Restore UID in user.

Signed-off-by: Itxaka <[email protected]>
mudler · Oct 21, 2024 · 39b577e · 39b577e
1 parent c765897
commit 39b577e
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 21 deletions.
diff --git a/pkg/plugins/user.go b/pkg/plugins/user.go
@@ -107,32 +107,39 @@ func createUser(fs vfs.FS, u schema.User, console Console) error {
 	}
 
 	uid := -1
-	list := users.NewUserList()
-	list.SetPath(etcpasswd)
-	list.Load()
-	user := list.Get(u.Name)
-
-	if user != nil {
-		uid, err = user.UID()
-		if err != nil {
-			return errors.Wrap(err, "could not get user id")
-		}
+
+	// If UID is specified just put it there. No matter whats in the system or the collisions. Good luck.
+	if u.UID != "" {
+		uid, err = strconv.Atoi(u.UID)
 	} else {
-		// Try to see if the user was created previously with a given UID by checking for an existing home dir
-		userDir, err := os.Stat(u.Homedir)
-		if err == nil {
-			if stat, ok := userDir.Sys().(*syscall.Stat_t); ok {
-				uid = int(stat.Uid)
+		// Try to get the existing UID in the system
+		list := users.NewUserList()
+		list.SetPath(etcpasswd)
+		list.Load()
+		user := list.Get(u.Name)
+		if user != nil {
+			uid, err = user.UID()
+			if err != nil {
+				return errors.Wrap(err, "could not get user id")
 			}
 		} else {
-			// Now generate one if we havent been able to pick the existing one
-			// https://systemd.io/UIDS-GIDS/#special-distribution-uid-ranges
-			uid, err = list.GenerateUIDInRange(entities.HumanIDMin, entities.HumanIDMax)
-			if err != nil {
-				return errors.Wrap(err, "no available uid")
+			// Try to see if the user was created previously with a given UID by checking for an existing home dir
+			userDir, err := os.Stat(u.Homedir)
+			if err == nil {
+				if stat, ok := userDir.Sys().(*syscall.Stat_t); ok {
+					uid = int(stat.Uid)
+				}
+			} else {
+				// Now generate one if we havent been able to pick the existing one
+				// https://systemd.io/UIDS-GIDS/#special-distribution-uid-ranges
+				uid, err = list.GenerateUIDInRange(entities.HumanIDMin, entities.HumanIDMax)
+				if err != nil {
+					return errors.Wrap(err, "no available uid")
+				}
 			}
 		}
 	}
+
 	if uid == -1 {
 		return errors.New("could not set uid for user")
 	}

diff --git a/pkg/plugins/user_test.go b/pkg/plugins/user_test.go
@@ -183,6 +183,7 @@ last:x:999:999:Test user for uid:/:/usr/bin/nologin
 				Users: map[string]schema.User{"foo": {
 					PasswordHash: `$fkekofe`,
 					LockPasswd:   true,
+					UID:          "5000",
 					Homedir:      "/run/foo",
 					Shell:        "/bin/bash",
 				}},
@@ -212,7 +213,7 @@ last:x:999:999:Test user for uid:/:/usr/bin/nologin
 			Expect(foo.HomeDir()).To(Equal("/run/foo"))
 			Expect(foo.Shell()).To(Equal("/bin/bash"))
 			Expect(foo.Password()).To(Equal("x"))
-			Expect(foo.UID()).To(Equal(1000))
+			Expect(foo.UID()).To(Equal(5000))
 
 		})
 

diff --git a/pkg/schema/schema.go b/pkg/schema/schema.go
@@ -98,6 +98,7 @@ type User struct {
 	NoLogInit         bool     `yaml:"no_log_init,omitempty"`
 	Shell             string   `yaml:"shell,omitempty"`
 	LockPasswd        bool     `yaml:"lock_passwd,omitempty"`
+	UID               string   `yaml:"uid,omitempty"`
 }
 
 func (u User) Exists() bool {

diff --git a/pkg/schema/schema_test.go b/pkg/schema/schema_test.go
@@ -94,6 +94,7 @@ stages:
 users:
 - name: "bar"
   passwd: "foo"
+  uid: "1002"
   lock_passwd: true
   groups:
   - sudo
@@ -113,6 +114,7 @@ write_files:
 `)
 			Expect(len(yipConfig.Stages)).To(Equal(3))
 			Expect(yipConfig.Stages["boot"][0].Users["bar"].PasswordHash).To(Equal("foo"))
+			Expect(yipConfig.Stages["boot"][0].Users["bar"].UID).To(Equal("1002"))
 			Expect(yipConfig.Stages["boot"][0].SSHKeys).To(Equal(map[string][]string{"bar": {"faaapploo", "asdd"}}))
 			Expect(yipConfig.Stages["boot"][0].Files[0].Path).To(Equal("/foo/bar"))
 			Expect(yipConfig.Stages["boot"][0].Files[0].Permissions).To(Equal(uint32(0644)))