[Libguestfs] [PATCH V3] sysprep: remove user accounts

Wanlong Gao gaowanlong at cn.fujitsu.com
Mon Apr 23 00:55:47 UTC 2012


Remove user accounts from /etc/passwd, /etc/group,
/etc/shadow, and the home directory of the user,
except the root user.

Signed-off-by: Wanlong Gao <gaowanlong at cn.fujitsu.com>
---
 sysprep/Makefile.am                       |    2 +
 sysprep/sysprep_operation_user_account.ml |   71 +++++++++++++++++++++++++++++
 2 files changed, 73 insertions(+)
 create mode 100644 sysprep/sysprep_operation_user_account.ml

diff --git a/sysprep/Makefile.am b/sysprep/Makefile.am
index f51fc07..9b06804 100644
--- a/sysprep/Makefile.am
+++ b/sysprep/Makefile.am
@@ -48,6 +48,7 @@ SOURCES = \
 	sysprep_operation_ssh_hostkeys.ml \
 	sysprep_operation_ssh_userdir.ml \
 	sysprep_operation_udev_persistent_net.ml \
+	sysprep_operation_user_account.ml \
 	sysprep_operation_utmp.ml \
 	sysprep_operation_yum_uuid.ml \
 	utils.ml
@@ -73,6 +74,7 @@ OBJECTS = \
 	sysprep_operation_ssh_hostkeys.cmx \
 	sysprep_operation_ssh_userdir.cmx \
 	sysprep_operation_udev_persistent_net.cmx \
+	sysprep_operation_user_account.ml \
 	sysprep_operation_utmp.cmx \
 	sysprep_operation_yum_uuid.cmx \
 	main.cmx
diff --git a/sysprep/sysprep_operation_user_account.ml b/sysprep/sysprep_operation_user_account.ml
new file mode 100644
index 0000000..9398d57
--- /dev/null
+++ b/sysprep/sysprep_operation_user_account.ml
@@ -0,0 +1,71 @@
+(* virt-sysprep
+ * Copyright (C) 2012 FUJITSU LIMITED
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+ *)
+
+open Sysprep_operation
+open Utils
+
+module G = Guestfs
+
+let user_account_perform g root =
+  let typ = g#inspect_get_type root in
+  if typ <> "windows" then (
+    g#aug_init "/" 0;
+    let uid_min = g#aug_get "/files/etc/login.defs/UID_MIN" in
+    let uid_max = g#aug_get "/files/etc/login.defs/UID_MAX" in
+    let users = Array.to_list (g#aug_ls "/files/etc/passwd") in
+    List.iter (
+      fun user ->
+        let uid = user ^ "/uid" in
+        let uid = g#aug_get uid in
+        if int_of_string uid >= int_of_string uid_min then (
+          if int_of_string uid <= int_of_string uid_max then (
+            let user' = Array.of_list (string_split "/" user) in
+            let user = user'.(4) in
+            let user_prefix = user ^ ":" in
+            let filenames = [ "/etc/passwd";
+                          "/etc/shadow";
+                          "/etc/group" ] in
+            List.iter (
+              fun filename ->
+                let lines = Array.to_list (g#read_lines filename) in
+                let lines = List.filter (
+                  fun line -> not (string_prefix line user_prefix)
+                ) lines in
+                let file = String.concat "\n" lines ^ "\n" in
+                g#write filename file
+            ) filenames;
+            g#rm_rf ("/home/" ^ user);
+          )
+        )
+    ) users;
+    []
+  )
+  else []
+
+let user_account_op = {
+  name = "user-account";
+  enabled_by_default = true;
+  heading = "Remove the user accounts in the guest";
+  pod_description = Some "\
+Remove the user accounts and their home directory except
+the \"root\" account.";
+  extra_args = [];
+  perform = user_account_perform;
+}
+
+let () = register_operation user_account_op
-- 
1.7.10




More information about the Libguestfs mailing list