From 89801b4d99b085e8b23ed1bfb6a2fd7805709984 Mon Sep 17 00:00:00 2001 From: Gordon Wang <36049150+gordonwang0@users.noreply.github.com> Date: Tue, 16 Aug 2022 10:05:54 +0800 Subject: [PATCH] Fix creation and cleanup of edgeagentuser and edgehubuser (#6594) - Delete edgeagentuser and edgehubuser during package purge - Allow creation of edgeagentuser and edgehub user to fail during package install. edgeHub and edgeAgent will still work if their users don't exist on the host. The host will misidentify files owned by edgeHub and edgeAgent, but the modules will still work. --- edgelet/contrib/centos/aziot-edge.spec | 4 ++-- edgelet/contrib/debian/postrm | 4 ++++ edgelet/contrib/debian/preinst | 4 ++-- edgelet/contrib/enterprise-linux/aziot-edge.spec | 4 ++-- 4 files changed, 10 insertions(+), 6 deletions(-) diff --git a/edgelet/contrib/centos/aziot-edge.spec b/edgelet/contrib/centos/aziot-edge.spec index 7f0718cc73e..91c6cd3d711 100644 --- a/edgelet/contrib/centos/aziot-edge.spec +++ b/edgelet/contrib/centos/aziot-edge.spec @@ -97,12 +97,12 @@ fi # Create an edgeagentuser and add it to iotedge group if ! /usr/bin/getent passwd %{iotedge_agent_user} >/dev/null; then - %{_sbindir}/useradd -r -g %{iotedge_group} -c "edgeAgent user" -s /bin/sh -u %{iotedge_agent_uid} %{iotedge_agent_user} + %{_sbindir}/useradd -r -g %{iotedge_group} -c "edgeAgent user" -s /bin/sh -u %{iotedge_agent_uid} %{iotedge_agent_user} || true fi # Create an edgehubuser if ! getent passwd edgehubuser >/dev/null; then - %{_sbindir}/useradd -r -c "edgeHub user" -s /bin/sh -u %{iotedge_hub_uid} %{iotedge_hub_user} + %{_sbindir}/useradd -r -c "edgeHub user" -s /bin/sh -u %{iotedge_hub_uid} %{iotedge_hub_user} || true fi # Add iotedge user to aziot-identity-service groups diff --git a/edgelet/contrib/debian/postrm b/edgelet/contrib/debian/postrm index 91ef1d7c29d..b15e00bf452 100644 --- a/edgelet/contrib/debian/postrm +++ b/edgelet/contrib/debian/postrm @@ -18,9 +18,13 @@ case "$1" in gpasswd -d "$u" iotedge done + # Remove iotedge users. /usr/sbin/userdel iotedge rm -rf /var/lib/aziot/edged + /usr/sbin/userdel edgeagentuser + /usr/sbin/userdel edgehubuser + if [ -d /var/lib/aziot ] && [ -z "$(ls -A /var/lib/aziot)" ]; then rm -rf /var/lib/aziot fi diff --git a/edgelet/contrib/debian/preinst b/edgelet/contrib/debian/preinst index bb398d8cc06..45f5d26aa65 100644 --- a/edgelet/contrib/debian/preinst +++ b/edgelet/contrib/debian/preinst @@ -14,12 +14,12 @@ add_groups() # Create an edgeagentuser and add it to iotedge group if ! getent passwd edgeagentuser >/dev/null; then - useradd -r -g iotedge -c "edgeAgent user" -s /bin/sh -u 13622 edgeagentuser + useradd -r -g iotedge -c "edgeAgent user" -s /bin/sh -u 13622 edgeagentuser || true fi # Create an edgehubuser if ! getent passwd edgehubuser >/dev/null; then - useradd -r -c "edgeHub user" -s /bin/sh -u 13623 edgehubuser + useradd -r -c "edgeHub user" -s /bin/sh -u 13623 edgehubuser || true fi # add iotedge user to docker group so that it can talk to the docker socket diff --git a/edgelet/contrib/enterprise-linux/aziot-edge.spec b/edgelet/contrib/enterprise-linux/aziot-edge.spec index 938f86e9bc4..02ae42c263c 100644 --- a/edgelet/contrib/enterprise-linux/aziot-edge.spec +++ b/edgelet/contrib/enterprise-linux/aziot-edge.spec @@ -97,12 +97,12 @@ fi # Create an edgeagentuser and add it to iotedge group if ! /usr/bin/getent passwd %{iotedge_agent_user} >/dev/null; then - %{_sbindir}/useradd -r -g %{iotedge_group} -c "edgeAgent user" -s /bin/sh -u %{iotedge_agent_uid} %{iotedge_agent_user} + %{_sbindir}/useradd -r -g %{iotedge_group} -c "edgeAgent user" -s /bin/sh -u %{iotedge_agent_uid} %{iotedge_agent_user} || true fi # Create an edgehubuser if ! getent passwd edgehubuser >/dev/null; then - %{_sbindir}/useradd -r -c "edgeHub user" -s /bin/sh -u %{iotedge_hub_uid} %{iotedge_hub_user} + %{_sbindir}/useradd -r -c "edgeHub user" -s /bin/sh -u %{iotedge_hub_uid} %{iotedge_hub_user} || true fi # Add iotedge user to aziot-identity-service groups