Revision 596be3bb
Added by Alexis Mousset over 7 years ago
ncf-api-virtualenv/SPECS/ncf-api-virtualenv.spec | ||
---|---|---|
# Create the package user
|
||
if ! getent passwd %{user_name} >/dev/null; then
|
||
echo -n "INFO: Creating the %{user_name} user..."
|
||
useradd -r -d /var/lib/%{user_name} -c "ncf API,,," %{user_name} >/dev/null 2>&1
|
||
useradd -r -s /bin/false -d /var/lib/%{user_name} -c "ncf API,,," %{user_name} >/dev/null 2>&1
|
||
echo " Done"
|
||
fi
|
||
|
||
# Ensure setting the shell to /bin/false in migrations
|
||
if ! getent passwd %{user_name} | cut -d: -f7 | grep -qE "^/bin/false$"; then
|
||
usermod -s /bin/false %{user_name}
|
||
fi
|
||
|
||
|
||
#=================================================
|
||
# Installation
|
ncf-api-virtualenv/debian/postinst | ||
---|---|---|
# Create the package user
|
||
if ! getent passwd ncf-api-venv >/dev/null; then
|
||
echo -n "INFO: Creating the ncf-api-venv user..."
|
||
useradd -r -m -d /var/lib/ncf-api-venv -c "ncf API,,," ncf-api-venv >/dev/null 2>&1
|
||
useradd -r -m -s /bin/false -d /var/lib/ncf-api-venv -c "ncf API,,," ncf-api-venv >/dev/null 2>&1
|
||
echo " Done"
|
||
fi
|
||
|
||
# Ensure setting the shell to /bin/false in migrations
|
||
if ! getent passwd ncf-api-venv | cut -d: -f7 | grep -qE "^/bin/false$"; then
|
||
usermod -s /bin/false ncf-api-venv
|
||
fi
|
||
|
||
# Enable mod_wsgi in apache
|
||
a2enmod wsgi >/dev/null 2>&1
|
||
|
Also available in: Unified diff
Fixes #9993: ncf-api-venv user should not have access to a shell