mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-24 06:59:40 -05:00
AB#2222 replace unlicensed passwd package with own implementation
This commit is contained in:
parent
f57a7e3ed0
commit
48d614c959
@ -208,10 +208,10 @@ func TestDeployKeys(t *testing.T) {
|
||||
assert.True(ok)
|
||||
|
||||
// Check if user has been recreated with correct UID/GID
|
||||
actualUID, err := strconv.Atoi(userEntry.Uid)
|
||||
actualUID, err := strconv.Atoi(userEntry.UID)
|
||||
assert.NoError(err)
|
||||
assert.EqualValues(tc.existingUsers[user].UID, actualUID)
|
||||
actualGID, err := strconv.Atoi(userEntry.Gid)
|
||||
actualGID, err := strconv.Atoi(userEntry.GID)
|
||||
assert.NoError(err)
|
||||
assert.EqualValues(tc.existingUsers[user].GID, actualGID)
|
||||
|
||||
@ -288,10 +288,10 @@ func TestEvictRootKey(t *testing.T) {
|
||||
assert.True(ok)
|
||||
|
||||
// Check if user has been recreated with correct UID/GID
|
||||
actualUID, err := strconv.Atoi(userEntry.Uid)
|
||||
actualUID, err := strconv.Atoi(userEntry.UID)
|
||||
assert.NoError(err)
|
||||
assert.EqualValues(0, actualUID)
|
||||
actualGID, err := strconv.Atoi(userEntry.Gid)
|
||||
actualGID, err := strconv.Atoi(userEntry.GID)
|
||||
assert.NoError(err)
|
||||
assert.EqualValues(0, actualGID)
|
||||
|
||||
|
1
go.mod
1
go.mod
@ -81,7 +81,6 @@ require (
|
||||
github.com/spf13/cobra v1.5.0
|
||||
github.com/stretchr/testify v1.7.1
|
||||
github.com/talos-systems/talos/pkg/machinery v1.0.4
|
||||
github.com/willdonnelly/passwd v0.0.0-20141013001024-7935dab3074c
|
||||
go.uber.org/goleak v1.1.12
|
||||
go.uber.org/multierr v1.8.0
|
||||
go.uber.org/zap v1.21.0
|
||||
|
2
go.sum
2
go.sum
@ -1445,8 +1445,6 @@ github.com/vishvananda/netns v0.0.0-20191106174202-0a2b9b5464df/go.mod h1:JP3t17
|
||||
github.com/vishvananda/netns v0.0.0-20200728191858-db3c7e526aae/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
|
||||
github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f/go.mod h1:DD4vA1DwXk04H54A1oHXtwZmA0grkVMdPxx/VGLCah0=
|
||||
github.com/vmware/govmomi v0.20.3/go.mod h1:URlwyTFZX72RmxtxuaFL2Uj3fD1JTvZdx59bHWk6aFU=
|
||||
github.com/willdonnelly/passwd v0.0.0-20141013001024-7935dab3074c h1:4+NVyrLUuEmvE3r3Xst7gPuKhAP6X04ACpMmPvtK0M0=
|
||||
github.com/willdonnelly/passwd v0.0.0-20141013001024-7935dab3074c/go.mod h1:xcvfY9pOw6s4wyrhilFSbMthL6KzgrfCIETHHUOQ/fQ=
|
||||
github.com/willf/bitset v1.1.11-0.20200630133818-d5bec3311243/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
|
||||
github.com/willf/bitset v1.1.11/go.mod h1:83CECat5yLh5zVOf4P1ErAgKA5UDvKtgyUABdr3+MjI=
|
||||
github.com/xanzy/go-gitlab v0.31.0/go.mod h1:sPLojNBn68fMUWSxIJtdVVIP8uSBYqesTfDUseX11Ug=
|
||||
|
@ -32,9 +32,7 @@ replace (
|
||||
k8s.io/sample-controller => k8s.io/sample-controller v0.24.0
|
||||
)
|
||||
|
||||
replace (
|
||||
github.com/edgelesssys/constellation => ./..
|
||||
)
|
||||
replace github.com/edgelesssys/constellation => ./..
|
||||
|
||||
require (
|
||||
github.com/edgelesssys/constellation v1.0.0
|
||||
@ -56,7 +54,6 @@ require (
|
||||
github.com/emirpasic/gods v1.12.0 // indirect
|
||||
github.com/go-git/gcfg v1.5.0 // indirect
|
||||
github.com/go-git/go-billy/v5 v5.3.1 // indirect
|
||||
github.com/icholy/replace v0.5.0 // indirect
|
||||
github.com/imdario/mergo v0.3.12 // indirect
|
||||
github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
|
||||
github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 // indirect
|
||||
@ -145,7 +142,6 @@ require (
|
||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||
github.com/spf13/pflag v1.0.5 // indirect
|
||||
github.com/talos-systems/talos/pkg/machinery v1.0.4 // indirect
|
||||
github.com/willdonnelly/passwd v0.0.0-20141013001024-7935dab3074c // indirect
|
||||
go.opencensus.io v0.23.0 // indirect
|
||||
go.uber.org/atomic v1.9.0 // indirect
|
||||
go.uber.org/multierr v1.8.0 // indirect
|
||||
|
@ -636,8 +636,6 @@ github.com/huandu/xstrings v1.2.0/go.mod h1:DvyZB1rfVYsBIigL8HwpZgxHwXozlTgGqn63
|
||||
github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
|
||||
github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||
github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
|
||||
github.com/icholy/replace v0.5.0 h1:Nx80zYQVlowdba+3Y6dvHDnmxaGtBrDlf2wYn9GyIXQ=
|
||||
github.com/icholy/replace v0.5.0/go.mod h1:zzi8pxElj2t/5wHHHYmH45D+KxytX/t4w3ClY5nlK+g=
|
||||
github.com/imdario/mergo v0.3.4/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
|
||||
github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
|
||||
github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
|
||||
@ -961,8 +959,6 @@ github.com/ulikunitz/xz v0.5.7/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oW
|
||||
github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
|
||||
github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
||||
github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
||||
github.com/willdonnelly/passwd v0.0.0-20141013001024-7935dab3074c h1:4+NVyrLUuEmvE3r3Xst7gPuKhAP6X04ACpMmPvtK0M0=
|
||||
github.com/willdonnelly/passwd v0.0.0-20141013001024-7935dab3074c/go.mod h1:xcvfY9pOw6s4wyrhilFSbMthL6KzgrfCIETHHUOQ/fQ=
|
||||
github.com/xanzy/go-gitlab v0.31.0/go.mod h1:sPLojNBn68fMUWSxIJtdVVIP8uSBYqesTfDUseX11Ug=
|
||||
github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4=
|
||||
github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI=
|
||||
@ -1346,7 +1342,6 @@ golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBn
|
||||
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
|
||||
golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||
golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||
golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||
golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
|
||||
golang.org/x/tools v0.0.0-20190729092621-ff9f1409240a/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI=
|
||||
golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
|
||||
@ -1657,7 +1652,6 @@ gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C
|
||||
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.0-20220512140231-539c8e751b99 h1:dbuHpmKjkDzSOMKAWl10QNlgaZUd3V1q99xc81tt2Kc=
|
||||
gopkg.in/yaml.v3 v3.0.0-20220512140231-539c8e751b99/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk=
|
||||
honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
|
||||
|
@ -162,17 +162,17 @@ func (l *LinuxUserManager) GetLinuxUser(username string) (LinuxUser, error) {
|
||||
return LinuxUser{}, ErrUserDoesNotExist
|
||||
}
|
||||
entry := entries[username]
|
||||
uid, err := strconv.Atoi(entry.Uid)
|
||||
uid, err := strconv.Atoi(entry.UID)
|
||||
if err != nil {
|
||||
return LinuxUser{}, fmt.Errorf("parsing users uid: %w", err)
|
||||
}
|
||||
gid, err := strconv.Atoi(entry.Gid)
|
||||
gid, err := strconv.Atoi(entry.GID)
|
||||
if err != nil {
|
||||
return LinuxUser{}, fmt.Errorf("parsing users gid: %w", err)
|
||||
}
|
||||
return LinuxUser{
|
||||
Username: username,
|
||||
Home: entry.Home,
|
||||
Home: entry.Directory,
|
||||
UID: uid,
|
||||
GID: gid,
|
||||
}, nil
|
||||
|
@ -1,12 +1,25 @@
|
||||
package user
|
||||
|
||||
import (
|
||||
"bufio"
|
||||
"errors"
|
||||
"strings"
|
||||
|
||||
"github.com/spf13/afero"
|
||||
"github.com/willdonnelly/passwd"
|
||||
)
|
||||
|
||||
// Entries contains the information for each user defined in '/etc/passwd'. Re-exported to allow other module to only import this passwd module.
|
||||
type Entries map[string]passwd.Entry
|
||||
// Entry is an entry of a '/etc/passwd' file.
|
||||
type Entry struct {
|
||||
Password string
|
||||
UID string
|
||||
GID string
|
||||
GECOS string
|
||||
Directory string
|
||||
Shell string
|
||||
}
|
||||
|
||||
// Entries contains the information for each user defined in '/etc/passwd'.
|
||||
type Entries map[string]Entry
|
||||
|
||||
// Passwd allows to parse users from '/etc/passwd' on the local system.
|
||||
type Passwd struct{}
|
||||
@ -24,6 +37,26 @@ func (p Passwd) parseFile(fs afero.Fs, path string) (Entries, error) {
|
||||
}
|
||||
defer file.Close()
|
||||
|
||||
entries, err := passwd.ParseReader(file)
|
||||
return Entries(entries), err
|
||||
entries := Entries{}
|
||||
scanner := bufio.NewScanner(file)
|
||||
|
||||
for scanner.Scan() {
|
||||
// File format: https://man7.org/linux/man-pages/man5/passwd.5.html
|
||||
|
||||
fields := strings.Split(scanner.Text(), ":")
|
||||
if len(fields) != 7 {
|
||||
return nil, errors.New("invalid number of fields")
|
||||
}
|
||||
|
||||
entries[fields[0]] = Entry{
|
||||
Password: fields[1],
|
||||
UID: fields[2],
|
||||
GID: fields[3],
|
||||
GECOS: fields[4],
|
||||
Directory: fields[5],
|
||||
Shell: fields[6],
|
||||
}
|
||||
}
|
||||
|
||||
return entries, scanner.Err()
|
||||
}
|
||||
|
@ -22,12 +22,35 @@ func TestParse(t *testing.T) {
|
||||
createFile: true,
|
||||
wantEntries: Entries{
|
||||
"root": {
|
||||
Pass: "x",
|
||||
Uid: "0",
|
||||
Gid: "0",
|
||||
Gecos: "root",
|
||||
Home: "/root",
|
||||
Shell: "/bin/bash",
|
||||
Password: "x",
|
||||
UID: "0",
|
||||
GID: "0",
|
||||
GECOS: "root",
|
||||
Directory: "/root",
|
||||
Shell: "/bin/bash",
|
||||
},
|
||||
},
|
||||
wantErr: false,
|
||||
},
|
||||
"multiple lines": {
|
||||
passwdContents: "root:x:0:0:root:/root:/bin/bash\nfoo:y:1:2:bar:baz:sh",
|
||||
createFile: true,
|
||||
wantEntries: Entries{
|
||||
"root": {
|
||||
Password: "x",
|
||||
UID: "0",
|
||||
GID: "0",
|
||||
GECOS: "root",
|
||||
Directory: "/root",
|
||||
Shell: "/bin/bash",
|
||||
},
|
||||
"foo": {
|
||||
Password: "y",
|
||||
UID: "1",
|
||||
GID: "2",
|
||||
GECOS: "bar",
|
||||
Directory: "baz",
|
||||
Shell: "sh",
|
||||
},
|
||||
},
|
||||
wantErr: false,
|
||||
|
Loading…
Reference in New Issue
Block a user