Fix test
This commit is contained in:
60
main.go
60
main.go
@@ -608,32 +608,66 @@ func linuxExpiryForAccount(expiresAt time.Time) time.Time {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func runUserAdd(args []string) error {
|
func runUserAdd(args []string) error {
|
||||||
out, err := exec.Command("useradd", args...).CombinedOutput()
|
username := ""
|
||||||
|
if len(args) > 0 {
|
||||||
|
username = args[len(args)-1]
|
||||||
|
}
|
||||||
|
|
||||||
|
attempts := [][]string{}
|
||||||
|
// DragonCore test usernames are intentionally short and can start with digits
|
||||||
|
// like 820etl/897blb. Several distros reject those unless --badname is passed.
|
||||||
|
// Try the permissive flags first for numeric-start names, then fall back to the
|
||||||
|
// plain useradd call for distros that do not support those options.
|
||||||
|
if username != "" && username[0] >= '0' && username[0] <= '9' {
|
||||||
|
attempts = append(attempts,
|
||||||
|
append([]string{"--badname"}, args...),
|
||||||
|
append([]string{"--force-badname"}, args...),
|
||||||
|
)
|
||||||
|
}
|
||||||
|
attempts = append(attempts, args)
|
||||||
|
|
||||||
|
var firstErr error
|
||||||
|
var firstOut string
|
||||||
|
var lastErr error
|
||||||
|
var lastOut string
|
||||||
|
for _, tryArgs := range attempts {
|
||||||
|
out, err := exec.Command("useradd", tryArgs...).CombinedOutput()
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
firstErr := fmt.Errorf("useradd: %v: %s", err, strings.TrimSpace(string(out)))
|
if firstErr == nil {
|
||||||
text := strings.ToLower(string(out))
|
firstErr = err
|
||||||
|
firstOut = strings.TrimSpace(string(out))
|
||||||
|
}
|
||||||
|
lastErr = err
|
||||||
|
lastOut = strings.TrimSpace(string(out))
|
||||||
|
}
|
||||||
|
|
||||||
|
// If the plain call failed because of username policy, retry permissive flags
|
||||||
|
// even for non-numeric names. This keeps compatibility with strict distros.
|
||||||
|
if firstErr != nil && len(attempts) == 1 {
|
||||||
|
text := strings.ToLower(firstOut)
|
||||||
nameRejected := strings.Contains(text, "invalid user name") ||
|
nameRejected := strings.Contains(text, "invalid user name") ||
|
||||||
strings.Contains(text, "invalid username") ||
|
strings.Contains(text, "invalid username") ||
|
||||||
strings.Contains(text, "bad name") ||
|
strings.Contains(text, "bad name") ||
|
||||||
strings.Contains(text, "does not match")
|
strings.Contains(text, "does not match")
|
||||||
if !nameRejected {
|
if nameRejected {
|
||||||
return firstErr
|
|
||||||
}
|
|
||||||
|
|
||||||
// DragonCore test usernames can start with numbers, for example 820etl.
|
|
||||||
// Some Linux distributions reject those by default. Debian/Ubuntu shadow-utils
|
|
||||||
// accept --badname; a few adduser wrappers use --force-badname. Try both as a
|
|
||||||
// compatibility fallback, keeping the same password, shell and expiry args.
|
|
||||||
for _, opt := range []string{"--badname", "--force-badname"} {
|
for _, opt := range []string{"--badname", "--force-badname"} {
|
||||||
retryArgs := append([]string{opt}, args...)
|
retryArgs := append([]string{opt}, args...)
|
||||||
out, err = exec.Command("useradd", retryArgs...).CombinedOutput()
|
out, err := exec.Command("useradd", retryArgs...).CombinedOutput()
|
||||||
if err == nil {
|
if err == nil {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
lastErr = err
|
||||||
|
lastOut = strings.TrimSpace(string(out))
|
||||||
}
|
}
|
||||||
return firstErr
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if lastErr != nil {
|
||||||
|
return fmt.Errorf("useradd: %v: %s", lastErr, lastOut)
|
||||||
|
}
|
||||||
|
return fmt.Errorf("useradd failed: %v: %s", firstErr, firstOut)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *App) deleteSSH(username, uuid string) error {
|
func (a *App) deleteSSH(username, uuid string) error {
|
||||||
|
|||||||
Reference in New Issue
Block a user