2 # These functions are included by various different installers.
4 # We assume that the following variables are defined in the main script:
5 # amanda_user: the amanda account username
6 # amanda_group: the amanda account's group
7 # amandahomedir: a directory to use as amanda's home
8 # deb_uid: sepecific uid amanda_user should get on deb style systems.
9 # dist: used on linux for the distro.
10 # LOGFILE: a log file we append to
11 # os: Linux, Darwin, SunOS, `uname`...
12 # wanted_shell: Linux/SunOS/OSX all keep them in different places
13 # SYSCONFDIR: location of system config files (ie, /etc)
14 # LOGDIR: logging directory for amanda
16 # These variables are defined, but null to allow checking names
19 # PreInstall Functions
24 # Create the amanda user with a specific uid on deb systems
25 if [ "x${dist}" = "xDebian" ] || [ "x${dist}" = "xUbuntu" ] ; then
26 uid_flag="-u ${deb_uid}"
30 logger "Checking for user: ${amanda_user}"
31 # we want the output of id, but if the user doesn't exist,
32 # sterr output just confuses things
33 ID=`id ${amanda_user} 2> /dev/null | sed 's/uid=\([0-9]*\).*/\1/'`
34 if [ "${ID}x" = "x" ] ; then
35 logger "Adding ${amanda_user}."
36 log_output_of useradd -c "Amanda" \
40 -s ${wanted_shell} ${amanda_user} || \
41 { logger "WARNING: Could not create user ${amanda_user}. Installation will fail." ; return 1 ; }
42 logger "Created ${amanda_user} with blank password."
44 if [ "x$os" = "xLinux" ] && [ "x${dist}" != "xSuSE" ]; then
45 # Lock the amanda account until admin sets password
46 log_output_of passwd -l ${amanda_user} && { \
47 logger "${info_create_user_success}"
48 logger "${info_unlock_account}"
50 logger "${warning_user_passwd}"; }
52 if [ "x$os" = "xSunOS" ]; then
55 5.8|5.9) log_output_of passwd -l ${amanda_user} ;;
56 5.10) # Special login-lock, while allowing execution.
57 log_output_of passwd -N ${amanda_user} && { \
58 logger "${info_create_user_success_sol}"
59 logger "${info_unlock_account}"
61 logger "${warning_user_passwd}"; }
67 # The user already existed
68 logger "The Amanda user '${amanda_user}' exists on this system."
77 # Solaris only: Add a comma separated list of rights profiles to the
78 # $amanda_user. Replaces any existing profiles listed on the account.
79 log_output_of usermod -P "\"$*\"" ${amanda_user} || {
80 logger "Warning: Rights profiles were not added. Some types of backup may not work until these rights profiles are givent to ${amanda_backup}: '$*'"
85 # First, try to add the group, detect via return code if it
86 # already exists. Then add ${amanda_user} to the group without
87 # checking if account is already a member. (check_user should
88 # already have been called).
90 # Works on linux and solaris. OSX has different tools.
92 [ "x${1}" = "x" ] && { logger "Error: first argument was not a group to add." ; return 1 ; }
94 log_output_of groupadd ${group_to_add}
96 # return of 0 means group was added; 9 means group existed.
97 if [ $rc -eq 0 ] || [ $rc -eq 9 ]; then
98 logger "Adding ${amanda_user} to ${group_to_add}"
99 # Generate a comma separated list of existing supplemental groups.
100 # Linux prefaces output with '<username> : '.
101 existing_sup_groups=`groups ${amanda_user}|sed 's/.*: //;s/ /,/g'`
102 # usermod append is -A on Suse, all other linux use -a, and
103 # -A means something else entirely on solaris. So we just use
104 # -G, and append a list of the current groups from id.
105 # So far, all linux distros have usermod
106 log_output_of usermod -G ${existing_sup_groups},${group_to_add} ${amanda_user} || { \
107 logger "Nonfatal ERROR: Failed to add ${group_to_add}."
108 logger "${error_group_member}" ; return 1 ; }
110 logger "Error: groupadd failed in an unexpected way. return code='$rc'"
116 # All check_user_* functions check various parameters of ${amanda_user}'s
117 # account. Return codes:
120 # 2 = usage or other error. more info will be logged
123 # checks the system group file for ${amanda_user}'s membership in
124 # the group named $1.
126 [ "x" = "x$1" ] && { logger "check_user_group: no group given"; return 1; }
127 logger "Verify ${amanda_user}'s primary group = $1 "
128 # Check if the group exists, disregarding membership.
129 group_entry=`grep "^${2}" ${SYSCONFDIR}/group 2> /dev/null`
130 if [ ! "x" = "x${group_entry}" ]; then
131 # Assume the user exists, and check the user's primary group.
132 GROUP=`id ${amanda_user} 2> /dev/null |\
134 sed 's/.*gid=[0-9]*(\([^ ()]*\))/\1/'`
135 if [ ! "x${GROUP}" = "x${1}" ] ; then
136 logger "${amanda_user} not a member of ${1}"
140 logger "User's primary group '${1}' does not exist"
146 check_user_supplemental_group() {
147 # Checks for the group ${1}, and adds ${amanda_user} if missing.
148 # Other groups are preserved.
150 [ "x" = "x$1" ] && { logger "check_user_supplemental_group: no supplemental group given"; return 1; }
152 logger "Verify ${amanda_user} is a member of ${sup_group}."
153 # First, check if the supplementary group exists.
154 sup_group_entry=`grep "${sup_group}" ${SYSCONFDIR}/group 2>/dev/null`
155 if [ ! "x" = "x${sup_group_entry}" ]; then
156 SUP_MEM=`echo ${sup_group_entry} | cut -d: -f4`
157 # Check if our user is a member.
159 *${amanda_user}*) : ;;
161 logger "${amanda_user} is not a member of supplemental group ${sup_group}."
166 logger "Supplemental group ${sup_group} does not exist"
173 # Confirms the passwd file's shell field for ${amanda_user} is $1
174 [ "x" = "x$1" ] && { logger "check_user_shell: no shell given"; return 1; }
175 wanted_shell=$1; export wanted_shell
176 logger "Verify ${amanda_user}'s shell is ${wanted_shell}."
177 real_shell=`grep "^${amanda_user}" ${SYSCONFDIR}/passwd | cut -d: -f7`
179 if [ ! "x${real_shell}" = "x${wanted_shell}" ] ; then
180 logger "WARNING: ${amanda_user} default shell= ${wanted_shell}"
181 logger "WARNING: ${amanda_user} existing shell: ${real_shell}"
182 logger "${warning_user_shell}"
187 check_user_homedir() {
188 # Confirm the passwd file's homedir field for ${amanda_user} is $1
189 [ "x" = "x$1" ] && { logger "check_user_homedir: no homedir given"; return 1; }
190 HOMEDIR=`grep "^${amanda_user}" ${SYSCONFDIR}/passwd | cut -d: -f6`
191 if [ ! "x${HOMEDIR}" = "x${1}" ] ; then
192 logger "${warning_user_homedir}"
198 # Confirm that ${amanda_user}'s UID is $1.
199 # Debian systems must use a specific UID
200 [ "x" = "x$1" ] && { logger "check_user_uid: no uid given"; return 1; }
201 ID=`id ${amanda_user} 2> /dev/null | sed 's/uid=\([0-9]*\).*/\1/'`
202 if [ ! ${ID} -eq ${1} ] ; then
203 checked_uid=${1}; export checked_uid
204 logger "${warning_user_uid_debian}"
210 # Checks that the homedir has correct permissions and belongs to correct
211 # user. Uses $amanda_user and $amanda_group.
212 if [ -d ${AMANDAHOMEDIR} ] ; then
213 OWNER_GROUP=`ls -dl ${AMANDAHOMEDIR} | awk '{ print $3" "$4; }'`
214 [ "x$OWNER_GROUP" = "x${amanda_user} ${amanda_group}" ] || \
215 logger "${warning_homedir_owner}"
218 logger "homedir ${AMANDAHOMEDIR} does not exist."
224 # Creates the homedir, if necessary, and fixes ownership.
225 if [ ! -d ${AMANDAHOMEDIR} ] ; then
226 logger "Creating ${AMANDAHOMEDIR}"
227 log_output_of mkdir -p -m 0750 ${AMANDAHOMEDIR} ||
228 { logger "WARNING: Could not create ${AMANDAHOMEDIR}" ; return 1 ; }
230 log_output_of chown -R ${amanda_user}:${amanda_group} ${AMANDAHOMEDIR} ||
231 { logger "WARNING: Could not chown ${AMANDAHOMEDIR}" ; return 1 ; }
235 if [ -d ${LOGDIR} ] || [ -f ${LOGDIR} ] ; then
236 logger "Found existing ${LOGDIR}"
237 log_output_of mv ${LOGDIR} ${LOGDIR}.save || \
238 { logger "WARNING: Could not backup existing log directory: ${LOGDIR}" ; return 1 ; }
240 logger "Creating ${LOGDIR}."
241 log_output_of mkdir -p -m 0750 ${LOGDIR} || \
242 { logger "WARNING: Could not create ${LOGDIR}" ; return 1 ; }
243 if [ -d ${LOGDIR}.save ] || [ -f ${LOGDIR}.save ] ; then
244 # Move the saved log into the logdir.
245 log_output_of mv ${LOGDIR}.save ${LOGDIR}
247 log_output_of chown -R ${amanda_user}:${amanda_group} ${LOGDIR} || \
248 { logger "WARNING: Could not chown ${LOGDIR}" ; return 1 ; }
251 # Info, Warning, and Error strings used by the installer
253 info_create_user_success="NOTE: Set a password and unlock the ${amanda_user} account before
256 info_create_user_success_sol="NOTE: Account is set as non-login. If interactive login
257 is required: a password must be set, and the account activated for login."
259 info_unlock_account=" The superuser can unlock the account by running:
261 # passwd -u ${amanda_user}
264 info_existing_installs="Pre-existing Amanda installations must confirm:
265 -${SYSCONFDIR}/amanda/* should have 'dumpuser' set to '${amanda_user}'.
266 -${AMANDAHOMEDIR}/.amandahosts on client systems should allow connections by
269 warning_user_password="WARNING: '${amanda_user}' no password. An error occured when locking the
270 account. SET A PASSWORD NOW:
272 # passwd ${amanda_user}"
274 error_group_member="Nonfatal ERROR: Amanda will not run until '${amanda_user}' is a member the
275 preceeding group. Install will continue..."
277 warning_user_shell="WARNING: The user '${amanda_user}' has a non-default shell. Other shells have not been tested."
279 warning_user_homedir="WARNING: The user '${amanda_user}' must have its home directory set to
280 '${AMANDAHOMEDIR}' Please correct before using Amanda."
282 warning_user_uid_debian="WARNING: Debian packages were built assuming that ${amanda_user}
283 uid = ${checked_uid}. The uid of ${amanda_user} is different on this system. Files
284 owned by ${checked_uid} must be chowned to ${amanda_user}."
286 warning_homedir_owner="WARNING: The ${amanda_user}'s home directory,'${AMANDAHOMEDIR}' ownership must be changed to '${amanda_user}:${amanda_group}'. "
288 # --------------- End included Functions -----------------