Update postrm to delete iotedge user on purge (#4533)

Updates postrm so that apt purge fully removes all files used by aziot-edge and removes iotedge user. This only applies to Debian, as CentOS (rpm) doesn't have a purge command.
Azure · Mar 4, 2021 · 1c0fc8c · 1c0fc8c
1 parent d882823
commit 1c0fc8c
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 41 deletions.
diff --git a/edgelet/Cargo.lock b/edgelet/Cargo.lock
diff --git a/edgelet/contrib/debian/postrm b/edgelet/contrib/debian/postrm
@@ -3,22 +3,29 @@ set -e
 
 case "$1" in
     purge)
-        if [ -f /etc/aziot/edged/config.toml ]; then
-            rm /etc/aziot/edged/config.toml
-        fi
-        if [ -d /etc/aziot/edged/config.d ]; then
-            rm -r /etc/aziot/edged/config.d
-        fi
-        if [ -d /var/lib/aziot/edged ]; then
-            rm -rf /var/lib/aziot/edged
+        systemctl daemon-reload
+
+        if [ -d /etc/aziot ]; then
+            rm -rf /etc/aziot/edged
+            rm -f /etc/aziot/config.toml
         fi
-        if [ -d /var/log/aziot/edged ]; then
-            rm -rf /var/log/aziot/edged
+
+        rm -rf /var/log/aziot
+
+        # Remove supplementary members from the iotedge group.
+        for u in $(getent group iotedge | sed -e "s/^.*://" -e "s/,/ /g"); do
+            gpasswd -d "$u" iotedge
+        done
+
+        /usr/sbin/userdel iotedge
+        rm -rf /var/lib/aziot/edged
+
+        if [ -d /var/lib/aziot ] && [ -z "$(ls -A /var/lib/aziot)" ]; then
+            rm -rf /var/lib/aziot
         fi
     ;;
     remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
     ;;
-
     *)
         echo "postrm called with unknown argument \`$1'" >&2
         exit 1

diff --git a/edgelet/contrib/debian/preinst b/edgelet/contrib/debian/preinst
@@ -3,37 +3,38 @@ set -e
 
 add_groups()
 {
-    if ! getent passwd iotedge >/dev/null; then
-        adduser --system iotedge --home /var/lib/aziot/edged --shell /bin/false
+    if ! getent group iotedge >/dev/null; then
+        groupadd -r iotedge
     fi
 
-    if ! getent group iotedge >/dev/null; then
-        addgroup --system iotedge
+    if ! getent passwd iotedge >/dev/null; then
+        useradd -r -g iotedge -c 'iotedge user' -s /sbin/nologin -d /var/lib/aziot/edged iotedge
     fi
+    mkdir -p /var/lib/aziot/edged
 
     # add iotedge user to docker group so that it can talk to the docker socket
     if getent group docker >/dev/null; then
-        adduser iotedge docker
+        usermod -aG docker iotedge
     fi
 
     if getent group aziotcs >/dev/null; then
-        adduser iotedge aziotcs
+        usermod -aG aziotcs iotedge
     fi
     if getent group aziotks >/dev/null; then
-        adduser iotedge aziotks
+        usermod -aG aziotks iotedge
     fi
     if getent group aziotid >/dev/null; then
-        adduser iotedge aziotid
+        usermod -aG aziotid iotedge
     fi
 
     # Add each admin user to the iotedge group - for systems installed before precise
     for u in $(getent group admin | sed -e "s/^.*://" -e "s/,/ /g"); do
-        adduser "$u" iotedge >/dev/null || true
+        usermod -aG iotedge "$u" >/dev/null || true
     done
 
     # Add each sudo user to the iotedge group
     for u in $(getent group sudo | sed -e "s/^.*://" -e "s/,/ /g"); do
-        adduser "$u" iotedge >/dev/null || true
+        usermod -aG iotedge "$u" >/dev/null || true
     done
 }