Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 23f69d83e5564ece0308535117cc6d224fcc3557^! / . / tools / create-stack-user.sh
commit23f69d83e5564ece0308535117cc6d224fcc3557[log] [tgz]
authorDean Troyer <dtroyer@gmail.com>Fri Oct 04 12:35:24 2013 -0500
committerDean Troyer <dtroyer@gmail.com>Fri Oct 04 16:36:00 2013 -0500
tree80f8bd2c66f4a44dd0310dcc370fd4dca94e095e
parentaf2b982842c79e8d7f320893d4d2552b3adeb114 [diff] [blame]
Split the creation of $STACK_USER account out of stack.sh

Automatically creating a new user account is not always the right course
of action when stack.sh is running as root.  Plus, the re-exec did not
work correctly in some cases.

* Create tools/create-stack-user.sh to set up a suitable user
  for running DevStack
* Abort stack.sh and unstack.sh if running as root and suggest creating a
  suitable user account.

Change-Id: I5d967c00c89f32e861449234ea8fe19261cd9ae3

diff --git a/tools/create-stack-user.sh b/tools/create-stack-user.sh
new file mode 100644
index 0000000..2251d1e
--- /dev/null
+++ b/tools/create-stack-user.sh

@@ -0,0 +1,49 @@
+#!/usr/bin/env bash
+
+# **create-stack-user.sh**
+
+# Create a user account suitable for running DevStack
+# - create a group named $STACK_USER if it does not exist
+# - create a user named $STACK_USER if it does not exist
+#   - home is $DEST
+# - configure sudo for $STACK_USER
+
+# ``stack.sh`` was never intended to run as root.  It had a hack to do what is
+# now in this script and re-launch itself, but that hack was less than perfect
+# and it was time for this nonsense to stop.  Run this script as root to create
+# the user and configure sudo.
+
+
+# Keep track of the devstack directory
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
+
+# Import common functions
+source $TOP_DIR/functions
+
+# Determine what system we are running on.  This provides ``os_VENDOR``,
+# ``os_RELEASE``, ``os_UPDATE``, ``os_PACKAGE``, ``os_CODENAME``
+# and ``DISTRO``
+GetDistro
+
+# Needed to get ``ENABLED_SERVICES``
+source $TOP_DIR/stackrc
+
+# Give the non-root user the ability to run as **root** via ``sudo``
+is_package_installed sudo || install_package sudo
+
+if ! getent group $STACK_USER >/dev/null; then
+    echo "Creating a group called $STACK_USER"
+    groupadd $STACK_USER
+fi
+
+if ! getent passwd $STACK_USER >/dev/null; then
+    echo "Creating a user called $STACK_USER"
+    useradd -g $STACK_USER -s /bin/bash -d $DEST -m $STACK_USER
+fi
+
+echo "Giving stack user passwordless sudo privileges"
+# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
+grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
+    echo "#includedir /etc/sudoers.d" >> /etc/sudoers
+( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \
+    > /etc/sudoers.d/50_stack_sh )