Class: DanarchyDeploy::Users

Inherits:

Object

• Object
• DanarchyDeploy::Users

Defined in:

lib/danarchy_deploy/users.rb

Class Method Summary

• .add_to_group(user, options) ⇒ Object
• .authorized_keys(user) ⇒ Object
• .checkgroups(usercheck_result, user, options) ⇒ Object
• .new(deployment, options) ⇒ Object
• .remove_from_group(user, group, options) ⇒ Object
• .sudoer(user) ⇒ Object
• .updategroups(user, options) ⇒ Object
• .useradd(user, options) ⇒ Object
• .usercheck(user, options) ⇒ Object
• .userdel(user, options) ⇒ Object

Class Method Details

.add_to_group(user, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 102

def self.add_to_group(user, options)
  groups = user[:groups].join(',')
  groupadd_cmd = "usermod #{user[:username]} --groups #{groups} --append"
  DanarchyDeploy::Helpers.run_command(groupadd_cmd, options)
end

.authorized_keys(user) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 114

def self.authorized_keys(user)
  ssh_path = user[:home] + '/.ssh'
  authkeys = ssh_path + '/authorized_keys'

  Dir.exist?(ssh_path) || Dir.mkdir(ssh_path, 0700)
  File.chown(user[:uid], user[:gid], ssh_path)
  File.open(authkeys, 'a+') do |f|
    contents = f.read
    user[:authorized_keys].each do |authkey|
      if contents.include?(authkey)
        puts "   - Key already in place: #{authkey}"
      else
        puts "   + Adding authorized_key: #{authkey}"
        f.puts authkey
      end
    end

    f.chown(user[:uid], user[:gid])
    f.close
  end
end

.checkgroups(usercheck_result, user, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 89

def self.checkgroups(usercheck_result, user, options)
  return nil if !usercheck_result[:stdout]
  livegroups = usercheck_result[:stdout].split(/\s+/).last.split('=').last.gsub(/\(([^)]*)\)/, '').split(',').map(&:to_i)
  livegroups.delete(user[:gid])
  livegroups.sort == user[:groups].sort
end

.new(deployment, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 4

def self.new(deployment, options)
  puts "\n" + self.name
  (useradd_result, userdel_result, archives_result) = nil

  deployment[:users].each do |username, user|
    user[:username] = username.to_s
    puts "\n > Checking if user '#{user[:username]}' already exists."
    usercheck_result = usercheck(user, options)

    if usercheck_result[:stdout]
      puts "   - User: #{user[:username]} already exists!"
    else
      group = { groupname: user[:username] }
      group[:gid] = user[:gid] ? user[:gid] : nil
      group[:system] = user[:system] ? user[:system] : nil

      groupcheck_result = DanarchyDeploy::Groups.groupcheck(group, options)
      if !groupcheck_result[:stdout] && group[:gid]
        puts "   |+ Adding group: #{group[:groupname]}"
        DanarchyDeploy::Groups.groupadd(group, options)
      end

      puts "   |+ Adding user: #{user[:username]}"
      useradd_result = useradd(user, options)
      File.chmod(0750, user[:home]) if Dir.exist?(user[:home])
    end

    if !options[:pretend]
      puts "\n > Checking groups for user: #{user[:username]}"
      if user[:groups] && checkgroups(usercheck_result, user, options) == false
        updategroups(user, options)
        puts "   |+ Updated groups: #{user[:groups].join(',')}"
      else
        puts "   - No change to groups needed."
      end

      if user[:authorized_keys]
        puts "\n > Checking on #{user[:authorized_keys].count} authorized_keys for user: #{user[:username]}"
        authorized_keys(user)
      end
      
      if user[:sudoer]
        puts "\n > Checking sudo rules for user: #{user[:username]}"
        sudoer(user)
      end
    end

    if user[:applications]
      puts "\n > Checking #{user[:username]}'s applications."
      user = DanarchyDeploy::Applicator.new(deployment[:os], user, options)
    end

    user.delete(:username)
  end

  # [useradd_result, userdel_result]
  deployment
end

.remove_from_group(user, group, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 108

def self.remove_from_group(user, group, options)
  groups = user[:groups].join(',')
  removegroup_cmd = "gpasswd --remove #{user[:username]} #{group}"
  DanarchyDeploy::Helpers.run_command(removegroup_cmd, options)
end

.sudoer(user) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 136

def self.sudoer(user)
  sudoer_file = '/etc/sudoers.d/danarchy_deploy-' + user[:username]
  File.open(sudoer_file, 'a+') do |f|
    if !f.read.include?(user[:sudoer])
      puts "   |+ Added: '#{user[:sudoer]}'"
      f.puts user[:sudoer]
    else
      puts '   - No change needed'
    end

    f.close
  end
end

.updategroups(user, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 96

def self.updategroups(user, options)
  groups = user[:groups].join(',')
  groupupdate_cmd = "usermod #{user[:username]} --groups #{groups}"
  DanarchyDeploy::Helpers.run_command(groupupdate_cmd, options)
end

.useradd(user, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 64

def self.useradd(user, options)
  useradd_cmd  = "useradd #{user[:username]} "
  useradd_cmd += "--home-dir #{user[:home]} " if user[:home]
  useradd_cmd += "--create-home " if !Dir.exist?(user[:home])
  useradd_cmd += "--uid #{user[:uid]} " if user[:uid]
  useradd_cmd += "--gid #{user[:gid]} " if user[:gid]
  useradd_cmd += "--groups #{user[:groups].join(',')} " if user[:groups]
  useradd_cmd += "--shell /sbin/nologin " if user[:nologin]
  useradd_cmd += "--system " if user[:system]
  DanarchyDeploy::Helpers.run_command(useradd_cmd, options)
end

.usercheck(user, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 85

def self.usercheck(user, options)
  DanarchyDeploy::Helpers.run_command("id #{user[:username]}", options)
end

.userdel(user, options) ⇒ Object

# File 'lib/danarchy_deploy/users.rb', line 76

def self.userdel(user, options)
  userdel_cmd  = "userdel --remove #{user[:username]}"
  if options[:pretend]
    puts "\tFake run: #{userdel_cmd}"
  else
    DanarchyDeploy::Helpers.run_command(userdel_cmd, options)
  end
end