Add tool for creating users and groups

When executed in split user mode, Ganeti requires a specific set of users
and groups to be created in the appropriate way.

This commit introduces a tool that takes care of that automatically.

Signed-off-by: Michele Tartara <mtartara@google.com>
Reviewed-by: Guido Trotter <ultrotter@google.com>

diff --git a/.gitignore b/.gitignore
index b4e115c..0ab9ff9 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -99,6 +99,7 @@
 /tools/kvm-ifup
 /tools/burnin
 /tools/ensure-dirs
+/tools/users-setup
 /tools/vcluster-setup
 /tools/node-cleanup
 /tools/node-daemon-setup

diff --git a/Makefile.am b/Makefile.am
index cf6e334..0059a7b 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -181,6 +181,7 @@ CLEANFILES = \
        $(man_MANS) \
        $(manhtml) \
        tools/kvm-ifup \
+       tools/users-setup \
        tools/vcluster-setup \
        stamp-directories \
        stamp-srclinks \
@@ -832,6 +833,7 @@ nodist_tools_python_scripts = \
 
 nodist_tools_SCRIPTS = \
        $(nodist_tools_python_scripts) \
+       tools/users-setup \
        tools/vcluster-setup
 
 pkglib_python_scripts = \
@@ -882,6 +884,7 @@ EXTRA_DIST = \
        devel/upload \
        devel/webserver \
        tools/kvm-ifup.in \
+       tools/users-setup.in \
        tools/vcluster-setup.in \
        $(docinput) \
        doc/html \
@@ -1254,6 +1257,10 @@ tools/kvm-ifup: tools/kvm-ifup.in $(REPLACE_VARS_SED)
        sed -f $(REPLACE_VARS_SED) < $< > $@
        chmod +x $@
 
+tools/users-setup: tools/users-setup.in $(REPLACE_VARS_SED)
+       sed -f $(REPLACE_VARS_SED) < $< > $@
+       chmod +x $@
+
 tools/vcluster-setup: tools/vcluster-setup.in $(REPLACE_VARS_SED)
        sed -f $(REPLACE_VARS_SED) < $< > $@
        chmod +x $@

diff --git a/tools/users-setup.in b/tools/users-setup.in
new file mode 100644 (file)
index 0000000..8be0a01
--- /dev/null
+++ b/tools/users-setup.in
@@ -0,0 +1,26 @@
+#!/bin/sh
+#Create common groups
+addgroup --system @GNTDAEMONSGROUP@
+addgroup --system @GNTADMINGROUP@
+
+#Create user-specific groups
+addgroup --system @GNTMASTERUSER@
+addgroup --system @GNTRAPIUSER@
+addgroup --system @GNTCONFDUSER@
+
+#Create users
+adduser --system --ingroup @GNTMASTERDGROUP@ @GNTMASTERUSER@
+adduser --system --ingroup @GNTRAPIGROUP@ @GNTRAPIUSER@
+adduser --system --ingroup @GNTCONFDGROUP@ @GNTCONFDUSER@
+adduser --system @GNTNODEDUSER@
+
+#Add users to extra groups
+for u in @GNTMASTERUSER@ @GNTCONFDUSER@ @GNTRAPIUSER@
+do
+  adduser $u @GNTDAEMONSGROUP@
+done
+
+for u in @GNTMASTERUSER@ @GNTRAPIUSER@
+do
+  adduser $u @GNTADMINGROUP@
+done