fixes saltstack#64953 user.list_groups omits remote groups

felippeb · Oct 27, 2023 · 34f4614 · 34f4614
1 parent 8ecf20f
commit 34f4614
Showing 1 changed file with 42 additions and 4 deletions.
diff --git a/salt/utils/user.py b/salt/utils/user.py
@@ -293,12 +293,29 @@ def get_group_list(user, include_default=True):
         # Try os.getgrouplist, available in python >= 3.3
         log.trace("Trying os.getgrouplist for '%s'", user)
         try:
-            user_group_list = os.getgrouplist(user, pwd.getpwnam(user).pw_gid)
-            group_names = [
+            user_group_list = sorted(os.getgrouplist(user, pwd.getpwnam(user).pw_gid))
+            local_grall = _getgrall()
+            local_gids = sorted(lgrp.gr_gid for lgrp in local_grall)
+            max_idx = -1
+            local_max = local_gids[max_idx]
+            while local_max >= 65000:
+                max_idx -= 1
+                local_max = local_gids[max_idx]
+            user_group_list_local = [
+                lgrp for lgrp in user_group_list if lgrp <= local_max
+            ]
+            user_group_list_remote = [
+                rgrp for rgrp in user_group_list if rgrp > local_max
+            ]
+            local_group_names = [
                 _group.gr_name
-                for _group in grp.getgrall()
-                if _group.gr_gid in user_group_list
+                for _group in local_grall
+                if _group.gr_gid in user_group_list_local
             ]
+            remote_group_names = [
+                grp.getgrgid(group_id).gr_name for group_id in user_group_list_remote
+            ]
+            group_names = local_group_names + remote_group_names
         except Exception:  # pylint: disable=broad-except
             pass
     elif HAS_PYSSS:
@@ -385,3 +402,24 @@ def get_gid(group=None):
             return grp.getgrnam(group).gr_gid
         except KeyError:
             return None
+
+
+def _getgrall(root=None):
+    """
+    Alternative implemetantion for getgrall, that uses only /etc/group
+    """
+    ret = []
+    root = "/" if not root else root
+    etc_group = os.path.join(root, "etc/group")
+    with salt.utils.files.fopen(etc_group) as fp_:
+        for line in fp_:
+            line = salt.utils.stringutils.to_unicode(line)
+            comps = line.strip().split(":")
+            # Generate a getgrall compatible output
+            comps[2] = int(comps[2])
+            if comps[3]:
+                comps[3] = [mem.strip() for mem in comps[3].split(",")]
+            else:
+                comps[3] = []
+            ret.append(grp.struct_group(comps))
+    return ret