Bug#684463: condor fails to install if condor user already exists

Tue, 14 Aug 2012 00:30:19 -0700 

On Tue, Aug 14, 2012 at 09:18:36AM +0200, Michael Hanke wrote:
> On Mon, Aug 13, 2012 at 02:18:11PM +0200, Tiziano Zito wrote:
> > What about this in condor.postinst::
> > 
> > SH=$(getent passwd | egrep '^condor:'| cut -d : -f 7)
> > if [ "$SH" = "/bin/false" -o "$SH" = "/usr/sbin/nologin" ]; then
> >    # condor user exists and it is a locked user 
> > else
> >    adduser --system ...
> > fi
> 
> I'd like to turn this around: First run adduser and only if it fails
> check for an existing condor user and issue a warning if it exists _and_
> is locked down _and_ the package will use it as a daemon user. Otherwise fail.
> 
> The code above would result in a warning message on every upgrade,
> even when the package did successfully create a system user itself.

So here is a proposal how to deal with this. Please let me know, if
you anticipate problems with this approach:

diff --git a/debian/condor.postinst b/debian/condor.postinst
index 91ac8a5..0156b7c 100755
--- a/debian/condor.postinst
+++ b/debian/condor.postinst
@@ -164,8 +164,24 @@ case "$1" in
     configure)
         # according to 
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621833#119
         # this should always work
-        adduser --system --group --gecos "$condor_gecos" --home $condor_home \
-                --disabled-password --disabled-login $condor_user --quiet
+        if ! adduser --system --group --gecos "$condor_gecos" --home 
$condor_home \
+                --disabled-password --disabled-login $condor_user --quiet ; 
then
+            # the only time where it would fail, is when there is an existing
+            # non-system 'condor' user. This could happen e.g. in a 
heterogenous
+            # Condor pool (various OSes) where the adminstrative Condor user
+            # comes from LDAP and the home dir is shared across machines. This
+            # is a supported deployment scenario for Condor (see installation
+            # manual section 3.2)
+            # the only problem is the possibility to conflict with an actual
+            # "human" user with the same name, so only proceed when the
+            # respective user is locked down
+            SH=$(getent passwd | egrep '^condor:'| cut -d : -f 7)
+            if [ "$SH" = "/bin/false" -o "$SH" = "/usr/sbin/nologin" ]; then
+                echo "WARNING: Condor will be running under an existing 
non-system user account 'condor'."
+            else
+                exit 1
+            fi
+        fi
         # make sure the config and home dir are complete
         condor_local_cfg_template
         condor_put_debconf_cfg



Thanks

Michael

-- 
Michael Hanke
http://mih.voxindeserto.de


-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to