Signed-off-by: Anders Kaseorg <andersk@mit.edu>
- Document nss-nonlocal-users and nss-local-users groups in README.
- Allow local whitelisting of nonlocal user and group memberships,
using the magic local ‘nss-nonlocal-users’ user and group.
- Document nss-nonlocal-users and nss-local-users groups in README.
- Allow local whitelisting of nonlocal user and group memberships,
using the magic local ‘nss-nonlocal-users’ user and group.
+ * Create magic ‘nss-nonlocal-users’ user.
-- Anders Kaseorg <andersk@mit.edu> Tue, 29 Mar 2011 00:45:31 -0400
-- Anders Kaseorg <andersk@mit.edu> Tue, 29 Mar 2011 00:45:31 -0400
+ if getent passwd nss-nonlocal-users >/dev/null; then
+ deluser --system nss-nonlocal-users || :
+ fi
if getent group nss-local-users >/dev/null; then
delgroup --system nss-local-users || :
fi
if getent group nss-local-users >/dev/null; then
delgroup --system nss-local-users || :
fi
case "$1" in
install|upgrade)
case "$1" in
install|upgrade)
+ if ! getent passwd nss-nonlocal-users >/dev/null; then
+ adduser --system --no-create-home --home /nonexistent \
+ --gecos 'Magic user for local group whitelist' \
+ nss-nonlocal-users
+ fi
if ! getent group nss-local-users >/dev/null; then
addgroup --system nss-local-users
fi
if ! getent group nss-local-users >/dev/null; then
addgroup --system nss-local-users
fi