operations/server.user: fix user addition/modification operations for FreeBSD

Author: jgelens

pyinfra/facts/server.py

@@ -526,10 +526,10 @@ def command(self):
         for i in `cat /etc/passwd | cut -d: -f1`; do
             ENTRY=`grep ^$i: /etc/passwd`;
             LASTLOG=`(((lastlog -u $i || lastlogin $i) 2> /dev/null) | grep ^$i | tr -s ' ')`;
-            PASSWORD=`grep ^$i: /etc/shadow | cut -d: -f2`;
+            PASSWORD=`(grep ^$i: /etc/shadow || grep ^$i: /etc/master.passwd) 2> /dev/null | cut -d: -f2`;
             echo "$ENTRY|`id -gn $i`|`id -Gn $i`|$LASTLOG|$PASSWORD";
         done
-    """.strip()
+    """.strip() # noqa
 
     default = dict
 

pyinfra/operations/server.py

@@ -899,22 +899,29 @@ def user(
 
         if create_home:
             args.append("-m")
-        else:
+        elif os_type != "FreeBSD":
             args.append("-M")
 
-        if password:
+        if password and os_type != "FreeBSD":
             args.append("-p '{0}'".format(password))
 
         # Users are often added by other operations (package installs), so check
         # for the user at runtime before adding.
         add_user_command = "useradd"
+
         if os_type == "FreeBSD":
             add_user_command = "pw useradd"
-            yield "{0} -n {2} {1}".format(
-                add_user_command,
-                " ".join(args),
-                user,
-            )
+
+            if password:
+                yield "echo '{3}' | {0} -n {2} -H 0 {1}".format(
+                    add_user_command, " ".join(args), user, password
+                )
+            else:
+                yield "{0} -n {2} {1}".format(
+                    add_user_command,
+                    " ".join(args),
+                    user,
+                )
         else:
             yield "{0} {1} {2}".format(
                 add_user_command,
@@ -951,7 +958,10 @@ def user(
             args.append("-c '{0}'".format(comment))
 
         if password and existing_user["password"] != password:
-            args.append("-p '{0}'".format(password))
+            if os_type == "FreeBSD":
+                yield "echo '{0}' | pw usermod -n {1} -H 0".format(password, user)
+            else:
+                args.append("-p '{0}'".format(password))
 
         # Need to mod the user?
         if args:

tests/facts/server.Users/mixed.json

@@ -8,7 +8,7 @@
         "freebsd:*:1001:1001:FreeBSD:/home/freebsd:/bin/sh|freebsd|freebsd|freebsd pts/0 10.1.10.10 Thu Aug 31 05:37:58 2023|$bsdpw$",
         "freebsdnologin:*:1001:1001:FreeBSD NoLogin:/home/freebsdnologin:/bin/sh|freebsdnologin|freebsdnologin||"
     ],
-    "command": "for i in `cat /etc/passwd | cut -d: -f1`; do\n            ENTRY=`grep ^$i: /etc/passwd`;\n            LASTLOG=`(((lastlog -u $i || lastlogin $i) 2> /dev/null) | grep ^$i | tr -s ' ')`;\n            PASSWORD=`grep ^$i: /etc/shadow | cut -d: -f2`;\n            echo \"$ENTRY|`id -gn $i`|`id -Gn $i`|$LASTLOG|$PASSWORD\";\n        done",
+    "command": "for i in `cat /etc/passwd | cut -d: -f1`; do\n            ENTRY=`grep ^$i: /etc/passwd`;\n            LASTLOG=`(((lastlog -u $i || lastlogin $i) 2> /dev/null) | grep ^$i | tr -s ' ')`;\n            PASSWORD=`(grep ^$i: /etc/shadow || grep ^$i: /etc/master.passwd) 2> /dev/null | cut -d: -f2`;\n            echo \"$ENTRY|`id -gn $i`|`id -Gn $i`|$LASTLOG|$PASSWORD\";\n        done",
     "fact": {
         "root": {
             "home": "/root",

tests/operations/server.user/add.freebsd.json

@@ -0,0 +1,27 @@
+{
+    "args": ["someuser"],
+    "kwargs": {
+        "home": "homedir",
+        "shell": "shellbin",
+        "group": "mygroup",
+        "groups": ["secondary_group", "another"],
+        "uid" : 1000,
+        "system": true,
+        "comment": "Full Name",
+        "create_home": true,
+        "password": "$somecryptedpassword$"
+    },
+    "facts": {
+        "server.Os": "FreeBSD",
+        "server.Users": {},
+        "server.Groups": {},
+        "files.Directory": {
+            "path=homedir": null
+        }
+    },
+    "commands": [
+        "echo '$somecryptedpassword$' | pw useradd -n someuser -H 0 -d homedir -s shellbin -g mygroup -G secondary_group,another -u 1000 -c 'Full Name' -m",
+        "mkdir -p homedir",
+        "chown someuser:mygroup homedir"
+    ]
+}

tests/operations/server.user/add.json

@@ -18,7 +18,6 @@
         "files.Directory": {
             "path=homedir": null
         },
-        "server.Os": "Linux"
     },
     "commands": [
         "useradd -d homedir -s shellbin -g mygroup -G secondary_group,another -r --uid 1000 -c 'Full Name' -m -p '$somecryptedpassword$' someuser",

tests/operations/server.user/add_group_exists.freebsd.json

@@ -0,0 +1,18 @@
+{
+    "args": ["someuser"],
+    "facts": {
+        "server.Users": {},
+        "server.Groups": [
+            "someuser"
+        ],
+        "files.Directory": {
+            "path=/home/someuser": null
+        },
+        "server.Os": "FreeBSD"
+    },
+    "commands": [
+        "pw useradd -n someuser -d /home/someuser -g someuser",
+        "mkdir -p /home/someuser",
+        "chown someuser:someuser /home/someuser"
+    ]
+}

tests/operations/server.user/add_home_is_link.freebsd.json

@@ -0,0 +1,20 @@
+{
+    "args": ["someuser"],
+    "kwargs": {
+        "home": "homedir"
+    },
+    "facts": {
+        "server.Os": "FreeBSD",
+        "server.Users": {},
+        "server.Groups": {},
+        "files.Directory": {
+            "path=homedir": false
+        },
+        "files.Link": {
+            "path=homedir": true
+        }
+    },
+    "commands": [
+        "pw useradd -n someuser -d homedir"
+    ]
+}

tests/operations/server.user/add_non_unique.freebsd.json

@@ -0,0 +1,15 @@
+{
+    "args": ["someuser"],
+    "kwargs": {
+        "unique": false,
+        "ensure_home": false
+    },
+    "facts": {
+        "server.Os": "FreeBSD",
+        "server.Users": {},
+        "server.Groups": {}
+    },
+    "commands": [
+        "pw useradd -n someuser -d /home/someuser -o"
+    ]
+}

tests/operations/server.user/append_secondary_groups.freebsd.json

@@ -0,0 +1,36 @@
+{
+    "args": ["someuser"],
+    "kwargs": {
+        "group": "somegroup",
+        "groups": [
+            "group3", "group4"
+        ],
+        "append": true
+    },
+    "facts": {
+        "server.Os": "FreeBSD",
+        "server.Users": {
+            "someuser": {
+                "home": "/home/someuser",
+                "group": "somegroup",
+                "groups": [
+                    "group1", "group2"
+                ]
+            }
+        },
+        "files.Directory": {
+            "path=/home/someuser": {
+                "user": "someuser",
+                "group": "somegroup"
+            },
+            "path=/home/someotheruser": {
+                "user": "someuser",
+                "group": "somegroup"
+            }
+        },
+        "server.Groups": {}
+    },
+    "commands": [
+        "pw usermod -n someuser -a -G group3,group4"
+    ]
+}

tests/operations/server.user/edit.freebsd.json

@@ -0,0 +1,39 @@
+{
+    "args": ["someuser"],
+    "kwargs": {
+        "shell": "/bin/false",
+        "group": "somegroup",
+        "groups": ["group1", "group2", "group3"],
+        "home": "/home/someotheruser",
+        "comment": "New Full Name"
+    },
+    "facts": {
+        "server.Os": "FreeBSD",
+        "server.Users": {
+            "someuser": {
+                "comment": "Full Name",
+                "home": "/home/someuser",
+                "shell": "/bin/bash",
+                "group": "nowt",
+                "groups": [
+                    "group1", "group2"
+                ],
+                "password": "$somepw$"
+            }
+        },
+        "files.Directory": {
+            "path=/home/someuser": {
+                "user": "someuser",
+                "group": "somegroup"
+            },
+            "path=/home/someotheruser": {
+                "user": "someuser",
+                "group": "somegroup"
+            }
+        },
+        "server.Groups": {}
+    },
+    "commands": [
+        "pw usermod -n someuser -d /home/someotheruser -s /bin/false -g somegroup -G group1,group2,group3 -c 'New Full Name'"
+    ]
+}