summaryrefslogtreecommitdiff
path: root/lib/Vyatta
diff options
context:
space:
mode:
authorStephen Hemminger <stephen.hemminger@vyatta.com>2009-09-11 14:43:18 -0700
committerStephen Hemminger <stephen.hemminger@vyatta.com>2009-09-11 16:29:44 -0700
commit7ae751c28bd1c0b3dfd4453469ca1a9ea6b6f3f3 (patch)
treebc1ec90d1e21de9563bf789688ba3ee17d69d034 /lib/Vyatta
parentc9a6443de6e652d2540a4374c2cd18384d6f9bdf (diff)
downloadvyatta-cfg-system-7ae751c28bd1c0b3dfd4453469ca1a9ea6b6f3f3.tar.gz
vyatta-cfg-system-7ae751c28bd1c0b3dfd4453469ca1a9ea6b6f3f3.zip
Delete vyatta users not in configuration
This implements rollback for users that were added during a previous configuration (and committed), but were never saved into configuration. Bug: 4528
Diffstat (limited to 'lib/Vyatta')
-rwxr-xr-xlib/Vyatta/Login/User.pm17
1 files changed, 17 insertions, 0 deletions
diff --git a/lib/Vyatta/Login/User.pm b/lib/Vyatta/Login/User.pm
index e38b7f6e..7012403a 100755
--- a/lib/Vyatta/Login/User.pm
+++ b/lib/Vyatta/Login/User.pm
@@ -134,6 +134,23 @@ sub update {
die "Attempt to change user $user failed: $reason\n";
}
}
+
+ # Remove any vyatta users that do not exist in current configuration
+ # This can happen if user added but configuration not saved
+ foreach my $grp (qw(vyattacfg vyattaop)) {
+ my (undef, undef, undef, $members) = getgrnam($grp);
+ next unless $members;
+
+ foreach my $user (split / /, $members) {
+ next if ($user eq 'root');
+ next if ($user eq 'www-data'); # webgui
+ next if defined $users{$user};
+
+ warn "User $user not listed in current configuration\n";
+ system ("userdel --remove $user") == 0
+ or die "Attempt to delete user $user failed: $!";
+ }
+ }
}
1;