From 6ea62706d09ad2908eb0376ade85b73b4bf93c60 Mon Sep 17 00:00:00 2001 From: Christian Poessinger Date: Wed, 5 Feb 2020 20:32:09 +0100 Subject: user: T1948: one can not delete his own user account --- src/conf_mode/system-login-user.py | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) (limited to 'src') diff --git a/src/conf_mode/system-login-user.py b/src/conf_mode/system-login-user.py index a9e194859..c7ed96dcf 100755 --- a/src/conf_mode/system-login-user.py +++ b/src/conf_mode/system-login-user.py @@ -56,9 +56,11 @@ def get_config(): conf = Config() base_level = ['system', 'login', 'user'] - if not conf.exists(base_level): - login['deleted'] = True - return login + # We do not need to check if the nodes exist or not and bail out early + # ... this would interrupt the following logic on determine which users + # should be deleted and which users should stay. + # + # All fine so far! # Read in all local users and store to list for username in conf.list_nodes(base_level): @@ -115,13 +117,6 @@ def get_config(): login['add_users'].append(user) - return login - -def verify(login): - # TODO: should we be able to delete ourself? - pass - -def generate(login): # users no longer existing in the running configuration need to be deleted local_users = get_local_users() cli_users = [tmp['name'] for tmp in login['add_users']] @@ -133,6 +128,16 @@ def generate(login): # system is rebooted. login['del_users'] = [tmp for tmp in all_users if tmp not in cli_users] + return login + +def verify(login): + cur_user = os.environ['SUDO_USER'] + if cur_user in login['del_users']: + raise ConfigError('Attempting to delete current user: {}'.format(cur_user)) + + pass + +def generate(login): # calculate users encrypted password for user in login['add_users']: if user['password_plaintext']: -- cgit v1.2.3