Skip to content

Commit

Permalink
Merge pull request canonical#438 from simondeziel/user-group-creation
Browse files Browse the repository at this point in the history
Rework user/group creation to ensure `lxd`'s primary group is `lxd`
  • Loading branch information
tomponline authored Apr 23, 2024
2 parents c31a2fa + cd1a18d commit 16f6d21
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 20 deletions.
20 changes: 10 additions & 10 deletions snapcraft/commands/daemon.activate
Original file line number Diff line number Diff line change
Expand Up @@ -59,16 +59,6 @@ if echo "${SNAP_MODEL}" | grep -q "^lxd-core"; then
exit 0
fi

# Setup the "lxd" user
if ! getent passwd lxd >/dev/null 2>&1; then
echo "==> Creating \"lxd\" user"
if grep -q "^passwd.*extrausers" /var/lib/snapd/hostfs/etc/nsswitch.conf; then
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --extrausers lxd || true
else
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false lxd || true
fi
fi

# Setup the "lxd" group
if [ "${daemon_group}" = "lxd" ] && ! getent group lxd >/dev/null 2>&1; then
echo "==> Creating \"lxd\" group"
Expand All @@ -79,6 +69,16 @@ if [ "${daemon_group}" = "lxd" ] && ! getent group lxd >/dev/null 2>&1; then
fi
fi

# Setup the "lxd" user
if ! getent passwd lxd >/dev/null 2>&1; then
echo "==> Creating \"lxd\" user"
if grep -q "^passwd.*extrausers" /var/lib/snapd/hostfs/etc/nsswitch.conf; then
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --gid lxd --extrausers lxd || true
else
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --gid lxd lxd || true
fi
fi

# Set socket ownership
if getent group "${daemon_group}" >/dev/null 2>&1; then
if [ -e "${SNAP_COMMON}/lxd/unix.socket" ]; then
Expand Down
20 changes: 10 additions & 10 deletions snapcraft/commands/daemon.start
Original file line number Diff line number Diff line change
Expand Up @@ -274,16 +274,6 @@ for entry in dev proc sys; do
mount -o bind "/${entry}" "/var/lib/snapd/hostfs/${entry}"
done

# Setup the "lxd" user
if ! getent passwd lxd >/dev/null 2>&1; then
echo "==> Creating \"lxd\" user"
if grep -q "^passwd.*extrausers" /var/lib/snapd/hostfs/etc/nsswitch.conf; then
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --extrausers lxd || true
else
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false lxd || true
fi
fi

# Setup the "lxd" group
if [ "${daemon_group}" = "lxd" ] && ! getent group lxd >/dev/null 2>&1; then
echo "==> Creating \"lxd\" group"
Expand All @@ -294,6 +284,16 @@ if [ "${daemon_group}" = "lxd" ] && ! getent group lxd >/dev/null 2>&1; then
fi
fi

# Setup the "lxd" user
if ! getent passwd lxd >/dev/null 2>&1; then
echo "==> Creating \"lxd\" user"
if grep -q "^passwd.*extrausers" /var/lib/snapd/hostfs/etc/nsswitch.conf; then
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --gid lxd --extrausers lxd || true
else
nsenter -t 1 -m useradd --system -M -N --home "${SNAP_COMMON}/lxd" --shell /bin/false --gid lxd lxd || true
fi
fi

# Setup for ceph
echo "==> Setting up ceph configuration"
if [ "${ceph_builtin:-"false"}" = "true" ]; then
Expand Down

0 comments on commit 16f6d21

Please sign in to comment.