[ARVADOS] updated: b8a53fdbe406c1c46ba39facccec63c5055001bf

Git user git at public.curoverse.com
Fri Oct 21 07:12:05 EDT 2016 

Summary of changes:
 services/login-sync/bin/arvados-login-sync | 19 +++++++++++++++++--
 1 file changed, 17 insertions(+), 2 deletions(-)

       via  b8a53fdbe406c1c46ba39facccec63c5055001bf (commit)
      from  54a8c91cda42a5be9fa0f532605e3bc3262b240a (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit b8a53fdbe406c1c46ba39facccec63c5055001bf
Author: Nico Cesar <nico at curoverse.com>
Date:   Fri Oct 21 07:10:22 2016 -0400

    10232: --dont-create-user flag and sanity check for non-existing users
    
    refs #10232

diff --git a/services/login-sync/bin/arvados-login-sync b/services/login-sync/bin/arvados-login-sync
index 720c636..46e85bc 100755
--- a/services/login-sync/bin/arvados-login-sync
+++ b/services/login-sync/bin/arvados-login-sync
@@ -21,6 +21,10 @@ exclusive_banner = "############################################################
 start_banner = "### BEGIN Arvados-managed keys -- changes between markers will be overwritten\n"
 end_banner = "### END Arvados-managed keys -- changes between markers will be overwritten\n"
 
+# some LDAP systems have already the user there
+# use this falg
+dont_create_user = ARGV.index("--dont-create-user")
+
 keys = ''
 
 seen = Hash.new
@@ -76,7 +80,7 @@ begin
     next if seen[l[:username]]
     seen[l[:username]] = true if not seen.has_key?(l[:username])
 
-    unless uids[l[:username]]
+    unless uids[l[:username]] and not dont_create_user
       STDERR.puts "Creating account #{l[:username]}"
       groups = l[:groups] || []
       # Adding users to the FUSE group has long been hardcoded behavior.
@@ -90,7 +94,18 @@ begin
                          l[:username],
                          out: devnull)
     end
-    # Create .ssh directory if necessary
+
+    # If after all this effort isn't listed using Etc.getpwnam()
+    # this means that wont be available in the system
+    # some LDAP configurations will need this
+    begin
+      # Create .ssh directory if necessary
+      Etc.getpwnam(l[:username])
+    rescue ArgumentError
+      STDERR.puts "Account #{l[:username]} not found. Skipping"
+      next
+    end
+      
     @homedir = Etc.getpwnam(l[:username]).dir
     userdotssh = File.join(@homedir, ".ssh")
     Dir.mkdir(userdotssh) if !File.exists?(userdotssh)

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list