Use "getent group" instead of reading "/etc/group" to get group information (#14316)

* Use getent group instead of /etc/group to search groups * Fallback to 'cat /etc/groups' if no getent exists * Use group_exists() in netdata-installer.sh * Rename group_exists() to get_group()
2023-01-27 15:51:04 +00:00 · 2023-01-27 15:51:04 +00:00 · 081dbc6ced
parent 3338acf082
commit 081dbc6ced
3 changed files with 14 additions and 6 deletions
--- a/netdata-installer.sh
+++ b/netdata-installer.sh
@ -1200,8 +1200,8 @@ run chmod 770 "${NETDATA_CLAIMING_DIR}"
 if [ "$(id -u)" -eq 0 ]; then
  # find the admin group
  admin_group=
-  test -z "${admin_group}" && getent group root > /dev/null 2>&1 && admin_group="root"
-  test -z "${admin_group}" && getent group daemon > /dev/null 2>&1 && admin_group="daemon"
+  test -z "${admin_group}" && get_group root > /dev/null 2>&1 && admin_group="root"
+  test -z "${admin_group}" && get_group daemon > /dev/null 2>&1 && admin_group="daemon"
  test -z "${admin_group}" && admin_group="${NETDATA_GROUP}"

  run chown "${NETDATA_USER}:${admin_group}" "${NETDATA_LOG_DIR}"
--- a/packaging/installer/functions.sh
+++ b/packaging/installer/functions.sh
@ -396,6 +396,14 @@ get_os_key() {
  fi
 }

+get_group(){
+  if command -v getent > /dev/null 2>&1; then
+    getent group "${1:-""}"
+  else
+    cat /etc/group | grep "^${1}:" 
+  fi
+}
+
 issystemd() {
  pids=''
  p=''
@ -933,7 +941,7 @@ portable_add_group() {
  groupname="${1}"

  # Check if group exist
-  if cut -d ':' -f 1 < /etc/group | grep "^${groupname}$" 1> /dev/null 2>&1; then
+  if get_group "${groupname}" > /dev/null 2>&1; then
    echo >&2 "Group '${groupname}' already exists."
    return 0
  fi
@ -969,14 +977,14 @@ portable_add_user_to_group() {
  username="${2}"

  # Check if group exist
-  if ! cut -d ':' -f 1 < /etc/group | grep "^${groupname}$" > /dev/null 2>&1; then
+  if ! get_group "${groupname}" > /dev/null 2>&1; then
    echo >&2 "Group '${groupname}' does not exist."
    # Don’t treat this as a failure, if the group does not exist we should not be trying to add the user to it.
    return 0
  fi

  # Check if user is in group
-  if expr ",$(grep "^${groupname}:" < /etc/group | cut -d ':' -f 4)," : ",""${username}"","; then
+  if get_group "${groupname}" | cut -d ':' -f 4 | grep -wq "${username}"; then
    # username is already there
    echo >&2 "User '${username}' is already in group '${groupname}'."
    return 0
--- a/packaging/installer/netdata-uninstaller.sh
+++ b/packaging/installer/netdata-uninstaller.sh
@ -426,7 +426,7 @@ portable_del_group() {

  # Linux
  if command -v groupdel 1> /dev/null 2>&1; then
-    if grep -q "${groupname}" /etc/group; then
+    if get_group "${groupname}" > /dev/null 2>&1; then
      run groupdel "${groupname}" && return 0
    else
      info "Group ${groupname} already removed in a previous step."