ( !shell.isEmpty() )
    {
        useradd << "-s" << shell;
    }
    useradd << "-c" << m_fullName;
    useradd << m_userName;

    auto commandResult = CalamaresUtils::System::instance()->targetEnvCommand( useradd );
    if ( commandResult.getExitCode() )
    {
        cError() << "useradd failed" << commandResult.getExitCode();
        return commandResult.explainProcess( useradd, std::chrono::seconds( 10 ) /* bogus timeout */ );
    }

    commandResult
        = CalamaresUtils::System::instance()->targetEnvCommand( { "usermod", "-aG", defaultGroups, m_userName } );
    if ( commandResult.getExitCode() )
    {
        cError() << "usermod failed" << commandResult.getExitCode();
        return commandResult.explainProcess( "usermod", std::chrono::seconds( 10 ) /* bogus timeout */ );
    }

    QString userGroup = QString( "%1:%2" ).arg( m_userName ).arg( m_userName );
    QString homeDir = QString( "/home/%1" ).arg( m_userName );
    commandResult = CalamaresUtils::System::instance()->targetEnvCommand( { "chown", "-R", userGroup, homeDir } );
    if ( commandResult.getExitCode() )
    {
        cError() << "chown failed" << commandResult.getExitCode();
        return commandResult.explainProcess( "chown", std::chrono::seconds( 10 ) /* bogus timeout */ );
    }

    return Calamares::JobResult::ok();
}
Documentation: change http links to GitHub to https 2017-12-20 14:39:09 +01:00			`/* === This file is part of Calamares - <https://github.com/calamares> ===`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`*`
[users] Apply coding style (only CreateUserJob.cpp though) - use ci/calamaresstyle - SPDX licensing 2020-06-22 12:47:45 +02:00			`* SPDX-FileCopyrightText: 2014-2016 Teo Mrnjavac <teo@kde.org>`
			`* SPDX-FileCopyrightText: 2018 Adriaan de Groot <groot@kde.org>`
			`* SPDX-License-Identifier: GPL-3.0-or-later`
			`* License-Filename: LICENSE`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`*/`

[modules] Be more consistent in include punctuation - Use <> for Qt, system, externals - Use double-quotes for Calamares headers 2020-03-10 02:45:40 +01:00			`#include "CreateUserJob.h"`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
			`#include "GlobalStorage.h"`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`#include "JobQueue.h"`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`#include "utils/CalamaresUtilsSystem.h"`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`#include "utils/Logger.h"`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
If reuseHome is set and if /home/<username> exists, backup dotfiles. 2016-07-15 17:48:29 +02:00			`#include <QDateTime>`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`#include <QDir>`
			`#include <QFile>`
			`#include <QFileInfo>`
			`#include <QProcess>`
			`#include <QTextStream>`


Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`CreateUserJob::CreateUserJob( const QString& userName,`
			`const QString& fullName,`
			`bool autologin,`
			`const QStringList& defaultGroups )`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`: Calamares::Job()`
			`, m_userName( userName )`
			`, m_fullName( fullName )`
			`, m_autologin( autologin )`
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`, m_defaultGroups( defaultGroups )`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`{`
			`}`


			`QString`
			`CreateUserJob::prettyName() const`
			`{`
			`return tr( "Create user %1" ).arg( m_userName );`
			`}`


Update pretty{Description,StatusMessage} for users module jobs. 2015-06-13 02:22:03 +02:00			`QString`
			`CreateUserJob::prettyDescription() const`
			`{`
			`return tr( "Create user <strong>%1</strong>." ).arg( m_userName );`
			`}`


			`QString`
			`CreateUserJob::prettyStatusMessage() const`
			`{`
			`return tr( "Creating user %1." ).arg( m_userName );`
			`}`


CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`Calamares::JobResult`
			`CreateUserJob::exec()`
			`{`
			`Calamares::GlobalStorage* gs = Calamares::JobQueue::instance()->globalStorage();`
			`QDir destDir( gs->value( "rootMountPoint" ).toString() );`

[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`if ( gs->contains( "sudoersGroup" ) && !gs->value( "sudoersGroup" ).toString().isEmpty() )`
Only add wheel to sudoers if a wheel group is defined in conf. 2014-10-08 15:35:27 +02:00			`{`
housekeeping - logging for CreateUser Job 2019-11-08 11:38:39 +01:00			`cDebug() << "[CREATEUSER]: preparing sudoers";`

Only add wheel to sudoers if a wheel group is defined in conf. 2014-10-08 15:35:27 +02:00			`QFileInfo sudoersFi( destDir.absoluteFilePath( "etc/sudoers.d/10-installer" ) );`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
Only add wheel to sudoers if a wheel group is defined in conf. 2014-10-08 15:35:27 +02:00			`if ( !sudoersFi.absoluteDir().exists() )`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`{`
Only add wheel to sudoers if a wheel group is defined in conf. 2014-10-08 15:35:27 +02:00			`return Calamares::JobResult::error( tr( "Sudoers dir is not writable." ) );`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`}`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
Only add wheel to sudoers if a wheel group is defined in conf. 2014-10-08 15:35:27 +02:00			`QFile sudoersFile( sudoersFi.absoluteFilePath() );`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`if ( !sudoersFile.open( QIODevice::WriteOnly \| QIODevice::Text ) )`
			`{`
Only add wheel to sudoers if a wheel group is defined in conf. 2014-10-08 15:35:27 +02:00			`return Calamares::JobResult::error( tr( "Cannot create sudoers file for writing." ) );`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`}`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
Only add wheel to sudoers if a wheel group is defined in conf. 2014-10-08 15:35:27 +02:00			`QString sudoersGroup = gs->value( "sudoersGroup" ).toString();`

			`QTextStream sudoersOut( &sudoersFile );`
			`sudoersOut << QString( "%%1 ALL=(ALL) ALL\n" ).arg( sudoersGroup );`

			`if ( QProcess::execute( "chmod", { "440", sudoersFi.absoluteFilePath() } ) )`
			`return Calamares::JobResult::error( tr( "Cannot chmod sudoers file." ) );`
			`}`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
housekeeping - logging for CreateUser Job 2019-11-08 11:38:39 +01:00			`cDebug() << "[CREATEUSER]: preparing groups";`

Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`QFileInfo groupsFi( destDir.absoluteFilePath( "etc/group" ) );`
			`QFile groupsFile( groupsFi.absoluteFilePath() );`
			`if ( !groupsFile.open( QIODevice::ReadOnly \| QIODevice::Text ) )`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`{`
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`return Calamares::JobResult::error( tr( "Cannot open groups file for reading." ) );`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`}`
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`QString groupsData = QString::fromLocal8Bit( groupsFile.readAll() );`
			`QStringList groupsLines = groupsData.split( '\n' );`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`for ( QStringList::iterator it = groupsLines.begin(); it != groupsLines.end(); ++it )`
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`{`
			`int indexOfFirstToDrop = it->indexOf( ':' );`
			`it->truncate( indexOfFirstToDrop );`
			`}`

[users] Apply coding style (only CreateUserJob.cpp though) - use ci/calamaresstyle - SPDX licensing 2020-06-22 12:47:45 +02:00			`for ( const QString& group : m_defaultGroups )`
			`{`
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`if ( !groupsLines.contains( group ) )`
[users] Apply coding style (only CreateUserJob.cpp though) - use ci/calamaresstyle - SPDX licensing 2020-06-22 12:47:45 +02:00			`{`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`CalamaresUtils::System::instance()->targetEnvCall( { "groupadd", group } );`
[users] Apply coding style (only CreateUserJob.cpp though) - use ci/calamaresstyle - SPDX licensing 2020-06-22 12:47:45 +02:00			`}`
			`}`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`QString defaultGroups = m_defaultGroups.join( ',' );`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`if ( m_autologin )`
			`{`
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`QString autologinGroup;`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`if ( gs->contains( "autologinGroup" ) && !gs->value( "autologinGroup" ).toString().isEmpty() )`
CreateUserJob: do not force any autologin group There is no need to force folks haing a random group bc that is a Distro think. SDDM/GDM works just fine without having a group for the user to autologin. Just setup a group in users.conf .. is why we have a configuration option for that. 2017-09-13 21:44:15 +02:00			`{`
Make default groups, users group and autologin group configurable. 2014-10-08 15:05:23 +02:00			`autologinGroup = gs->value( "autologinGroup" ).toString();`
CreateUserJob: do not force any autologin group There is no need to force folks haing a random group bc that is a Distro think. SDDM/GDM works just fine without having a group for the user to autologin. Just setup a group in users.conf .. is why we have a configuration option for that. 2017-09-13 21:44:15 +02:00			`CalamaresUtils::System::instance()->targetEnvCall( { "groupadd", autologinGroup } );`
			`defaultGroups.append( QString( ",%1" ).arg( autologinGroup ) );`
			`}`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00			`}`

If reuseHome is set and if /home/<username> exists, backup dotfiles. 2016-07-15 17:48:29 +02:00			`// If we're looking to reuse the contents of an existing /home`
			`if ( gs->value( "reuseHome" ).toBool() )`
			`{`
			`QString shellFriendlyHome = "/home/" + m_userName;`
			`QDir existingHome( destDir.absolutePath() + shellFriendlyHome );`
			`if ( existingHome.exists() )`
			`{`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`QString backupDirName = "dotfiles_backup_" + QDateTime::currentDateTime().toString( "yyyy-MM-dd_HH-mm-ss" );`
If reuseHome is set and if /home/<username> exists, backup dotfiles. 2016-07-15 17:48:29 +02:00			`existingHome.mkdir( backupDirName );`

[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`CalamaresUtils::System::instance()->targetEnvCall(`
			`{ "sh", "-c", "mv -f " + shellFriendlyHome + "/.* " + shellFriendlyHome + "/" + backupDirName } );`
If reuseHome is set and if /home/<username> exists, backup dotfiles. 2016-07-15 17:48:29 +02:00			`}`
			`}`

housekeeping - logging for CreateUser Job 2019-11-08 11:38:39 +01:00			`cDebug() << "[CREATEUSER]: creating user";`

[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`QStringList useradd { "useradd", "-m", "-U" };`
[users] Introduce userShell setting - Add a userShell key, which can be left out (default, backwards- compatible) to retain the old /bin/bash behavior, or explicitly set to empty to defer to useradd-configuration, or explicitly set to something non-empty to use that shell. 2018-05-23 11:23:46 +02:00			`QString shell = gs->value( "userShell" ).toString();`
			`if ( !shell.isEmpty() )`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`{`
[users] Introduce userShell setting - Add a userShell key, which can be left out (default, backwards- compatible) to retain the old /bin/bash behavior, or explicitly set to empty to defer to useradd-configuration, or explicitly set to something non-empty to use that shell. 2018-05-23 11:23:46 +02:00			`useradd << "-s" << shell;`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`}`
[users] Factor out command-line to useradd - This is prep-work for #964, which was caused by #955 - Original assumption was that distro's would have a working useradd configuration; @abucodonosor already pointed out that this was probably not the case, but I ignored that. 2018-05-22 17:45:39 +02:00			`useradd << "-c" << m_fullName;`
			`useradd << m_userName;`

[users] Rename badly-named variable 2019-02-21 12:40:49 +01:00			`auto commandResult = CalamaresUtils::System::instance()->targetEnvCommand( useradd );`
			`if ( commandResult.getExitCode() )`
[users] Improve explanation when useradd fails 2018-05-23 13:03:59 +02:00			`{`
[users] Rename badly-named variable 2019-02-21 12:40:49 +01:00			`cError() << "useradd failed" << commandResult.getExitCode();`
Modules: chase API change, use std::chrono::seconds 2019-08-01 22:59:06 +02:00			`return commandResult.explainProcess( useradd, std::chrono::seconds( 10 ) /* bogus timeout */ );`
[users] Improve explanation when useradd fails 2018-05-23 13:03:59 +02:00			`}`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`commandResult`
			`= CalamaresUtils::System::instance()->targetEnvCommand( { "usermod", "-aG", defaultGroups, m_userName } );`
[users] Rename badly-named variable 2019-02-21 12:40:49 +01:00			`if ( commandResult.getExitCode() )`
[users] Improve explanation of other steps of adding a user 2018-05-23 14:11:49 +02:00			`{`
[users] Rename badly-named variable 2019-02-21 12:40:49 +01:00			`cError() << "usermod failed" << commandResult.getExitCode();`
Modules: chase API change, use std::chrono::seconds 2019-08-01 22:59:06 +02:00			`return commandResult.explainProcess( "usermod", std::chrono::seconds( 10 ) /* bogus timeout */ );`
[users] Improve explanation of other steps of adding a user 2018-05-23 14:11:49 +02:00			`}`

			`QString userGroup = QString( "%1:%2" ).arg( m_userName ).arg( m_userName );`
			`QString homeDir = QString( "/home/%1" ).arg( m_userName );`
[users] Apply coding style (lots of churn) 2019-10-21 17:21:33 +02:00			`commandResult = CalamaresUtils::System::instance()->targetEnvCommand( { "chown", "-R", userGroup, homeDir } );`
[users] Rename badly-named variable 2019-02-21 12:40:49 +01:00			`if ( commandResult.getExitCode() )`
[users] Improve explanation of other steps of adding a user 2018-05-23 14:11:49 +02:00			`{`
[users] Rename badly-named variable 2019-02-21 12:40:49 +01:00			`cError() << "chown failed" << commandResult.getExitCode();`
Modules: chase API change, use std::chrono::seconds 2019-08-01 22:59:06 +02:00			`return commandResult.explainProcess( "chown", std::chrono::seconds( 10 ) /* bogus timeout */ );`
[users] Improve explanation of other steps of adding a user 2018-05-23 14:11:49 +02:00			`}`
CreateUserJob for Users viewmodule 2014-07-31 14:53:46 +02:00
			`return Calamares::JobResult::ok();`
			`}`