| Summary: | autologin still shows system users | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Bjarne Thomsen <bjarne.thomsen> |
| Component: | RPM Packages | Assignee: | Colin Guthrie <mageia> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | release_blocker | CC: | 0123peter, anaselli, eeeemail, mageia, thierry.vignaud, ugal12v, westel, wilcal.int |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | perl-MDK-Common-1.2.30-3.mga5 | CVE: | |
| Status comment: | |||
|
Description
Bjarne Thomsen
2014-10-23 04:11:46 CEST
Manuel Hiebel
2014-10-29 08:41:32 CET
Priority:
Normal =>
release_blocker
claire robinson
2014-10-29 16:04:44 CET
CC:
(none) =>
anaselli, eeeemail If the default settings are accepted the auto login logs in and creates profiles in eg. /var/lib/colord or chrony. A result of the change to UID 1000 I suppose. I've got a fix for this in perl-MDK-Common and will refactor userdrak to make use of a newly exported function there to help centralise this filtering logic. Should get this submitted shortly (but not tonight). Source RPM:
drakxtools-16.44-1.mga5 =>
perl-MDK-Common-1.2.30-3.mga5
Colin Guthrie
2014-11-16 21:14:29 CET
Assignee:
bugsquad =>
mageia commit deb5fedd10f1e367973f55ba82677c41e7ca4643
Author: Colin Guthrie <colin@...>
Date: Mon Nov 17 16:43:34 2014 +0000
Fix list_users() to filter on new uid range.
The first assigned uid has now changed to 1000 (from 500)
to fall in line with most other distros.
This number seems hardcoded in a few places to try to
do a little bit of refactoring and add a new exported
function, is_real_user(), to try and centralise this
logic a little.
This should ultimately fix the likes of drakboot's
autologin user list.
mga#14346
---
Commit Link:
http://gitweb.mageia.org/software/perl/perl-MDK-Common/commit/?id=deb5fedd10f1e367973f55ba82677c41e7ca4643
commit 130ce2915743952a8b40e8c3bab4d8bc5848564e
Author: Colin Guthrie <colin@...>
Date: Mon Nov 17 17:24:31 2014 +0000
Add an is_real_group API
This is similar to the is_real_user() API added in the previous
commit and will be useful in higher level code which might
need to filter the display appropriately.
Here we use the heuristic that if the GID is in the range 500-999
then we check to see whether the group is the primary group of a
user with the same name (and the user is considered a 'real' user)
or that the group has any member who is considered 'real'.
mga#14346
---
Commit Link:
http://gitweb.mageia.org/software/perl/perl-MDK-Common/commit/?id=130ce2915743952a8b40e8c3bab4d8bc5848564e
commit c120dc6c3b23c927511776a7ab2910047b377169
Author: Colin Guthrie <colin@...>
Date: Mon Nov 17 17:28:24 2014 +0000
Make the is_real_(user|group) functions take just a name
While this may cause a few unnecessary getpwnam/getgrnam calls
this makes the API much simpler for using externally and means
we cannot be called with bogus information for u/gid, homedir
and shell and such like.
mga#14346
---
Commit Link:
http://gitweb.mageia.org/software/perl/perl-MDK-Common/commit/?id=c120dc6c3b23c927511776a7ab2910047b377169
Angelo, do you want to cast your eye over the above commits (or just look at the two functions is_real* starting here: http://gitweb.mageia.org/software/perl/perl-MDK-Common/tree/lib/MDK/Common/System.pm#n299) and let me know if you think this is OK? If this looks sensible, I'll nuke the heuristic code in drakuser and then use this check instead (which is essentially the same). The reason I ask is that we discussed the group filtering heuristic before and this is my implementation. I think it's sensible, but you might spot some cracks! :) Cheers! @Col #comment 9, thanks for pointing me that. As far as i can say from my perl-fu pow -not so great- is very clean and nice to read :) I think it could be integrate in drakuser and manauser soon. As a little note i would add parameters description to function POD, and, but that is just my own opinion, i'd prefer to explicitly use "return"... it's something like forcing the use of if-then-else with brackets for c and c++, just to avoid someone else changes is going to miss that... (as said is just my pow). As said via irc, are you planning to backport it to MGA4? That would allow me to go on developing and testing adminpanel on my stable PC without backporting things by myself :) (In reply to Angelo Naselli from comment #10) > @Col #comment 9, thanks for pointing me that. As far as i can say from my > perl-fu pow -not so great- is very clean and nice to read :) > > I think it could be integrate in drakuser and manauser soon. > > As a little note i would add parameters description to function POD Ahh yes, I didn't really think about params here, but yes you are correct for sure. > i'd prefer to explicitly use "return"... > it's something like forcing the use of if-then-else with brackets for c and > c++, just to avoid someone else changes is going to miss that... (as said is > just my pow). One of my personal hates is using if-then-else brackets for single line statements - it makes the code so ugly! But a lot of this is taste. I too probably prefer and explicit return most of the time, but do try to do things "the perl way" on occasion. I'll probably change it tho'. :) > As said via irc, are you planning to backport it to MGA4? > That would allow me to go on developing and testing adminpanel on my stable > PC without backporting things by myself :) I think a backport MGA4 would be pretty easy and reasonable to do for this. All it would need to do is a very, very simple uid+gid check for >500 and forgo all the other checks, so pretty trivial to implement. Happy enough to do that. Col, to be honest we could also leave the checks as they are added by you, which is the cons? I mean adding a new user would use uid >=1000 that is in line with the further upgrade to mga5, looking for old users instead will fall in the heuristic checks you added and should work. Am I wrong? (at least mana user does atm :) ) Concerning the code style it's not me that should say the last word there, i just considered that other people could add some lines and the return values if i'm not wrong. should depend on those lines. If documentation reports out parameters then the author of changes is wrong, but if it does not, then could mean a don't care return value, that is not this case. I hope you understand what i mean. now apparent in Mageia-5-beta2-i586-DVD [ 64bit install ] CC:
(none) =>
westel apologies, that should have been Mageia-5-beta2-dual-DVD [ 64 bit install ] and still present in cauldron (2014-12-19).... Yeah, this is fixed in git a while back, just need to do a release of perl-MDK-Common OK, I've pushed a new version now. Should be fixed in cauldron soon. OK, fixed now (at least on my machine... hope my tests are valid!) Resolution:
(none) =>
FIXED |