Use gum-utils instead of shadow-utils for making security_test_user

Using plain useradd or userdel in %post scripts causes wrong label on
/etc/passwd and /etc/group files. The reason for that is that the user
manipulation tools from shadow-utils bakcup the old file in /etc/ and
create a new edited one instead of modifying it in-place.
This results in files in /etc created with Smack label of the process
that added or removed the user.

Change-Id: Id523dcd25d1434dbe2847db915d5b4f630b3861a

diff --git a/packaging/security-tests.spec b/packaging/security-tests.spec
index ffb07c5..d9319fa 100644 (file)
--- a/packaging/security-tests.spec
+++ b/packaging/security-tests.spec
@@ -65,7 +65,7 @@ ln -sf /etc/smack/test_smack_rules %{buildroot}/etc/smack/test_smack_rules_lnk
 
 %post
 id -u  security_test_user 1>/dev/null 2>&1 || \
-    useradd -r -g users -s /sbin/nologin -c "for tests only" security_test_user
+    gum-utils -o -a --username=security_test_user --usertype=normal
 
 # Reload dbus daemon to apply newly installed configuration
 systemctl reload dbus
@@ -104,4 +104,4 @@ echo "security-tests postinst done ..."
 %{_prefix}/share/yaca-test
 
 %postun
-id -u security_test_user  1>/dev/null 2>&1 && userdel security_test_user
+id -u security_test_user 1>/dev/null 2>&1 && gum-utils -o -d --uid=`id -u security_test_user`