integ: Convert wrsroot -> sysadmin

This also changes the group wrs_protected to sys_protected to de-brand the user and group names. Depends-On: I887464a20fc17d66529caea03be2b445156f9426 Change-Id: Ic2ea06d3ac15c31854a604af5f4cecf9094fcaea Story: 2004716 Task: 28748 Signed-off-by: Saul Wold <sgw@linux.intel.com>
2019-05-09 12:58:20 -07:00 · 2019-05-09 12:58:20 -07:00 · 2bd5399bdc
commit 2bd5399bdc
parent 39c99f7b7c
5 changed files with 29 additions and 30 deletions
--- a/sudo-config/centos/build_srpm.data
+++ b/sudo-config/centos/build_srpm.data
@ -1,2 +1,2 @@
 COPY_LIST="files/*"
-TIS_PATCH_VER=0
+TIS_PATCH_VER=1
--- a/sudo-config/centos/sudo-config.spec
+++ b/sudo-config/centos/sudo-config.spec
@ -12,26 +12,25 @@ Group: base
 Packager: StarlingX
 URL: unknown

-Source0: wrs.sudo
+Source0: sysadmin.sudo
 Source1: LICENSE

-%define WRSROOT_P cBglipPpsKwBQ
+%define SYSADMIN_P 4SuW8cnXFyxsk

 %description
 StarlingX sudo configuration file

 %install
 install -d %{buildroot}/%{_sysconfdir}/sudoers.d
-install -m 440 %{SOURCE0}  %{buildroot}/%{_sysconfdir}/sudoers.d/wrs
+install -m 440 %{SOURCE0}  %{buildroot}/%{_sysconfdir}/sudoers.d/sysadmin

 %pre
-getent group wrs >/dev/null || groupadd -r wrs
-getent group wrs_protected >/dev/null || groupadd -f -g 345 wrs_protected
-getent passwd wrsroot > /dev/null || \
-useradd -m -g wrs -G root,wrs_protected \
-    -d /home/wrsroot -p %{WRSROOT_P} \
-    -s /bin/sh wrsroot 2> /dev/null || :
+getent group sys_protected >/dev/null || groupadd -f -g 345 sys_protected
+getent passwd sysadmin > /dev/null || \
+useradd -m -g sys_protected -G root \
+    -d /home/sysadmin -p %{SYSADMIN_P} \
+    -s /bin/sh sysadmin 2> /dev/null || :

 %files
 %license ../SOURCES/LICENSE
-%config(noreplace) %{_sysconfdir}/sudoers.d/wrs
+%config(noreplace) %{_sysconfdir}/sudoers.d/sysadmin
--- a/sudo-config/files/sysadmin.sudo
+++ b/sudo-config/files/sysadmin.sudo
@ -0,0 +1,12 @@
+##
+## User privilege specification
+##
+sysadmin ALL=(ALL) ALL
+sysadmin ALL=(root) NOPASSWD: /usr/bin/config_controller
+sysadmin ALL=(root) NOPASSWD: /usr/bin/config_region
+sysadmin ALL=(root) NOPASSWD: /usr/bin/config_subcloud
+sysadmin ALL=(root) NOPASSWD: /usr/bin/config_management
+sysadmin ALL=(root) NOPASSWD: /usr/local/sbin/collect
+
+Defaults lecture=never, secure_path=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
+Defaults passprompt="Password: "
--- a/sudo-config/files/wrs.sudo
+++ b/sudo-config/files/wrs.sudo
@ -1,12 +0,0 @@
-##
-## User privilege specification
-##
-wrsroot ALL=(ALL) ALL
-wrsroot ALL=(root) NOPASSWD: /usr/bin/config_controller
-wrsroot ALL=(root) NOPASSWD: /usr/bin/config_region
-wrsroot ALL=(root) NOPASSWD: /usr/bin/config_subcloud
-wrsroot ALL=(root) NOPASSWD: /usr/bin/config_management
-wrsroot ALL=(root) NOPASSWD: /usr/local/sbin/collect
-
-Defaults lecture=never, secure_path=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
-Defaults passprompt="Password: "
--- a/systemd-config/files/systemd.conf.tmpfiles.d
+++ b/systemd-config/files/systemd.conf.tmpfiles.d
@ -25,18 +25,18 @@ d /run/log 0755 root root -
 z /run/log/journal 2755 root systemd-journal - -
 Z /run/log/journal/%m ~2750 root systemd-journal - -

-a+ /run/log/journal/%m - - - - d:group:wrs_protected:r-x,d:group:wheel:r-x
-A+ /run/log/journal/%m - - - - group:wrs_protected:r-x,group:wheel:r-x
+a+ /run/log/journal/%m - - - - d:group:sys_protected:r-x,d:group:wheel:r-x
+A+ /run/log/journal/%m - - - - group:sys_protected:r-x,group:wheel:r-x

 z /var/log/journal 2755 root systemd-journal - -
 z /var/log/journal/%m 2755 root systemd-journal - -
 z /var/log/journal/%m/system.journal 0640 root systemd-journal - -

-a+ /var/log/journal    - - - - d:group:wrs_protected:r-x,d:group:wheel:r-x
-a+ /var/log/journal    - - - - group:wrs_protected:r-x,group:wheel:r-x
-a+ /var/log/journal/%m - - - - d:group:wrs_protected:r-x,d:group:wheel:r-x
-a+ /var/log/journal/%m - - - - group:wrs_protected:r-x,group:wheel:r-x
-a+ /var/log/journal/%m/system.journal - - - - group:wrs_protected:r--,group:wheel:r--
+a+ /var/log/journal    - - - - d:group:sys_protected:r-x,d:group:wheel:r-x
+a+ /var/log/journal    - - - - group:sys_protected:r-x,group:wheel:r-x
+a+ /var/log/journal/%m - - - - d:group:sys_protected:r-x,d:group:wheel:r-x
+a+ /var/log/journal/%m - - - - group:sys_protected:r-x,group:wheel:r-x
+a+ /var/log/journal/%m/system.journal - - - - group:sys_protected:r--,group:wheel:r--

 d /var/lib/systemd 0755 root root -
 d /var/lib/systemd/coredump 0755 root root 3d