run_parts for groupadd and groupdel
run_parts currently exists in useradd and userdel, this commit mirrors
the functionality with groupadd and groupdel
Hook for group{add,del} to include killing processes that have group
membership that would no longer exist to avoid membership ID reuse.
This commit is contained in:
ed neville
Serge Hallyn
parent
15a64f9e7f
commit
4e1f674c41
26
etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh
Normal file
26
etc/shadow-maint/groupdel-pre.d/01-kill_group_procs.sh
Normal file
@ -0,0 +1,26 @@
|
||||
#!/bin/sh
|
||||
|
||||
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
|
||||
GROUPID=`awk -F: '$1 == "'"${SUBJECT}"'" { print $3 }' /etc/group`
|
||||
|
||||
if [ "${GROUPID}" = "" ]; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
for status in /proc/*/status; do
|
||||
# either this isn't a process or its already dead since expanding the list
|
||||
[ -f "$status" ] || continue
|
||||
|
||||
tbuf=${status%/status}
|
||||
pid=${tbuf#/proc/}
|
||||
case "$pid" in
|
||||
"$$") continue;;
|
||||
[0-9]*) :;;
|
||||
*) continue
|
||||
esac
|
||||
|
||||
grep -q '^Groups:.*\b'"${GROUPID}"'\b.*' "/proc/$pid/status" || continue
|
||||
|
||||
kill -9 "$pid" || echo "cannot kill $pid" 1>&2
|
||||
done
|
||||
|
||||
@ -34,6 +34,7 @@
|
||||
#include "sgroupio.h"
|
||||
#endif
|
||||
#include "shadowlog.h"
|
||||
#include "run_part.h"
|
||||
|
||||
/*
|
||||
* exit status values
|
||||
@ -603,6 +604,11 @@ int main (int argc, char **argv)
|
||||
|
||||
check_perms ();
|
||||
|
||||
if (run_parts ("/etc/shadow-maint/groupadd-pre.d", group_name,
|
||||
"groupadd")) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
#ifdef SHADOWGRP
|
||||
is_shadow_grp = sgr_file_present ();
|
||||
#endif
|
||||
@ -621,6 +627,11 @@ int main (int argc, char **argv)
|
||||
|
||||
grp_update ();
|
||||
close_files ();
|
||||
if (run_parts ("/etc/shadow-maint/groupadd-post.d", group_name,
|
||||
"groupadd")) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
|
||||
nscd_flush_cache ("group");
|
||||
sssd_flush_cache (SSSD_DB_GROUP);
|
||||
|
||||
@ -32,6 +32,7 @@
|
||||
#include "sgroupio.h"
|
||||
#endif
|
||||
#include "shadowlog.h"
|
||||
#include "run_part.h"
|
||||
/*
|
||||
* Global variables
|
||||
*/
|
||||
@ -461,6 +462,11 @@ int main (int argc, char **argv)
|
||||
group_busy (group_id);
|
||||
}
|
||||
|
||||
if (run_parts ("/etc/shadow-maint/groupdel-pre.d", group_name,
|
||||
"groupdel")) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
/*
|
||||
* Do the hard stuff - open the files, delete the group entries,
|
||||
* then close and update the files.
|
||||
@ -471,6 +477,11 @@ int main (int argc, char **argv)
|
||||
|
||||
close_files ();
|
||||
|
||||
if (run_parts ("/etc/shadow-maint/groupdel-post.d", group_name,
|
||||
"groupdel")) {
|
||||
exit(1);
|
||||
}
|
||||
|
||||
nscd_flush_cache ("group");
|
||||
sssd_flush_cache (SSSD_DB_GROUP);
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user