Respect UID and GID soft static allocation.

https://fedoraproject.org/wiki/Packaging:UsersAndGroups?rd=Packaging/UsersAndGroups#Soft_static_allocation

https://fedorahosted.org/freeipa/ticket/4585

Reviewed-By: Martin Basti <[email protected]>

3 files changed, 2 insertions, 44 deletions

diff --git a/ipaserver/install/cainstance.py b/ipaserver/install/cainstance.py
index 0c31d2164..6ccbe415e 100644
--- a/ipaserver/install/cainstance.py
+++ b/ipaserver/install/cainstance.py
@@ -261,7 +261,7 @@ def is_step_one_done():
 
 def create_ca_user():
     """Create PKI user/group if it doesn't exist yet."""
-    installutils.create_system_user(
+    tasks.create_system_user(
         name=PKI_USER,
         group=PKI_USER,
         homedir=paths.VAR_LIB,
diff --git a/ipaserver/install/dsinstance.py b/ipaserver/install/dsinstance.py
index da5353471..4293c5c90 100644
--- a/ipaserver/install/dsinstance.py
+++ b/ipaserver/install/dsinstance.py
@@ -152,7 +152,7 @@ def is_ds_running(server_id=''):
 
 def create_ds_user():
     """Create DS user/group if it doesn't exist yet."""
-    installutils.create_system_user(
+    tasks.create_system_user(
         name=DS_USER,
         group=DS_USER,
         homedir=paths.VAR_LIB_DIRSRV,
diff --git a/ipaserver/install/installutils.py b/ipaserver/install/installutils.py
index 1e010edc6..9cda26f16 100644
--- a/ipaserver/install/installutils.py
+++ b/ipaserver/install/installutils.py
@@ -29,8 +29,6 @@ from ConfigParser import SafeConfigParser, NoOptionError
 import traceback
 import textwrap
 from contextlib import contextmanager
-import pwd
-import grp
 
 from dns import resolver, rdatatype
 from dns.exception import DNSException
@@ -83,8 +81,6 @@ class ReplicaConfig:
 
     subject_base = ipautil.dn_attribute_property('_subject_base')
 
-log = log_mgr.get_logger(__name__)
-
 def get_fqdn():
     fqdn = ""
     try:
@@ -974,41 +970,3 @@ def load_external_cert(files, subject_base):
     ca_file.flush()
 
     return cert_file, ca_file
-
-
-def create_system_user(name, group, homedir, shell):
-    """Create a system user with a corresponding group"""
-    try:
-        grp.getgrnam(group)
-    except KeyError:
-        log.debug('Adding group %s', group)
-        args = [paths.GROUPADD, '-r', group]
-        try:
-            ipautil.run(args)
-            log.debug('Done adding group')
-        except ipautil.CalledProcessError as e:
-            log.critical('Failed to add group: %s', e)
-            raise
-    else:
-        log.debug('group %s exists', group)
-
-    try:
-        pwd.getpwnam(name)
-    except KeyError:
-        log.debug('Adding user %s', name)
-        args = [
-            paths.USERADD,
-            '-g', group,
-            '-c', 'DS System User',
-            '-d', homedir,
-            '-s', shell,
-            '-M', '-r', name,
-        ]
-        try:
-            ipautil.run(args)
-            log.debug('Done adding user')
-        except ipautil.CalledProcessError as e:
-            log.critical('Failed to add user: %s', e)
-            raise
-    else:
-        log.debug('user %s exists', name)