openstack/loci
Code Issues Proposed changes
loci/scripts/create_user.sh
Vasyl Saienko 4c8bfa468e Use rbash for nova user instead of bash 
We do not need to allow execute all commands, rbash is more than enough

Change-Id: I266e2723aee4dcf608f2a29bb5adc970de4d3b56
2024-11-26 07:51:23 +00:00

15 lines
577 B
Bash
Executable File
Raw Permalink Blame History

#!/bin/bash
set -ex
groupadd -g ${GID} ${PROJECT}
if [[ "${PROJECT}" == "nova" ]];then
# NOTE: bash needed for nova to support instance migration
useradd -u ${UID} -g ${PROJECT} -M -d /var/lib/${PROJECT} -s /bin/rbash -c "${PROJECT} user" ${PROJECT}
else
useradd -u ${UID} -g ${PROJECT} -M -d /var/lib/${PROJECT} -s /usr/sbin/nologin -c "${PROJECT} user" ${PROJECT}
fi
mkdir -p /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT}
chown ${PROJECT}:${PROJECT} /etc/${PROJECT} /var/log/${PROJECT} /var/lib/${PROJECT} /var/cache/${PROJECT}
View Git Blame Copy Permalink