diff options
| author | PradeepKiruvale <pradeepkumar.kj@softwareag.com> | 2022-04-21 15:03:09 +0530 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-21 15:03:09 +0530 |
| commit | 001347fd92e0b697a01a591ae68b3316be0d9ec1 (patch) | |
| tree | 9d3555a8588d9e2cd8640658374812dd359fa0a7 /configuration/debian/tedge | |
| parent | 7033ab55c70611bec47f2aee79e38de7e88e6d58 (diff) | |
Have a single unix user used for all the thin-edge daemons (#1085)
* Closes #1031 single tedge user
Signed-off-by: Pradeep Kumar K J <pradeepkumar.kj@softwareag.com>
* Add script to upgrade tedge from 0.6
Signed-off-by: Pradeep Kumar K J <pradeepkumar.kj@softwareag.com>
Diffstat (limited to 'configuration/debian/tedge')
| -rwxr-xr-x | configuration/debian/tedge/postinst | 11 | ||||
| -rw-r--r-- | configuration/debian/tedge/postrm | 18 |
2 files changed, 12 insertions, 17 deletions
diff --git a/configuration/debian/tedge/postinst b/configuration/debian/tedge/postinst index 788fb369..21794570 100755 --- a/configuration/debian/tedge/postinst +++ b/configuration/debian/tedge/postinst @@ -2,11 +2,6 @@ set -e ### Create groups -# thin-edge.io compoments run within their own groups and users the following steps add new groups if they don't exist. -if ! getent group tedge-users >/dev/null; then - addgroup --quiet tedge-users -fi - if ! getent group tedge >/dev/null; then addgroup --quiet --system tedge fi @@ -22,11 +17,11 @@ if ! grep -q "/etc/tedge/mosquitto-conf" "/etc/mosquitto/mosquitto.conf"; then echo "include_dir /etc/tedge/mosquitto-conf" >>/etc/mosquitto/mosquitto.conf fi -### Create file in /etc/sudoers.d directory. With this configuration, all users in the group tedge-users have the right to call the tedge command with sudo rights, which is required for system-wide configuration in "/etc/tedge" -echo "%tedge-users ALL = (ALL) /usr/bin/tedge" >/etc/sudoers.d/tedge-users +### Create file in /etc/sudoers.d directory. With this configuration, the tedge user have the right to call the tedge command with sudo rights, which is required for system-wide configuration in "/etc/tedge" +echo "tedge ALL = (ALL) NOPASSWD: /usr/bin/tedge, /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge if [ -f "/etc/sudoers.d/010_pi-nopasswd" ]; then - echo "%tedge-users ALL = (ALL) NOPASSWD: /usr/bin/tedge" >/etc/sudoers.d/tedge-users-nopasswd + echo "tedge ALL = (ALL) NOPASSWD: /usr/bin/tedge, /etc/tedge/sm-plugins/[a-zA-Z0-9]*, /bin/sync, /sbin/init" >/etc/sudoers.d/tedge-nopasswd fi # Initialize the tedge diff --git a/configuration/debian/tedge/postrm b/configuration/debian/tedge/postrm index 27c334de..ab676b96 100644 --- a/configuration/debian/tedge/postrm +++ b/configuration/debian/tedge/postrm @@ -7,19 +7,19 @@ remove_user_tedge() { fi } -remove_tedge_users_group() { - if getent group tedge-users > /dev/null; then - groupdel tedge-users +remove_tedge_group() { + if getent group tedge > /dev/null; then + groupdel tedge fi } remove_sudoers_file() { - if [ -f "/etc/sudoers.d/tedge-users" ]; then - rm /etc/sudoers.d/tedge-users + if [ -f "/etc/sudoers.d/tedge" ]; then + rm /etc/sudoers.d/tedge fi - if [ -f "/etc/sudoers.d/tedge-users-nopasswd" ]; then - rm /etc/sudoers.d/tedge-users-nopasswd + if [ -f "/etc/sudoers.d/tedge-nopasswd" ]; then + rm /etc/sudoers.d/tedge-nopasswd fi } @@ -44,7 +44,7 @@ purge_var_log() { case "$1" in purge) remove_user_tedge - remove_tedge_users_group + remove_tedge_group remove_mosquitto_edit remove_sudoers_file purge_configs @@ -53,7 +53,7 @@ case "$1" in remove) remove_user_tedge - remove_tedge_users_group + remove_tedge_group remove_mosquitto_edit remove_sudoers_file ;; |