App-Yabsm
view release on metacpan or search on metacpan
lib/App/Yabsm/Command/Daemon.pm view on Meta::CPAN
if ($force || all_ssh_backups($config_ref)) {
my $yabsm_uid = getpwnam('yabsm') or confess(q(yabsm: internal error: cannot find user named 'yabsm'));
my $yabsm_gid = getgrnam('yabsm') or confess(q(yabsm: internal error: cannot find group named 'yabsm'));
unless (POSIX::getuid() == $yabsm_uid && POSIX::getgid() == $yabsm_gid) {
my $username = getpwuid POSIX::getuid();
my $groupname = getgrgid POSIX::getgid();
confess "yabsm: internal error: expected to be running as user and group yabsm but instead running as user '$username' and group '$groupname'";
}
my $yabsm_user_home = yabsm_user_home($config_ref);
my $ssh_dir = "$yabsm_user_home/.ssh";
my $priv_key = "$ssh_dir/id_ed25519";
my $pub_key = "$ssh_dir/id_ed25519.pub";
unless (-f $priv_key && -f $pub_key) {
system_or_die('ssh-keygen', '-t', 'ed25519', '-f', $priv_key, '-N', '');
chown $yabsm_uid, $yabsm_gid, $priv_key, $pub_key;
chmod 0600, $priv_key;
chmod 0644, $pub_key;
}
return 1;
}
return 0;
}
sub add_yabsm_user_btrfs_sudoer_rule {
# Add sudoer rule to '/etc/sudoers.d/yabsm-btrfs' to grant the 'yabsm' user
# sudo access to btrfs-progs.
arg_count_or_die(0, 0, @_);
i_am_root_or_die();
my $file = '/etc/sudoers.d/yabsm-btrfs';
unless (-f $file) {
my $btrfs_bin = `which btrfs 2>/dev/null`
or confess('yabsm: internal error: btrfs-progs not in root users path');
my $sudoer_rule = "yabsm ALL=(root) NOPASSWD $btrfs_bin";
open my $fh, '>', $file
or confess("yabsm: internal error: could not open '$file' for writing");
print $fh $sudoer_rule;
close $fh
}
return $file;
}
sub create_yabsm_user_and_group {
# Create a locked-user and group named 'yabsm' if they do not already exist.
arg_count_or_die(1, 1, @_);
my $config_ref = shift;
i_am_root_or_die();
unless (yabsm_user_exists()) {
system_or_die('useradd', '-m', '-d', yabsm_user_home($config_ref), '-s', '/bin/sh', '-k', '/dev/null', 'yabsm');
system_or_die('passwd', '--lock', 'yabsm');
}
unless (yabsm_group_exists()) {
system_or_die('groupadd', 'yabsm');
}
# The yabsm users home dir must be reinitialized in case the user changed
# their yabsm_dir since the last time we ran the daemon.
system_or_die('usermod', '-m', '-d', yabsm_user_home($config_ref), 'yabsm');
my $yabsm_uid = getpwnam('yabsm');
my $yabsm_gid = getgrnam('yabsm');
return wantarray ? ($yabsm_uid, $yabsm_gid) : 1;
}
sub yabsm_user_exists {
# Return 1 if there exists a locked user on the system named 'yabsm'.
arg_count_or_die(0, 0, @_);
i_am_root_or_die();
unless (0 == system('getent passwd yabsm >/dev/null 2>&1')) {
return 0;
}
unless ('L' eq (split ' ', `passwd -S yabsm`)[1]) {
die q(yabsm: error: found non-locked user named 'yabsm')."\n";
}
return 1;
}
sub yabsm_group_exists {
# Return 1 if there exists on the system a user and group named 'yabsm' and
# return 0 otherwise.
arg_count_or_die(0, 0, @_);
return 0+(0 == system('getent group yabsm >/dev/null 2>&1'));
}
1;
( run in 0.543 second using v1.01-cache-2.11-cpan-56fb94df46f )