From ccc056dbf9d3fdeef2a8e8abc00f9d2cddc5348e Mon Sep 17 00:00:00 2001 From: Przemyslaw Pawelczyk Date: Sat, 23 Apr 2016 13:13:37 +0200 Subject: Add lacking -S option (system) to adduser/addgroup in scripts. Groups and users created by packages shouldn't use high ids by default (unless explicitly requested), to distinguish them from groups and users created by administrators for humans. Following 41 files lacked -S next to addgroup: - community/sword/sword.pre-install - main/amavisd-new/amavisd-new.pre-install - main/chrony/chrony.pre-install - main/cvechecker/cvechecker.pre-install - main/dnsmasq/dnsmasq.pre-install - main/freeradius/freeradius.pre-install - main/gdnsd/gdnsd.pre-install - main/haproxy/haproxy.pre-install - main/haproxy/haproxy.pre-upgrade - main/kamailio/kamailio.pre-install - main/logcheck/logcheck.pre-install - main/mlmmj/mlmmj.pre-install - main/nrpe/nrpe.pre-install - main/open-vm-tools/open-vm-tools.pre-install - main/postgrey/postgrey.pre-install - main/privoxy/privoxy.pre-install - main/redis/redis.pre-install - main/samba/winbind.pre-install - main/sircbot/sircbot.pre-install - main/smokeping/smokeping.pre-install - main/squark/squark.post-install - main/squid/squid.pre-install - main/squid/squid.pre-upgrade - main/subversion/subversion.pre-install - main/trac/trac.pre-install - main/vsftpd/vsftpd.pre-install - main/zabbix/zabbix-agent.pre-install - testing/3proxy/3proxy.pre-install - testing/cluster-glue/cluster-glue.pre-install - testing/elasticsearch/elasticsearch.pre-install - testing/emby/emby.pre-install - testing/gdnsd/gdnsd.pre-install - testing/icinga2/icinga2.pre-install - testing/lusca/lusca.pre-install - testing/lusca/lusca.pre-upgrade - testing/mongodb/mongodb.pre-install - testing/openxcap/openxcap.pre-install - testing/prosody/prosody.pre-install - testing/rancid/rancid.pre-install - testing/rutorrent/rutorrent.pre-install - testing/zabbix/zabbix-agent.pre-install Following 60 files lacked -S next to adduser: - community/caddy/caddy.pre-install - community/domoticz/domoticz.pre-install - community/minetest/minetest-server.pre-install - community/oscam/oscam.pre-install - community/seafile/seafile-server.pre-install - community/syncthing/syncthing.pre-install - main/apache2/apache2.pre-install - main/aports-build/aports-build.pre-install - main/atheme-iris/atheme-iris.pre-install - main/bind/bind.pre-install - main/clamav/clamav-db.pre-install - main/clamsmtp/clamsmtp.pre-install - main/clamsmtp/clamsmtp.pre-upgrade - main/coova-chilli/coova-chilli.pre-install - main/cvechecker/cvechecker.pre-install - main/dhcp/dhcp.pre-install - main/distcc/distcc.pre-install - main/djbdns/dnscache.pre-install - main/djbdns/tinydns.pre-install - main/dovecot/dovecot.pre-install - main/ez-ipupdate/ez-ipupdate.pre-install - main/fetchmail/fetchmail.pre-install - main/freeswitch/freeswitch.pre-install - main/gitolite/gitolite.pre-install - main/gnats/gnats.pre-install - main/gross/gross.pre-install - main/icecast/icecast.pre-install - main/kamailio/kamailio.pre-install - main/lighttpd/lighttpd.pre-install - main/mariadb/mariadb.pre-install - main/memcached/memcached.pre-install - main/ngircd/ngircd.pre-install - main/nrpe/nrpe.pre-install - main/openntpd/openntpd.pre-install - main/postgrey/postgrey.pre-install - main/snort/snort.pre-install - main/squid/squid.pre-install - main/squid/squid.pre-upgrade - main/subversion/subversion.pre-install - main/trac/trac.pre-install - main/transmission/transmission-daemon.pre-install - main/ympd/ympd.pre-install - main/znc/znc.pre-install - testing/at/at.pre-install - testing/buildbot-slave/buildbot-slave.pre-install - testing/buildbot/buildbot.pre-install - testing/clapf/clapf.pre-install - testing/cluster-glue/cluster-glue.pre-install - testing/dbmail/dbmail.pre-install - testing/dspam/dspam.pre-install - testing/ejabberd/ejabberd.pre-install - testing/emby/emby.pre-install - testing/mongodb/mongodb.pre-install - testing/opensips/opensips.pre-install - testing/pdns/pdns.pre-install - testing/prosody/prosody.pre-install - testing/qpage/qpage.pre-install - testing/rrdbot/rrdbot.pre-install - testing/wt/wt.pre-install - unmaintained/ejabberd-git/ejabberd-git.pre-install --- community/caddy/caddy.pre-install | 2 +- community/domoticz/domoticz.pre-install | 2 +- community/icinga2/icinga2.pre-install | 4 ++-- community/minetest/minetest-server.pre-install | 2 +- community/oscam/oscam.pre-install | 2 +- community/seafile/seafile-server.pre-install | 2 +- community/sword/sword.pre-install | 2 +- community/syncthing/syncthing.pre-install | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) (limited to 'community') diff --git a/community/caddy/caddy.pre-install b/community/caddy/caddy.pre-install index 16d74a36d2..8c67557942 100644 --- a/community/caddy/caddy.pre-install +++ b/community/caddy/caddy.pre-install @@ -1,4 +1,4 @@ #!/bin/sh -adduser -h /var/lib/caddy -D -s /sbin/nologin caddy 2>/dev/null +adduser -S -h /var/lib/caddy -D -s /sbin/nologin caddy 2>/dev/null adduser caddy www-data 2>/dev/null exit 0 diff --git a/community/domoticz/domoticz.pre-install b/community/domoticz/domoticz.pre-install index a94a5fb50b..8a7d12c012 100644 --- a/community/domoticz/domoticz.pre-install +++ b/community/domoticz/domoticz.pre-install @@ -1,3 +1,3 @@ #!/bin/sh -adduser -h /var/lib/domoticz -D -s /sbin/nologin domoticz 2>/dev/null +adduser -S -h /var/lib/domoticz -D -s /sbin/nologin domoticz 2>/dev/null exit 0 diff --git a/community/icinga2/icinga2.pre-install b/community/icinga2/icinga2.pre-install index cd2a432c44..349c8c8879 100644 --- a/community/icinga2/icinga2.pre-install +++ b/community/icinga2/icinga2.pre-install @@ -1,6 +1,6 @@ #!/bin/sh -addgroup icinga 2>/dev/null -addgroup icingacmd 2>/dev/null +addgroup -S icinga 2>/dev/null +addgroup -S icingacmd 2>/dev/null adduser -S -G icinga -H -h /var/spool/icinga2 -s /sbin/nologin -D icinga 2>/dev/null adduser icinga icingacmd 2>/dev/null 2>/dev/null exit 0 diff --git a/community/minetest/minetest-server.pre-install b/community/minetest/minetest-server.pre-install index f995e427d6..dbf141158d 100644 --- a/community/minetest/minetest-server.pre-install +++ b/community/minetest/minetest-server.pre-install @@ -1,3 +1,3 @@ #!/bin/sh -adduser -s /sbin/nologin -D -h /var/lib/minetest minetest games 2>/dev/null +adduser -S -s /sbin/nologin -D -h /var/lib/minetest minetest games 2>/dev/null exit 0 diff --git a/community/oscam/oscam.pre-install b/community/oscam/oscam.pre-install index fe379e11c1..6f2cc9ec07 100644 --- a/community/oscam/oscam.pre-install +++ b/community/oscam/oscam.pre-install @@ -1,4 +1,4 @@ #!/bin/sh -adduser -H -D -s /sbin/nologin oscam 2>/dev/null +adduser -S -H -D -s /sbin/nologin oscam 2>/dev/null addgroup oscam usb 2>/dev/null exit 0 diff --git a/community/seafile/seafile-server.pre-install b/community/seafile/seafile-server.pre-install index 173e73a35b..66e7a2ccff 100644 --- a/community/seafile/seafile-server.pre-install +++ b/community/seafile/seafile-server.pre-install @@ -3,5 +3,5 @@ SEAFILE_HOME=/var/lib/seafile addgroup -S -g 800 seafile 2>/dev/null -adduser -h $SEAFILE_HOME -s /bin/sh -G seafile -g seafile -u 800 -D seafile 2>/dev/null +adduser -S -h $SEAFILE_HOME -s /bin/sh -G seafile -g seafile -u 800 -D seafile 2>/dev/null exit 0 diff --git a/community/sword/sword.pre-install b/community/sword/sword.pre-install index 0ab0d715bf..d8abdb59bf 100755 --- a/community/sword/sword.pre-install +++ b/community/sword/sword.pre-install @@ -1,3 +1,3 @@ #!/bin/sh echo "Adding 'sword' group for installing SWORD modules systemwide" -addgroup sword 2>/dev/null >&2 || true +addgroup -S sword 2>/dev/null >&2 || true diff --git a/community/syncthing/syncthing.pre-install b/community/syncthing/syncthing.pre-install index b2207a0d7b..dd7f389fd4 100644 --- a/community/syncthing/syncthing.pre-install +++ b/community/syncthing/syncthing.pre-install @@ -1,3 +1,3 @@ #!/bin/sh -adduser -H -h /var/lib/syncthing -s /sbin/nologin -D syncthing 2>/dev/null +adduser -S -H -h /var/lib/syncthing -s /sbin/nologin -D syncthing 2>/dev/null exit 0 -- cgit v1.2.3