From c992432299abeb4401a5bcd1ac7f3ba31f974238 Mon Sep 17 00:00:00 2001 From: Scott Fridlund Date: Wed, 22 Dec 2021 13:59:39 -0600 Subject: [PATCH] Setting primary GID for users to be created from config. --- src/ES.SFTP/Security/UserManagementService.cs | 30 ++++++++++--------- src/ES.SFTP/Security/UserUtil.cs | 4 +-- 2 files changed, 18 insertions(+), 16 deletions(-) diff --git a/src/ES.SFTP/Security/UserManagementService.cs b/src/ES.SFTP/Security/UserManagementService.cs index abe988a..e558d7f 100644 --- a/src/ES.SFTP/Security/UserManagementService.cs +++ b/src/ES.SFTP/Security/UserManagementService.cs @@ -71,6 +71,21 @@ private async Task SyncUsersAndGroups() await UserUtil.UserDelete(user, false); } + //Create groups as specified by the GID value for each user + foreach (var user in config.Users) + { + if (user.GID.HasValue) + { + _logger.LogInformation("Processing GID for user '{user}'", user.Username); + + var virtualGroup = $"sftp-gid-{user.GID.Value}"; + if (!await GroupUtil.GroupExists(virtualGroup)) + { + _logger.LogDebug("Creating group '{group}' with GID '{gid}'", virtualGroup, user.GID.Value); + await GroupUtil.GroupCreate(virtualGroup, true, user.GID.Value); + } + } + } foreach (var user in config.Users) { @@ -79,7 +94,7 @@ private async Task SyncUsersAndGroups() if (!await UserUtil.UserExists(user.Username)) { _logger.LogDebug("Creating user '{user}'", user.Username); - await UserUtil.UserCreate(user.Username, true); + await UserUtil.UserCreate(user.Username, true, user.GID); _logger.LogDebug("Adding user '{user}' to '{group}'", user.Username, SftpUserInventoryGroup); await GroupUtil.GroupAddUser(SftpUserInventoryGroup, user.Username); } @@ -94,19 +109,6 @@ private async Task SyncUsersAndGroups() await UserUtil.UserSetId(user.Username, user.UID.Value); } - if (user.GID.HasValue) - { - var virtualGroup = $"sftp-gid-{user.GID.Value}"; - if (!await GroupUtil.GroupExists(virtualGroup)) - { - _logger.LogDebug("Creating group '{group}' with GID '{gid}'", virtualGroup, user.GID.Value); - await GroupUtil.GroupCreate(virtualGroup, true, user.GID.Value); - } - - _logger.LogDebug("Adding user '{user}' to '{group}'", user.Username, virtualGroup); - await GroupUtil.GroupAddUser(virtualGroup, user.Username); - } - var homeDir = Directory.CreateDirectory(Path.Combine(HomeBasePath, user.Username)); await ProcessUtil.QuickRun("chown", $"root:root {homeDir.FullName}"); await ProcessUtil.QuickRun("chmod", $"711 {homeDir.FullName}"); diff --git a/src/ES.SFTP/Security/UserUtil.cs b/src/ES.SFTP/Security/UserUtil.cs index ed3d637..e19b2d9 100644 --- a/src/ES.SFTP/Security/UserUtil.cs +++ b/src/ES.SFTP/Security/UserUtil.cs @@ -10,10 +10,10 @@ public static async Task UserExists(string username) return command.ExitCode == 0 && !string.IsNullOrWhiteSpace(command.Output); } - public static async Task UserCreate(string username, bool noLoginShell = false) + public static async Task UserCreate(string username, bool noLoginShell = false, int? gid = null) { await ProcessUtil.QuickRun("useradd", - $"--comment {username} {(noLoginShell ? "-s /usr/sbin/nologin" : string.Empty)} {username}"); + $"--comment {username} {(noLoginShell ? "-s /usr/sbin/nologin " : string.Empty)}{(gid.HasValue ? "-g " + gid.Value + " " : string.Empty)}{username}"); } public static async Task UserDelete(string username, bool throwOnError = true)