From a3002104a84c60556b6616d100cb98019e48759d Mon Sep 17 00:00:00 2001 From: Leo Prikler Date: Fri, 1 Jan 2021 12:10:01 +0100 Subject: system: Assert, that user and group names are unique. *gnu/system/shadow.scm (find-duplicates): New variable. (assert-unique-account-names, assert-unique-group-names): New variables. (account-activation): Use them here. --- gnu/system/shadow.scm | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) (limited to 'gnu/system/shadow.scm') diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm index a69339bc07..183b2cd387 100644 --- a/gnu/system/shadow.scm +++ b/gnu/system/shadow.scm @@ -20,6 +20,7 @@ ;;; along with GNU Guix. If not, see . (define-module (gnu system shadow) + #:use-module ((guix diagnostics) #:select (formatted-message)) #:use-module (guix records) #:use-module (guix gexp) #:use-module (guix store) @@ -34,6 +35,7 @@ #:use-module ((gnu packages admin) #:select (shadow)) #:use-module (gnu packages bash) + #:use-module (ice-9 match) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (srfi srfi-34) @@ -222,6 +224,46 @@ for a colorful Guile experience.\\n\\n\"))))\n")) (rename-file ".nanorc" ".config/nano/nanorc")) #t)))) +(define (find-duplicates list) + "Find duplicate entries in @var{list}. +Two entries are considered duplicates, if they are @code{equal?} to each other. +This implementation is made asymptotically faster than @code{delete-duplicates} +through the internal use of hash tables." + (let loop ((list list) + ;; We actually modify table in-place, but still allocate it here + ;; so that we only need one level of indentation. + (table (make-hash-table))) + (match list + (() + (hash-fold (lambda (key value seed) + (if (> value 1) + (cons key seed) + seed)) + '() + table)) + ((first . rest) + (hash-set! table first + (1+ (hash-ref table first 0))) + (loop rest table))))) + +(define (assert-unique-account-names users) + (match (find-duplicates (map user-account-name users)) + (() *unspecified*) + (duplicates + (raise + (formatted-message + (G_ "the following accounts appear more than once:~{ ~a~}") + duplicates))))) + +(define (assert-unique-group-names groups) + (match (find-duplicates (map user-group-name groups)) + (() *unspecified*) + (duplicates + (raise + (formatted-message + (G_ "the following groups appear more than once:~{ ~a~}") + duplicates))))) + (define (assert-valid-users/groups users groups) "Raise an error if USERS refer to groups not listed in GROUPS." (let ((groups (list->set (map user-group-name groups)))) @@ -292,6 +334,8 @@ group." (define group-specs (map user-group->gexp groups)) + (assert-unique-account-names accounts) + (assert-unique-group-names groups) (assert-valid-users/groups accounts groups) ;; Add users and user groups. -- cgit v1.2.3 From 8488f45b6e05d646224cc2b410497ddf9864c612 Mon Sep 17 00:00:00 2001 From: Jonathan Brielmaier Date: Tue, 12 Jan 2021 22:57:22 +0100 Subject: Revert "system: Assert, that user and group names are unique." This reverts commit a3002104a84c60556b6616d100cb98019e48759d, which breaks certain system configurations like: $ guix system reconfigure config.scm guix system: error: the following groups appear more than once: lp --- gnu/system/shadow.scm | 44 -------------------------------------------- 1 file changed, 44 deletions(-) (limited to 'gnu/system/shadow.scm') diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm index 183b2cd387..a69339bc07 100644 --- a/gnu/system/shadow.scm +++ b/gnu/system/shadow.scm @@ -20,7 +20,6 @@ ;;; along with GNU Guix. If not, see . (define-module (gnu system shadow) - #:use-module ((guix diagnostics) #:select (formatted-message)) #:use-module (guix records) #:use-module (guix gexp) #:use-module (guix store) @@ -35,7 +34,6 @@ #:use-module ((gnu packages admin) #:select (shadow)) #:use-module (gnu packages bash) - #:use-module (ice-9 match) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (srfi srfi-34) @@ -224,46 +222,6 @@ for a colorful Guile experience.\\n\\n\"))))\n")) (rename-file ".nanorc" ".config/nano/nanorc")) #t)))) -(define (find-duplicates list) - "Find duplicate entries in @var{list}. -Two entries are considered duplicates, if they are @code{equal?} to each other. -This implementation is made asymptotically faster than @code{delete-duplicates} -through the internal use of hash tables." - (let loop ((list list) - ;; We actually modify table in-place, but still allocate it here - ;; so that we only need one level of indentation. - (table (make-hash-table))) - (match list - (() - (hash-fold (lambda (key value seed) - (if (> value 1) - (cons key seed) - seed)) - '() - table)) - ((first . rest) - (hash-set! table first - (1+ (hash-ref table first 0))) - (loop rest table))))) - -(define (assert-unique-account-names users) - (match (find-duplicates (map user-account-name users)) - (() *unspecified*) - (duplicates - (raise - (formatted-message - (G_ "the following accounts appear more than once:~{ ~a~}") - duplicates))))) - -(define (assert-unique-group-names groups) - (match (find-duplicates (map user-group-name groups)) - (() *unspecified*) - (duplicates - (raise - (formatted-message - (G_ "the following groups appear more than once:~{ ~a~}") - duplicates))))) - (define (assert-valid-users/groups users groups) "Raise an error if USERS refer to groups not listed in GROUPS." (let ((groups (list->set (map user-group-name groups)))) @@ -334,8 +292,6 @@ group." (define group-specs (map user-group->gexp groups)) - (assert-unique-account-names accounts) - (assert-unique-group-names groups) (assert-valid-users/groups accounts groups) ;; Add users and user groups. -- cgit v1.2.3 From 645a28ee97a8708598643941456ba4310fab951b Mon Sep 17 00:00:00 2001 From: Leo Prikler Date: Wed, 13 Jan 2021 00:34:48 +0100 Subject: Reapply "system: Assert, that user and group names are unique." * gnu/system/shadow.scm (assert-unique-account-names) (assert-unique-group-names): Demote formatted-message to warning. --- gnu/system/shadow.scm | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) (limited to 'gnu/system/shadow.scm') diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm index a69339bc07..47557191f8 100644 --- a/gnu/system/shadow.scm +++ b/gnu/system/shadow.scm @@ -20,6 +20,7 @@ ;;; along with GNU Guix. If not, see . (define-module (gnu system shadow) + #:use-module ((guix diagnostics) #:select (formatted-message)) #:use-module (guix records) #:use-module (guix gexp) #:use-module (guix store) @@ -34,6 +35,7 @@ #:use-module ((gnu packages admin) #:select (shadow)) #:use-module (gnu packages bash) + #:use-module (ice-9 match) #:use-module (srfi srfi-1) #:use-module (srfi srfi-26) #:use-module (srfi srfi-34) @@ -222,6 +224,44 @@ for a colorful Guile experience.\\n\\n\"))))\n")) (rename-file ".nanorc" ".config/nano/nanorc")) #t)))) +(define (find-duplicates list) + "Find duplicate entries in @var{list}. +Two entries are considered duplicates, if they are @code{equal?} to each other. +This implementation is made asymptotically faster than @code{delete-duplicates} +through the internal use of hash tables." + (let loop ((list list) + ;; We actually modify table in-place, but still allocate it here + ;; so that we only need one level of indentation. + (table (make-hash-table))) + (match list + (() + (hash-fold (lambda (key value seed) + (if (> value 1) + (cons key seed) + seed)) + '() + table)) + ((first . rest) + (hash-set! table first + (1+ (hash-ref table first 0))) + (loop rest table))))) + +(define (assert-unique-account-names users) + (match (find-duplicates (map user-account-name users)) + (() *unspecified*) + (duplicates + (warning + (G_ "the following accounts appear more than once:~{ ~a~}") + duplicates)))) + +(define (assert-unique-group-names groups) + (match (find-duplicates (map user-group-name groups)) + (() *unspecified*) + (duplicates + (warning + (G_ "the following groups appear more than once:~{ ~a~}") + duplicates)))) + (define (assert-valid-users/groups users groups) "Raise an error if USERS refer to groups not listed in GROUPS." (let ((groups (list->set (map user-group-name groups)))) @@ -292,6 +332,8 @@ group." (define group-specs (map user-group->gexp groups)) + (assert-unique-account-names accounts) + (assert-unique-group-names groups) (assert-valid-users/groups accounts groups) ;; Add users and user groups. -- cgit v1.2.3 From 239af11a69a588f109d1dcd195f9abe9940cce8c Mon Sep 17 00:00:00 2001 From: Leo Prikler Date: Thu, 14 Jan 2021 13:53:35 +0100 Subject: shadow: End duplicate warnings with new lines. The change from formatted message causes the line to no longer automatically be ended. This will need to be reverted once again, when duplicate names become hard errors. * gnu/system/shadow.scm (assert-unique-account-names) (assert-unique-group-names): End format strings in ~%. --- gnu/system/shadow.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/system/shadow.scm') diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm index 47557191f8..0538fb1a24 100644 --- a/gnu/system/shadow.scm +++ b/gnu/system/shadow.scm @@ -251,7 +251,7 @@ through the internal use of hash tables." (() *unspecified*) (duplicates (warning - (G_ "the following accounts appear more than once:~{ ~a~}") + (G_ "the following accounts appear more than once:~{ ~a~}~%") duplicates)))) (define (assert-unique-group-names groups) @@ -259,7 +259,7 @@ through the internal use of hash tables." (() *unspecified*) (duplicates (warning - (G_ "the following groups appear more than once:~{ ~a~}") + (G_ "the following groups appear more than once:~{ ~a~}~%") duplicates)))) (define (assert-valid-users/groups users groups) -- cgit v1.2.3 From 6c5112dbb32c217abf09ff8ff9bf8c47d0aea651 Mon Sep 17 00:00:00 2001 From: Leo Prikler Date: Thu, 14 Jan 2021 13:58:00 +0100 Subject: services: Do not warn, when duplicate users are eq?. * gnu/system/shadow.scm (account-activation): Delete duplicate (eq?) users and groups before transforming them to specs and asserting, that names are unique. --- gnu/system/shadow.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/system/shadow.scm') diff --git a/gnu/system/shadow.scm b/gnu/system/shadow.scm index 0538fb1a24..7c57222716 100644 --- a/gnu/system/shadow.scm +++ b/gnu/system/shadow.scm @@ -321,13 +321,13 @@ of user '~a' is undeclared") objects. Raise an error if a user account refers to a undefined group." (define accounts - (filter user-account? accounts+groups)) + (delete-duplicates (filter user-account? accounts+groups) eq?)) (define user-specs (map user-account->gexp accounts)) (define groups - (filter user-group? accounts+groups)) + (delete-duplicates (filter user-group? accounts+groups) eq?)) (define group-specs (map user-group->gexp groups)) -- cgit v1.2.3