bug#54666: Installation without non-root user accounts

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

* bug#54666: Installation without non-root user accounts
@ 2022-04-01 10:31 Ludovic Courtès
  2022-04-04 15:18 ` Mathieu Othacehe
  0 siblings, 1 reply; 4+ messages in thread
From: Ludovic Courtès @ 2022-04-01 10:31 UTC (permalink / raw)
  To: 54666; +Cc: Mathieu Othacehe

Hello!

Using the installer, it’s possible to create a system config without any
non-root user accounts.  That’s a problem because then users end up
creating their account manually with ‘useradd’, which gets things wrong,
and things go awry.

To reproduce the issue, in the user page of the installer, add an
account for user “root”.  That’s enough to fool this check:

     (when (null? users)
       (run-error-page (G_ "Please create at least one user.")
                       (G_ "No user"))
       (run users))

This “root” account is then ignored:

  (define (users->configuration users)
    ;; …
    `((users (cons*
              ,@(filter-map (lambda (user)
                              ;; Do not emit a 'user-account' form for "root".
                              (and (not (string=? (user-name user) "root"))
                                   (user->sexp user)))
                            users)
              %base-user-accounts))))

… and that’s how you end up with a config without normal user accounts.

To address that, maybe ‘run-user-add-page’ should explicitly reject
“root”?

Ludo’.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* bug#54666: Installation without non-root user accounts
  2022-04-01 10:31 bug#54666: Installation without non-root user accounts Ludovic Courtès
@ 2022-04-04 15:18 ` Mathieu Othacehe
  2022-04-05  7:44   ` Ludovic Courtès
  0 siblings, 1 reply; 4+ messages in thread
From: Mathieu Othacehe @ 2022-04-04 15:18 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 54666

[-- Attachment #1: Type: text/plain, Size: 182 bytes --]


Hey Ludo,

> To address that, maybe ‘run-user-add-page’ should explicitly reject
> “root”?

Here are two patches that should fix this issue :).

Thanks,

Mathieu

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-installer-user-Forbid-root-user-creation.patch --]
[-- Type: text/x-patch, Size: 4019 bytes --]

From 829c3c2543ffd7f9b22a5e1fb40f7627b2c76414 Mon Sep 17 00:00:00 2001
From: Mathieu Othacehe <othacehe@gnu.org>
Date: Mon, 4 Apr 2022 16:36:07 +0200
Subject: [PATCH 1/2] installer: user: Forbid root user creation.

Forbid root user creation as it could lead to a system without any
non-priviledged user accouts.

Fixes: <https://issues.guix.gnu.org/54666>.

* gnu/installer/newt/user.scm (run-user-add-page): Forbid it.
---
 gnu/installer/newt/user.scm | 51 ++++++++++++++++++++++++-------------
 1 file changed, 33 insertions(+), 18 deletions(-)

diff --git a/gnu/installer/newt/user.scm b/gnu/installer/newt/user.scm
index 7c1cc2249d..98b1f5ae9a 100644
--- a/gnu/installer/newt/user.scm
+++ b/gnu/installer/newt/user.scm
@@ -40,6 +40,9 @@ (define* (run-user-add-page #:key (name "") (real-name "")
   (define (pad-label label)
     (string-pad-right label 25))
 
+  (define (root-account? name)
+    (string=? name "root"))
+
   (let* ((label-name
           (make-label -1 -1 (pad-label (G_ "Name"))))
          (label-real-name
@@ -116,10 +119,14 @@ (define (pad-label label)
                                GRID-ELEMENT-SUBGRID button-grid)
                               title)
 
-    (let ((error-page
+    (let ((error-empty-field-page
            (lambda ()
              (run-error-page (G_ "Empty inputs are not allowed.")
-                             (G_ "Empty input")))))
+                             (G_ "Empty input"))))
+          (error-root-page
+           (lambda ()
+             (run-error-page (G_ "Root account is automatically created.")
+                             (G_ "Root account")))))
       (receive (exit-reason argument)
           (run-form form)
         (dynamic-wind
@@ -132,22 +139,30 @@ (define (pad-label label)
                       (real-name      (entry-value entry-real-name))
                       (home-directory (entry-value entry-home-directory))
                       (password       (entry-value entry-password)))
-                  (if (or (string=? name "")
-                          (string=? home-directory ""))
-                      (begin
-                        (error-page)
-                        (run-user-add-page))
-                      (let ((password (confirm-password password)))
-                        (if password
-                            (user
-                             (name name)
-                             (real-name real-name)
-                             (home-directory home-directory)
-                             (password (make-secret password)))
-                            (run-user-add-page #:name name
-                                               #:real-name real-name
-                                               #:home-directory
-                                               home-directory)))))))))
+                  (cond
+                   ;; Empty field.
+                   ((or (string=? name "")
+                        (string=? home-directory ""))
+                    (begin
+                      (error-empty-field-page)
+                      (run-user-add-page)))
+                   ;; Reject root account.
+                   ((root-account? name)
+                    (begin
+                      (error-root-page)
+                      (run-user-add-page)))
+                   (else
+                    (let ((password (confirm-password password)))
+                      (if password
+                          (user
+                           (name name)
+                           (real-name real-name)
+                           (home-directory home-directory)
+                           (password (make-secret password)))
+                          (run-user-add-page #:name name
+                                             #:real-name real-name
+                                             #:home-directory
+                                             home-directory))))))))))
           (lambda ()
             (destroy-form-and-pop form)))))))
 
-- 
2.34.0


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #3: 0002-installer-user-Remove-useless-filtering.patch --]
[-- Type: text/x-patch, Size: 1185 bytes --]

From cc32729700caa4b76d112b561a09dd0ff3ada768 Mon Sep 17 00:00:00 2001
From: Mathieu Othacehe <othacehe@gnu.org>
Date: Mon, 4 Apr 2022 16:38:09 +0200
Subject: [PATCH 2/2] installer: user: Remove useless filtering.

* gnu/installer/user.scm (users->configuration): Remove root account filtering
that is now performed in the "run-user-add-page" procedure.
---
 gnu/installer/user.scm | 9 ++-------
 1 file changed, 2 insertions(+), 7 deletions(-)

diff --git a/gnu/installer/user.scm b/gnu/installer/user.scm
index c894a91dc8..b042c9790d 100644
--- a/gnu/installer/user.scm
+++ b/gnu/installer/user.scm
@@ -69,10 +69,5 @@ (define (user->sexp user)
       (supplementary-groups '("wheel" "netdev"
                               "audio" "video"))))
 
-  `((users (cons*
-            ,@(filter-map (lambda (user)
-                            ;; Do not emit a 'user-account' form for "root".
-                            (and (not (string=? (user-name user) "root"))
-                                 (user->sexp user)))
-                          users)
-            %base-user-accounts))))
+  `((users (cons* ,@(map user->sexp users)
+                  %base-user-accounts))))
-- 
2.34.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* bug#54666: Installation without non-root user accounts
  2022-04-04 15:18 ` Mathieu Othacehe
@ 2022-04-05  7:44   ` Ludovic Courtès
  2022-04-06 19:20     ` Mathieu Othacehe
  0 siblings, 1 reply; 4+ messages in thread
From: Ludovic Courtès @ 2022-04-05  7:44 UTC (permalink / raw)
  To: Mathieu Othacehe; +Cc: 54666

Hello!

Mathieu Othacehe <othacehe@gnu.org> skribis:

> From 829c3c2543ffd7f9b22a5e1fb40f7627b2c76414 Mon Sep 17 00:00:00 2001
> From: Mathieu Othacehe <othacehe@gnu.org>
> Date: Mon, 4 Apr 2022 16:36:07 +0200
> Subject: [PATCH 1/2] installer: user: Forbid root user creation.
>
> Forbid root user creation as it could lead to a system without any
> non-priviledged user accouts.
>
> Fixes: <https://issues.guix.gnu.org/54666>.
>
> * gnu/installer/newt/user.scm (run-user-add-page): Forbid it.

[...]

> +                  (cond
> +                   ;; Empty field.
> +                   ((or (string=? name "")
> +                        (string=? home-directory ""))
> +                    (begin
> +                      (error-empty-field-page)
> +                      (run-user-add-page)))
> +                   ;; Reject root account.
> +                   ((root-account? name)
> +                    (begin
> +                      (error-root-page)
> +                      (run-user-add-page)))

Nitpick: you can omit ‘begin’ here.

> From cc32729700caa4b76d112b561a09dd0ff3ada768 Mon Sep 17 00:00:00 2001
> From: Mathieu Othacehe <othacehe@gnu.org>
> Date: Mon, 4 Apr 2022 16:38:09 +0200
> Subject: [PATCH 2/2] installer: user: Remove useless filtering.
>
> * gnu/installer/user.scm (users->configuration): Remove root account filtering
> that is now performed in the "run-user-add-page" procedure.

LGTM, thanks for the quick fix!

Ludo’.




^ permalink raw reply	[flat|nested] 4+ messages in thread

* bug#54666: Installation without non-root user accounts
  2022-04-05  7:44   ` Ludovic Courtès
@ 2022-04-06 19:20     ` Mathieu Othacehe
  0 siblings, 0 replies; 4+ messages in thread
From: Mathieu Othacehe @ 2022-04-06 19:20 UTC (permalink / raw)
  To: Ludovic Courtès; +Cc: 54666-done


Hey!

> Nitpick: you can omit ‘begin’ here.

Fixed it before pushing, thanks for having a look.

Mathieu




^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-04-06 19:22 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-04-01 10:31 bug#54666: Installation without non-root user accounts Ludovic Courtès
2022-04-04 15:18 ` Mathieu Othacehe
2022-04-05  7:44   ` Ludovic Courtès
2022-04-06 19:20     ` Mathieu Othacehe

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.