add user groups (d859dccf) · Commits · NDIP / OIDC Utils

.gitlab-ci.yml

+2 −2

Original line number	Diff line number	Diff line
		@@ -39,8 +39,8 @@ build-packages:
		- docker build -f dockerfiles/Dockerfile.opensuse -t opensuse --target package .
		- docker run --rm -v `pwd`:/tmp opensuse bash -c "cp /src/build/*.rpm /tmp"
		- fname=`ls *.rpm \| head -n 1`
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/rpm/0.4.0/$fname"'
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/rpm/0.4.1/$fname"'
		- fname=`ls *.deb \| head -n 1`
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/deb/0.4.0/$fname"'
		- 'curl --header "JOB-TOKEN: $CI_JOB_TOKEN" --upload-file $fname "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/generic/deb/0.4.1/$fname"'
		tags:
		- rse-multi-builder

+3 −3

Original line number	Diff line number	Diff line
		from opensuse/leap:15.3 as package
		FROM --platform=amd64 regproxy.ornl.gov/hub_proxy/opensuse/leap:15.3 as package

		RUN zypper in -y cmake libcurl-devel pam-devel libopenssl-devel gcc rpmbuild vim

		@@ -10,7 +10,7 @@ RUN bash ./build.sh RPM

		#2FA

		FROM opensuse/leap:15.3 AS with2fa
		FROM --platform=amd64 regproxy.ornl.gov/hub_proxy/opensuse/leap:15.3 AS with2fa

		RUN useradd test
		RUN mkhomedir_helper test
		@@ -23,7 +23,7 @@ RUN zypper in -y google-authenticator-libpam curl python3 openssh hostname

		COPY --from=package /src/build/*.rpm /package/

		RUN zypper in -y --allow-unsigned-rpm /package/oidc-pam-0.4.0-Linux.rpm
		RUN zypper in -y --allow-unsigned-rpm /package/oidc-pam-0.4.1-Linux.rpm

		COPY dockerfiles/start_2fa.sh /tmp/oidc/
		COPY config/oidc-pam.json /tmp/oidc/

+3 −3

Original line number	Diff line number	Diff line
		FROM ubuntu:22.04 AS package
		FROM --platform=amd64 regproxy.ornl.gov/hub_proxy/ubuntu:22.04 AS package

		RUN apt-get update && apt-get install -y cmake libpam0g-dev libcurl4-openssl-dev libssl-dev vim

		@@ -7,7 +7,7 @@ COPY /src /src
		WORKDIR /src
		RUN bash ./build.sh DEB

		FROM ubuntu:22.04 AS no2fa
		FROM --platform=amd64 regproxy.ornl.gov/hub_proxy/ubuntu:22.04 AS no2fa

		RUN useradd test
		RUN mkhomedir_helper test
		@@ -19,7 +19,7 @@ RUN apt-get update && apt-get install -y curl python3 ssh

		COPY --from=package /src/build/*.deb /package/

		RUN dpkg -i /package/oidc-pam-0.4.0-Linux.deb
		RUN dpkg -i /package/oidc-pam-0.4.1-Linux.deb

		COPY config/sshd /etc/pam.d/
		COPY config/sshd_pam.conf /etc/ssh/sshd_config.d/

+1 −1

Original line number	Diff line number	Diff line
		@@ -31,7 +31,7 @@ SET(CPACK_RPM_PACKAGE_MAINTAINER "ORNL")

		set(CPACK_PACKAGE_VERSION_MAJOR "0")
		set(CPACK_PACKAGE_VERSION_MINOR "4")
		set(CPACK_PACKAGE_VERSION_PATCH "0")
		set(CPACK_PACKAGE_VERSION_PATCH "1")

		set(CPACK_DEBIAN_PACKAGE_DEPENDS "curl")
		set(CPACK_RPM_PACKAGE_DEPENDS "curl")

+7 −0

Original line number	Diff line number	Diff line
		@@ -4,6 +4,7 @@

		#include <stdlib.h>
		#include <pwd.h>
		#include <grp.h>
		#include <unistd.h>
		#include <sys/fcntl.h>
		#include <openssl/sha.h>
		@@ -135,6 +136,12 @@ int main(int argc, char *argv[]) {
		pwd = pwd_from_token(argv[2], token_file_path);
		}

		if (initgroups(pwd->pw_name, pwd->pw_gid) != 0) {
		printf("initgroup\n");
		exit(1);
		}


		res = setuid(pwd->pw_uid);
		if (res != 0) {
		printf("cannot set uid\n");