From: Imran Zaman Date: Mon, 18 Nov 2013 13:38:49 +0000 (+0200) Subject: Moved default configuration parameters to the configure script X-Git-Tag: upstream/1.0.8^2~83 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=093106fc955d6cdb140c16a41e10f30a0d66b3f7;p=platform%2Fupstream%2Fgumd.git Moved default configuration parameters to the configure script --- diff --git a/configure.ac b/configure.ac index 535589e..4b047d5 100644 --- a/configure.ac +++ b/configure.ac @@ -49,7 +49,7 @@ if test "x$CRYPT_LIB" = "x" ; then fi # Enable Distcheck -AC_ARG_ENABLE(distcheck, [--enable-distcheck build for distcheck target], +AC_ARG_ENABLE(distcheck, [ --enable-distcheck build for distcheck target], [enable_distcheck=yes], [enable_distcheck=no]) echo "--------------------------------" echo "Distcheck : '$enable_distcheck'" @@ -57,7 +57,7 @@ AM_CONDITIONAL(SET_PERMISSIONS, [test x$enable_distcheck != xyes]) # Enable Dbus type AC_ARG_ENABLE(dbus-type, - [--enable-dbus-type=dbus-type specify daemon dbus type: + [ --enable-dbus-type=dbus-type specify daemon dbus type: p2p(default): uses peer to peer dbus session: uses session message bus system: uses system message bus], @@ -69,6 +69,7 @@ echo "--------------------------------" if test "x$enable_dbus_type" = "xp2p" ; then AC_DEFINE(GUM_BUS_TYPE_P2P, [1], [Use peer to peer dbus]) elif test "x$enable_dbus_type" = "xsession" ; then + PKG_CHECK_MODULES([DBus], [dbus-1]) AC_DEFINE(GUM_BUS_TYPE, [G_BUS_TYPE_SESSION], [Use session bus]) if test "x$enable_distcheck" = "xyes" ; then DBUS_SERVICES_DIR="${datadir}/dbus-1/services" @@ -80,6 +81,7 @@ elif test "x$enable_dbus_type" = "xsession" ; then DBUS_CONF_DIR="`pkg-config --variable sysconfdir dbus-1`/dbus-1/session.d" fi elif test "x$enable_dbus_type" = "xsystem" ; then + PKG_CHECK_MODULES([DBus], [dbus-1]) AC_DEFINE(GUM_BUS_TYPE, [G_BUS_TYPE_SYSTEM], [Use system bus]) if test "x$enable_distcheck" = "xyes" ; then DBUS_SERVICES_DIR="${datadir}/dbus-1/system-services" @@ -107,7 +109,7 @@ elif test "x$VAR_SYSTEMD" = "x" ; then fi # Enable tests -AC_ARG_ENABLE(tests, [--enable-tests enable tests features], +AC_ARG_ENABLE(tests, [ --enable-tests enable tests features], [enable_tests=yes], [enable_tests=no]) echo "--------------------------------" echo "Enable tests features: '$enable_tests'" @@ -117,7 +119,7 @@ fi AM_CONDITIONAL(HAVE_TESTS, [test x$enable_tests = xyes]) # Enable Debug -AC_ARG_ENABLE(debug, [--enable-debug enable debug features], +AC_ARG_ENABLE(debug, [ --enable-debug enable debug features], [enable_debug=yes], [enable_debug=no]) if test "x$enable_tests" = "xyes" ; then # Enable debug automatically when tests are enabled @@ -131,6 +133,96 @@ if test "x$enable_debug" = "xyes" ; then fi AM_CONDITIONAL(HAVE_DEBUG, [test x$enable_debug = xyes]) +# passwd file +AC_ARG_ENABLE(passwdfile, + [ --enable-passwdfile=path enable passwd file at location "path" + instead of default "/etc/passwd"], + [enable_passwdfile=$enableval], + [enable_passwdfile="/etc/passwd"]) +AC_DEFINE_UNQUOTED(GUM_PASSWD_FILE, ["$enable_passwdfile"], + [Path for passwd file]) + +# shadow file +AC_ARG_ENABLE(shadowfile, + [ --enable-shadowfile=path enable shadow file at location "path" + instead of default "/etc/shadow"], + [enable_shadowfile=$enableval], + [enable_shadowfile="/etc/shadow"]) +AC_DEFINE_UNQUOTED(GUM_SHADOW_FILE, ["$enable_shadowfile"], + [Path for shadow file]) + +# group file +AC_ARG_ENABLE(groupfile, + [ --enable-groupfile=path enable group file at location "path" + instead of default "/etc/group"], + [enable_groupfile=$enableval], + [enable_groupfile="/etc/group"]) +AC_DEFINE_UNQUOTED(GUM_GROUP_FILE, ["$enable_groupfile"], + [Path for group file]) + +# gshadow file +AC_ARG_ENABLE(gshadowfile, + [ --enable-gshadowfile=path enable gshadow file at location "path" + instead of default "/etc/gshadow"], + [enable_gshadowfile=$enableval], + [enable_gshadowfile="/etc/gshadow"]) +AC_DEFINE_UNQUOTED(GUM_GSHADOW_FILE, ["$enable_gshadowfile"], + [Path for gshadow file]) + +# home dir prefix +AC_ARG_ENABLE(homedirpref, + [ --enable-homedirpref=path enable home directory prefix at "path" + instead of default "/home"], + [enable_homedirpref=$enableval], + [enable_homedirpref="/home"]) +AC_DEFINE_UNQUOTED(GUM_HOME_DIR_PREFIX, ["$enable_homedirpref"], + [Path for home dir prefix]) + +# shell path +AC_ARG_ENABLE(shell, + [ --enable-shell=path enable shell at location "path" + instead of default "/bin/bash"], + [enable_shell=$enableval], + [enable_shell="/bin/bash"]) +AC_DEFINE_UNQUOTED(GUM_SHELL, ["$enable_shell"], + [Path for shell]) + +# defult user groups +AC_ARG_ENABLE(defusergroups, + [ --enable-defusergroups=groups enable default user groups by + "groups" instead of default "users"], + [enable_defusergroups=$enableval], + [enable_defusergroups="users"]) +AC_DEFINE_UNQUOTED(GUM_DEF_GROUPS, ["$enable_defusergroups"], + [Default user groups to be assigned to user on creation]) + +# defult admin groups +AC_ARG_ENABLE(defadmingroups, + [ --enable-defadmingroups=groups enable default groups for admin + user by "groups" instead of default "users"], + [enable_defadmingroups=$enableval], + [enable_defadmingroups="users"]) +AC_DEFINE_UNQUOTED(GUM_DEF_ADMIN_GROUPS, ["$enable_defadmingroups"], + [Default groups to be assigned to the admin user on creation]) + +# skeldir +AC_ARG_ENABLE(skeldir, + [ --enable-skeldir=path enable skel dir at location "path" instead + of default "/etc/skel"], + [enable_skeldir=$enableval], + [enable_skeldir="/etc/skel"]) +AC_DEFINE_UNQUOTED(GUM_SKEL_DIR, ["$enable_skeldir"], [Path for skel directory]) + +# encryption algorithm +AC_ARG_ENABLE(encryptalgo, + [ --enable-encryptalgo=algo enable encrypt algorithm as specified + by "algo" instead of default "SHA512". Other supported algorithms are + 'MD5', 'SHA256', 'DES'], + [enable_encryptalgo=$enableval], + [enable_encryptalgo="SHA512"]) +AC_DEFINE_UNQUOTED(GUM_ENCRYPT_METHOD, ["$enable_encryptalgo"], [Encrypt + algorithm]) + # Gtk-doc GTK_DOC_CHECK([1.18],[--flavour no-tmpl]) diff --git a/docs/Makefile.am b/docs/Makefile.am index 84b7be3..069f9cc 100644 --- a/docs/Makefile.am +++ b/docs/Makefile.am @@ -104,7 +104,7 @@ include $(top_srcdir)/docs/gtk-doc.make # Other files to distribute # e.g. EXTRA_DIST += version.xml.in -EXTRA_DIST += +EXTRA_DIST += version.xml.in examples.xml introduction.xml # Files not to distribute # for --rebuild-types in $(SCAN_OPTIONS), e.g. $(DOC_MODULE).types diff --git a/include/gum/common/gum-config-general.h b/include/gum/common/gum-config-general.h index 71fbe91..6f49485 100644 --- a/include/gum/common/gum-config-general.h +++ b/include/gum/common/gum-config-general.h @@ -54,6 +54,15 @@ "/DEFAULT_USR_GROUPS" /** + * GUM_CONFIG_GENERAL_DEF_ADMIN_GROUPS: + * + * Comma separate listed of groups, which admin user will be added to at the + * time of admin account creation. Default value is: 'users' + */ +#define GUM_CONFIG_GENERAL_DEF_ADMIN_GROUPS GUM_CONFIG_GENERAL \ + "/DEFAULT_ADMIN_GROUPS" + +/** * GUM_CONFIG_GENERAL_PASSWD_FILE: * * Path to passwd file which represents user information. Default is @@ -241,4 +250,12 @@ #define GUM_CONFIG_GENERAL_UMASK GUM_CONFIG_GENERAL \ "/UMASK" +/** + * GUM_CONFIG_GENERAL_ENCRYPT_METHOD: + * + * Value used to set the encryption algorithm. Default + * value is: 'SHA512'. Other supported options are: 'MD5', 'SHA256', 'DES'. + */ +#define GUM_CONFIG_GENERAL_ENCRYPT_METHOD GUM_CONFIG_GENERAL \ + "/ENCRYPT_METHOD" #endif /* __GUM_GENERAL_CONFIG_H_ */ diff --git a/include/gum/common/gum-crypt.h b/include/gum/common/gum-crypt.h index 4762660..e5b1cc4 100644 --- a/include/gum/common/gum-crypt.h +++ b/include/gum/common/gum-crypt.h @@ -30,19 +30,10 @@ G_BEGIN_DECLS -typedef enum { - - GUM_CRYPT_MD5 = 1, - GUM_CRYPT_SHA256 = 2, - GUM_CRYPT_SHA512 = 3, - GUM_CRYPT_DES = 4 - -} GumCryptMethodID; - gchar * gum_crypt_encrypt_secret ( const gchar *secret, - GumCryptMethodID methodid); + const gchar *encryp_algo); gint gum_crypt_cmp_secret ( diff --git a/include/gum/common/gum-group-types.h b/include/gum/common/gum-group-types.h index e44c363..3e987ff 100644 --- a/include/gum/common/gum-group-types.h +++ b/include/gum/common/gum-group-types.h @@ -43,8 +43,10 @@ G_BEGIN_DECLS /** * GumGroupType: * @GUM_GROUPTYPE_NONE: group type not defined/set. - * @GUM_GROUPTYPE_SYSTEM: system group. - * @GUM_GROUPTYPE_USER: normal group. + * @GUM_GROUPTYPE_SYSTEM: system group. Gid will be chosen between + * #GUM_CONFIG_GENERAL_SYS_GID_MIN and #GUM_CONFIG_GENERAL_SYS_GID_MAX + * @GUM_GROUPTYPE_USER: user group. Gid will be chosen between + * #GUM_CONFIG_GENERAL_GID_MIN and #GUM_CONFIG_GENERAL_GID_MAX * * This enumeration lists group types. */ diff --git a/include/gum/common/gum-user-types.h b/include/gum/common/gum-user-types.h index 239029f..647d3e5 100644 --- a/include/gum/common/gum-user-types.h +++ b/include/gum/common/gum-user-types.h @@ -43,17 +43,22 @@ G_BEGIN_DECLS /** * GumUserType: * @GUM_USERTYPE_NONE: user type not defined/set - * @GUM_USERTYPE_SYSTEM: system user. No home directory will be created for - * system user. System user is not able to use login/logout functionality as - * its primary usage is limited to system daemons. + * @GUM_USERTYPE_SYSTEM: no home directory will be created for system user. + * System user is not able to use login/logout functionality as + * its primary usage is limited to system daemons. Uid will be chosen between + * #GUM_CONFIG_GENERAL_SYS_UID_MIN and #GUM_CONFIG_GENERAL_SYS_UID_MAX * @GUM_USERTYPE_ADMIN: admin user is similar to normal user with the addition - * of super user privileges. + * that it will be assigned to admin user groups at the time of account + * creation. Uid will be chosen between #GUM_CONFIG_GENERAL_UID_MIN and + * #GUM_CONFIG_GENERAL_UID_MAX * @GUM_USERTYPE_GUEST: guest user does not need secret/password to login. * Guest user home directory is created with login and cleaned up/destroyed - * when user logs out. + * when user logs out. Uid will be chosen between #GUM_CONFIG_GENERAL_UID_MIN + * and #GUM_CONFIG_GENERAL_UID_MAX * @GUM_USERTYPE_NORMAL: normal user with home directory created based on prefix * #GUM_CONFIG_GENERAL_HOME_DIR_PREF. Contents of #GUM_CONFIG_GENERAL_SKEL_DIR - * are copied to the home directory. + * are copied to the home directory. Uid will be chosen between + * #GUM_CONFIG_GENERAL_UID_MIN and #GUM_CONFIG_GENERAL_UID_MAX * * This enumeration lists users types. */ diff --git a/src/common/gum-config.c b/src/common/gum-config.c index 0d597d5..f159500 100644 --- a/src/common/gum-config.c +++ b/src/common/gum-config.c @@ -102,14 +102,6 @@ struct _GumConfigPrivate G_DEFINE_TYPE (GumConfig, gum_config, G_TYPE_OBJECT); -#define GUM_PASSWD_FILE "/etc/passwd" -#define GUM_SHADOW_FILE "/etc/shadow" -#define GUM_GROUP_FILE "/etc/group" -#define GUM_GSHADOW_FILE "/etc/gshadow" -#define GUM_HOME_DIR_PREFIX "/home" -#define GUM_SKEL_DIR "/etc/skel" -#define GUM_SHELL "/bin/bash" -#define GUM_DEF_GROUPS "users" #define UID_MIN 2000 #define UID_MAX 60000 #define SYS_UID_MIN 200 @@ -497,6 +489,12 @@ gum_config_init ( gum_config_set_string (self, GUM_CONFIG_GENERAL_DEF_USR_GROUPS, GUM_DEF_GROUPS); + gum_config_set_string (self, GUM_CONFIG_GENERAL_DEF_ADMIN_GROUPS, + GUM_DEF_ADMIN_GROUPS); + + gum_config_set_string (self, GUM_CONFIG_GENERAL_ENCRYPT_METHOD, + GUM_ENCRYPT_METHOD); + if (!_load_config (self)) WARN ("load configuration failed, using default settings"); diff --git a/src/common/gum-crypt.c b/src/common/gum-crypt.c index fe6f052..13e8e8b 100644 --- a/src/common/gum-crypt.c +++ b/src/common/gum-crypt.c @@ -39,30 +39,20 @@ * @include: gum/common/gum-crypt.h * * Following code snippets shows how a string can be encrypted with any of the - * encrytpion method listed in #GumCryptMethodID. Moreover, plain and encrypted - * secrets can be compared if needed. + * supported encryption algorithm. Moreover, plain and encrypted secrets can be + * compared if needed. * * |[ - * gchar *pass = gum_crypt_encrypt_secret("pas.-s123", GUM_CRYPT_SHA512); + * gchar *pass = gum_crypt_encrypt_secret("pas.-s123", "SHA512"); * g_free (pass); * - * pass = gum_crypt_encrypt_secret("pass ?()123", GUM_CRYPT_SHA512); + * pass = gum_crypt_encrypt_secret("pass ?()123", "SHA512"); * gum_crypt_cmp_secret("pass ?()123", pass); //should return true. * g_free (pass); * * ]| */ -/** - * GumCryptMethodID: - * @GUM_CRYPT_MD5: MD5 encryption algorithm - * @GUM_CRYPT_SHA256: SHA-256 encryption algorithm - * @GUM_CRYPT_SHA512: SHA-512 encryption algorithm - * @GUM_CRYPT_DES: DES encryption algorithm - * - * This enumeration lists the supported encryption methods. - */ - guchar _salt_chars[64 + 1] = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; @@ -72,7 +62,7 @@ guchar _salt_chars[64 + 1] = gchar * _generate_salt ( - GumCryptMethodID methodid) + const gchar *encryp_algo) { ssize_t bytes_read = 0; gchar salt[SALT_ARRAY_LEN]; @@ -83,23 +73,18 @@ _generate_salt ( if (fd < 0) return NULL; - switch (methodid) { - case GUM_CRYPT_MD5:/* crypt(3) */ + /* crypt(3) */ + if (g_strcmp0 (encryp_algo, "MD5") == 0) { salt[0] = salt[2] = '$'; salt[1] = '1'; - break; - case GUM_CRYPT_SHA256: + } else if (g_strcmp0 (encryp_algo, "SHA256") == 0) { salt[0] = salt[2] = '$'; salt[1] = '5'; - break; - case GUM_CRYPT_SHA512: + } else if (g_strcmp0 (encryp_algo, "SHA512") == 0) { salt[0] = salt[2] = '$'; salt[1] = '6'; - break; - case GUM_CRYPT_DES: - default: + } else { //if (g_strcmp0 (encryp_algo, "DES") == 0) id_len = 0; - break; } bytes_read = read (fd, &salt[id_len], SALT_LEN); @@ -117,19 +102,20 @@ _generate_salt ( /** * gum_crypt_encrypt_secret: * @secret: (transfer none): string to encrypt - * @methodid: #GumCryptMethodID method id + * @encryp_algo: algorithm to be used for encryption. 'MD5', 'SHA256', 'SHA512', + * and 'DES' are supported algorithms. * - * Encrypts the secret with the specified method. + * Encrypts the secret with the specified algorithm @encryp_algo. * * Returns: (transfer full): encrypted secret if successful, NULL otherwise. */ gchar * gum_crypt_encrypt_secret ( const gchar *secret, - GumCryptMethodID methodid) + const gchar *encryp_algo) { gchar *enc_sec = NULL; - gchar *salt = _generate_salt (methodid); + gchar *salt = _generate_salt (encryp_algo); if (!salt) return NULL; enc_sec = g_strdup (crypt (secret, salt)); diff --git a/src/common/gum-file.c b/src/common/gum-file.c index 5617e03..5be1979 100644 --- a/src/common/gum-file.c +++ b/src/common/gum-file.c @@ -74,6 +74,13 @@ */ /** + * FILE: + * + * Data structure that contains information about file stream as defined in + * stdio.h. + */ + +/** * GumOpType: * @GUM_OPTYPE_ADD: add an entry * @GUM_OPTYPE_DELETE: delete an entry @@ -711,8 +718,6 @@ gum_file_create_home_dir ( { gboolean retval = TRUE; gint mode = GUM_PERM & ~umask; - const gchar *skel_dir = NULL; - /* TODO: fix skel directory path */ if (!home_dir) { GUM_RETURN_WITH_ERROR (GUM_ERROR_HOME_DIR_CREATE_FAILURE, @@ -740,10 +745,8 @@ gum_file_create_home_dir ( "Home directory chown failure", error, FALSE); } - if (skel_dir) { - retval = _copy_dir_recursively (skel_dir, home_dir, uid, gid, umask, - error); - } + retval = _copy_dir_recursively (GUM_SKEL_DIR, home_dir, uid, gid, umask, + error); } return retval; diff --git a/src/common/gum.conf.in b/src/common/gum.conf.in index 28caefd..ba663f9 100644 --- a/src/common/gum.conf.in +++ b/src/common/gum.conf.in @@ -10,51 +10,55 @@ # Comma separate listed of groups, which every user (other than system user) # will be added to at the time of user account creation. Default value is: # 'users' -#DEFAULT_USR_GROUPS='users' +#DEFAULT_USR_GROUPS=users + +# Comma separate listed of groups, which admin user will be added to at the +# time of user account creation. Default value is: 'users' +#DEFAULT_ADMIN_GROUPS=users # Path to passwd file which represents user information. Default is # /etc/passwd. More information about the file format can be read at the # manpages for 'passwd'. # Can be overriden in debug builds by setting UM_PASSWD_FILE # environment variable. -#PASSWD_FILE='/etc/passwd' +#PASSWD_FILE=/etc/passwd # Path to shadow file which represents user shadowed password information. # Default is /etc/shadow. More information about the file format can be read # at the manpages for 'shadow'. # Can be overriden in debug builds by setting UM_SHADOW_FILE # environment variable. -#SHADOW_FILE='/etc/shadow' +#SHADOW_FILE=/etc/shadow # Path to group file which represents group information. Default is /etc/group. # More information about the file format can be read at the manpages for # 'group'. # Can be overriden in debug builds by setting UM_GROUP_FILE # environment variable. -#GROUP_FILE='/etc/group' +#GROUP_FILE=/etc/group # Path to group file which represents shadowed group information. # Default is /etc/gshadow. More information about the file format can be read # at the manpages for 'gshadow'. # Can be overriden in debug builds by setting UM_GSHADOW_FILE # environment variable. -#GSHADOW_FILE='/etc/gshadow' +#GSHADOW_FILE=/etc/gshadow # Prefix to be used when creating home directory for the user. For example, # with prefix '/home', user 'newu' home directory will be created as # '/home/newu'. Default value is '/home' # Can be overriden in debug builds by setting UM_HOMEDIR_PREFIX # environment variable. -#HOME_DIR='/home' +#HOME_DIR=/home # Path to user shell executable. Default value is '/bin/bash' -#SHELL='/bin/bash' +#SHELL=/bin/bash # Path to skeleton folder. When new users are created, contents of the skel # folder is copied to user home directory. Default value is '/etc/skel' # Can be overriden in debug builds by setting UM_SKEL_DIR # environment variable. -#SKEL_DIR='/etc/skel' +#SKEL_DIR=/etc/skel # Minimum value for the automatic uid selection. Default value is: 2000 #UID_MIN=2000 @@ -99,6 +103,10 @@ # Default value is: 022 #UMASK=022 +# Value used to set the encryption algorithm. Default +# value is: 'SHA512' (other supported options are: 'MD5', 'SHA256', 'DES') +#ENCRYPT_METHOD=SHA512 + # # D-Bus related settings. # @@ -107,12 +115,12 @@ # Timeout in seconds for the daemon. Daemon will exit after specified idle time. # If not set (or set to 0), the daemon will not exit. Has no effect if P2P DBus # is in use. -#DAEMON_TIMEOUT = 5 +#DAEMON_TIMEOUT=7 # Timeout in seconds for user dbus objects. If not set (or set to 0), the dbus # objects will persist -#USER_TIMEOUT = 5 +#USER_TIMEOUT=5 # Timeout in seconds for group dbus objects. If not set (or set to 0), the dbus # objects will persist -#GROUP_TIMEOUT = 5 +#GROUP_TIMEOUT=5 diff --git a/src/daemon/gumd-daemon-group.c b/src/daemon/gumd-daemon-group.c index 6308247..b47f84e 100644 --- a/src/daemon/gumd-daemon-group.c +++ b/src/daemon/gumd-daemon-group.c @@ -593,7 +593,8 @@ _set_secret ( pwd_len = strlen(self->priv->group->gr_passwd); self->priv->gshadow->sg_passwd = gum_crypt_encrypt_secret ( - self->priv->group->gr_passwd, GUM_CRYPT_SHA512); + self->priv->group->gr_passwd, gum_config_get_string ( + self->priv->config, GUM_CONFIG_GENERAL_ENCRYPT_METHOD)); if (!self->priv->gshadow->sg_passwd) { GUM_RETURN_WITH_ERROR (GUM_ERROR_GROUP_SECRET_ENCRYPT_FAILURE, "Secret encryption failed.", error, FALSE); diff --git a/src/daemon/gumd-daemon-user.c b/src/daemon/gumd-daemon-user.c index d99ba53..4999a78 100644 --- a/src/daemon/gumd-daemon-user.c +++ b/src/daemon/gumd-daemon-user.c @@ -795,7 +795,8 @@ _set_secret ( * login name. */ self->priv->shadow->sp_pwdp = gum_crypt_encrypt_secret ( - self->priv->pw->pw_passwd, GUM_CRYPT_SHA512); + self->priv->pw->pw_passwd, gum_config_get_string ( + self->priv->config, GUM_CONFIG_GENERAL_ENCRYPT_METHOD)); if (!self->priv->shadow->sp_pwdp) { GUM_RETURN_WITH_ERROR (GUM_ERROR_USER_SECRET_ENCRYPT_FAILURE, "Secret encryption failed.", error, FALSE); @@ -1110,8 +1111,13 @@ _set_default_groups ( if (self->priv->user_type == GUM_USERTYPE_SYSTEM) return TRUE; - def_groupsv = g_strsplit (gum_config_get_string (self->priv->config, - GUM_CONFIG_GENERAL_DEF_USR_GROUPS), ",", -1); + if (self->priv->user_type == GUM_USERTYPE_ADMIN) + def_groupsv = g_strsplit (gum_config_get_string (self->priv->config, + GUM_CONFIG_GENERAL_DEF_ADMIN_GROUPS), ",", -1); + else + def_groupsv = g_strsplit (gum_config_get_string (self->priv->config, + GUM_CONFIG_GENERAL_DEF_USR_GROUPS), ",", -1); + if (def_groupsv) { gint ind = 0; diff --git a/src/daemon/gumd-daemon.c b/src/daemon/gumd-daemon.c index 38679f6..9ffbf2e 100644 --- a/src/daemon/gumd-daemon.c +++ b/src/daemon/gumd-daemon.c @@ -244,26 +244,12 @@ gumd_daemon_class_init ( G_TYPE_UINT); } -/** - * gumd_daemon_new: - * - * Returns: (transfer full): newly created object of type #GumdDaemon - */ GumdDaemon * gumd_daemon_new () { return GUMD_DAEMON (g_object_new (GUMD_TYPE_DAEMON, NULL)); } -/** - * gumd_daemon_get_timeout: - * - * @self: instance of #GumdDaemon - * - * Get the daemon timeout value - * - * Returns: the timeout value - */ guint gumd_daemon_get_timeout ( GumdDaemon *self) @@ -272,15 +258,6 @@ gumd_daemon_get_timeout ( GUM_CONFIG_DBUS_DAEMON_TIMEOUT, 0); } -/** - * gumd_daemon_get_config: - * - * @self: instance of #GumdDaemon - * - * Retrieves config object. - * - * Returns: (transfer none): config object of type #GumConfig - */ GumConfig * gumd_daemon_get_config ( GumdDaemon *self) diff --git a/test/common/commontest.c b/test/common/commontest.c index 4747be9..508a683 100644 --- a/test/common/commontest.c +++ b/test/common/commontest.c @@ -742,37 +742,37 @@ START_TEST (test_crypt) DBG(""); gchar *pass = NULL; - pass = gum_crypt_encrypt_secret("", GUM_CRYPT_DES); + pass = gum_crypt_encrypt_secret("", "DES"); fail_if (pass == NULL); fail_if (strlen (pass) != 13); /*crypt(3)*/ g_free (pass); - pass = gum_crypt_encrypt_secret("pass123", GUM_CRYPT_DES); + pass = gum_crypt_encrypt_secret("pass123", "DES"); fail_if (pass == NULL); fail_if (strlen (pass) != 13); /*crypt(3)*/ g_free (pass); - pass = gum_crypt_encrypt_secret("pas¤$s123", GUM_CRYPT_MD5); + pass = gum_crypt_encrypt_secret("pas¤$s123", "MD5"); fail_if (pass == NULL); fail_unless (strlen (pass) >= (3+9+22)); /*crypt(3)*/ g_free (pass); - pass = gum_crypt_encrypt_secret("pass{123", GUM_CRYPT_SHA256); + pass = gum_crypt_encrypt_secret("pass{123", "SHA256"); fail_if (pass == NULL); fail_unless (strlen (pass) >= (3+9+43)); /*crypt(3)*/ g_free (pass); - pass = gum_crypt_encrypt_secret("pas.-s123", GUM_CRYPT_SHA512); + pass = gum_crypt_encrypt_secret("pas.-s123", "SHA512"); fail_if (pass == NULL); fail_unless (strlen (pass) >= (3+9+86)); /*crypt(3)*/ g_free (pass); - pass = gum_crypt_encrypt_secret("", GUM_CRYPT_SHA512); + pass = gum_crypt_encrypt_secret("", "SHA512"); fail_if (pass == NULL); fail_unless (strlen (pass) >= (3+9+86)); /*crypt(3)*/ g_free (pass); - pass = gum_crypt_encrypt_secret("pass ?()#123", GUM_CRYPT_SHA512); + pass = gum_crypt_encrypt_secret("pass ?()#123", "SHA512"); fail_if (pass == NULL); fail_unless (strlen (pass) >= (3+9+86)); /*crypt(3)*/ diff --git a/test/daemon/daemon-test.c b/test/daemon/daemon-test.c index c3d904c..a952642 100644 --- a/test/daemon/daemon-test.c +++ b/test/daemon/daemon-test.c @@ -396,8 +396,7 @@ START_TEST (test_daemon_user) gchar *hdir = NULL; struct stat sb; - gchar *encr_secret = gum_crypt_encrypt_secret ("pass123", - GUM_CRYPT_SHA512); + gchar *encr_secret = gum_crypt_encrypt_secret ("pass123", "SHA512"); GumConfig* config = gum_config_new (); fail_if(config == NULL); @@ -1135,8 +1134,7 @@ START_TEST (test_daemon_group) uid_t uid = 0; gchar *str = NULL; - gchar *encr_secret = gum_crypt_encrypt_secret ("grouppass123", - GUM_CRYPT_SHA512); + gchar *encr_secret = gum_crypt_encrypt_secret ("grouppass123", "SHA512"); GumConfig* config = gum_config_new (); fail_if(config == NULL); diff --git a/test/data/gum-test.conf b/test/data/gum-test.conf index 2f3feca..1f01b52 100644 --- a/test/data/gum-test.conf +++ b/test/data/gum-test.conf @@ -1,5 +1,5 @@ # -# Test configuration for gumd. +# gumd Configuration file. # # @@ -7,18 +7,120 @@ # [General] -# Default user group. 'users' is default user group unless specified. +# Comma separate listed of groups, which every user (other than system user) +# will be added to at the time of user account creation. Default value is: +# 'users' DEFAULT_USR_GROUPS=users -# If DIR_MODE is set, directories will be created with the specified -# mode. Otherwise the default mode 0755 will be used. -#DIR_MODE=0755 +# Comma separate listed of groups, which admin user will be added to at the +# time of user account creation. Default value is: 'users' +#DEFAULT_ADMIN_GROUPS=users + +# Path to passwd file which represents user information. Default is +# /etc/passwd. More information about the file format can be read at the +# manpages for 'passwd'. +# Can be overriden in debug builds by setting UM_PASSWD_FILE +# environment variable. +#PASSWD_FILE=/etc/passwd + +# Path to shadow file which represents user shadowed password information. +# Default is /etc/shadow. More information about the file format can be read +# at the manpages for 'shadow'. +# Can be overriden in debug builds by setting UM_SHADOW_FILE +# environment variable. +#SHADOW_FILE=/etc/shadow + +# Path to group file which represents group information. Default is /etc/group. +# More information about the file format can be read at the manpages for +# 'group'. +# Can be overriden in debug builds by setting UM_GROUP_FILE +# environment variable. +#GROUP_FILE=/etc/group + +# Path to group file which represents shadowed group information. +# Default is /etc/gshadow. More information about the file format can be read +# at the manpages for 'gshadow'. +# Can be overriden in debug builds by setting UM_GSHADOW_FILE +# environment variable. +#GSHADOW_FILE=/etc/gshadow + +# Prefix to be used when creating home directory for the user. For example, +# with prefix '/home', user 'newu' home directory will be created as +# '/home/newu'. Default value is '/home' +# Can be overriden in debug builds by setting UM_HOMEDIR_PREFIX +# environment variable. +#HOME_DIR=/home + +# Path to user shell executable. Default value is '/bin/bash' +#SHELL=/bin/bash + +# Path to skeleton folder. When new users are created, contents of the skel +# folder is copied to user home directory. Default value is '/etc/skel' +# Can be overriden in debug builds by setting UM_SKEL_DIR +# environment variable. +#SKEL_DIR=/etc/skel + +# Minimum value for the automatic uid selection. Default value is: 2000 +#UID_MIN=2000 + +# Maximum value for the automatic uid selection. Default value is: 60000 +#UID_MAX=60000 + +# Minimum value for the automatic uid selection for system user. Default +# value is: 200 +#SYS_UID_MIN=200 + +# Maximum value for the automatic uid selection for system user. Default value +# is: 999 +#SYS_UID_MAX=999 + +# Minimum value for the automatic gid selection. Default value is: 2000 +#GID_MIN=2000 + +# Maximum value for the automatic gid selection. Default value is: 60000 +#GID_MAX=60000 + +# Minimum value for the automatic gid selection for system user. Default value +# is: 200 +#SYS_GID_MIN=200 + +# Maximum value for the automatic gid selection for system user. Default value +# is: 999 +#SYS_GID_MAX=999 + +# Minimum number of days a password may be used. Default value is: 0 +#PASS_MIN_DAYS=0 + +# Maximum number of days allowed between password changes. Default value is: +# 99999 +#PASS_MAX_DAYS=99999 + +# Number of days warning given before a password expires. Default value is: +# 7 +#PASS_WARN_AGE=7 + +# Value used to set the mode of home directories created for new users. +# Default value is: 022 +#UMASK=022 + +# Value used to set the encryption algorithm. Default +# value is: 'SHA512' (other supported options are: 'MD5', 'SHA256', 'DES') +#ENCRYPT_METHOD=SHA512 # # D-Bus related settings. # [ObjectTimeouts] -# Timeout for the daemon. Daemon will exit after specified idle time. -DAEMON_TIMEOUT = 7 -# +# Timeout in seconds for the daemon. Daemon will exit after specified idle time. +# If not set (or set to 0), the daemon will not exit. Has no effect if P2P DBus +# is in use. +DAEMON_TIMEOUT=7 + +# Timeout in seconds for user dbus objects. If not set (or set to 0), the dbus +# objects will persist +#USER_TIMEOUT=5 + +# Timeout in seconds for group dbus objects. If not set (or set to 0), the dbus +# objects will persist +#GROUP_TIMEOUT=5