Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / e12496571e25422f0c69c89a67c85c0b4fc84c40 / . / tools / create-stack-user.sh
blob: cb8d7aa328830cd07f98c5f006cfeaf1285f6cd7 [file] [log] [blame]
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]1#!/usr/bin/env bash
2
3# **create-stack-user.sh**
4
5# Create a user account suitable for running DevStack
6# - create a group named $STACK_USER if it does not exist
7# - create a user named $STACK_USER if it does not exist
Adam Spierscb961592013-10-05 12:11:07 +0100[diff] [blame]8#
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]9# - home is $DEST
Adam Spierscb961592013-10-05 12:11:07 +0100[diff] [blame]10#
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]11# - configure sudo for $STACK_USER
12
13# ``stack.sh`` was never intended to run as root. It had a hack to do what is
14# now in this script and re-launch itself, but that hack was less than perfect
15# and it was time for this nonsense to stop. Run this script as root to create
16# the user and configure sudo.
17
Jim Rollenhagen010959d2014-02-18 13:17:58 -0600[diff] [blame]18set -o errexit
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]19
Dean Troyerdc97cb72015-03-28 08:20:50 -0500[diff] [blame]20# Keep track of the DevStack directory
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]21TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
22
23# Import common functions
24source $TOP_DIR/functions
25
26# Determine what system we are running on. This provides ``os_VENDOR``,
Ian Wienand7710e7f2014-08-27 16:15:32 +1000[diff] [blame]27# ``os_RELEASE``, ``os_PACKAGE``, ``os_CODENAME``
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]28# and ``DISTRO``
29GetDistro
30
Jim Rollenhagen010959d2014-02-18 13:17:58 -0600[diff] [blame]31# Needed to get ``ENABLED_SERVICES`` and ``STACK_USER``
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]32source $TOP_DIR/stackrc
33
34# Give the non-root user the ability to run as **root** via ``sudo``
Alex Monk5e2d0e02019-06-04 01:21:44 +0100[diff] [blame]35is_package_installed sudo || is_package_installed sudo-ldap || install_package sudo
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]36
Jim Rollenhagen010959d2014-02-18 13:17:58 -0600[diff] [blame]37[[ -z "$STACK_USER" ]] && die "STACK_USER is not set. Exiting."
38
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]39if ! getent group $STACK_USER >/dev/null; then
40 echo "Creating a group called $STACK_USER"
41 groupadd $STACK_USER
42fi
43
44if ! getent passwd $STACK_USER >/dev/null; then
45 echo "Creating a user called $STACK_USER"
46 useradd -g $STACK_USER -s /bin/bash -d $DEST -m $STACK_USER
yatinkarelc64ea4f2022-04-20 12:30:09 +0530[diff] [blame]47 # RHEL based distros create home dir with 700 permissions,
48 # And Ubuntu 21.04+ with 750, i.e missing executable
49 # permission for either group or others
50 # Devstack deploy will have issues with this, fix it by
51 # adding executable permission
52 if [[ $(stat -c '%A' $DEST|grep -o x|wc -l) -lt 3 ]]; then
53 echo "Executable permission missing for $DEST, adding it"
54 chmod +x $DEST
55 fi
Dean Troyer23f69d82013-10-04 12:35:24 -0500[diff] [blame]56fi
57
58echo "Giving stack user passwordless sudo privileges"
59# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
60grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
61 echo "#includedir /etc/sudoers.d" >> /etc/sudoers
62( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \
63 > /etc/sudoers.d/50_stack_sh )