From 8a72892249cab1c8323b6e402684036364e1825d Mon Sep 17 00:00:00 2001
From: Luke Shumaker <lukeshu@sbcglobal.net>
Date: Sat, 5 Sep 2015 21:10:21 -0600
Subject: track group membership

---
 src/nshd/hackers_git/hackers.go       |  1 +
 src/nshd/hackers_git/hackers_watch.go | 37 ++++++++++++++++++++++++++++++++++-
 2 files changed, 37 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/nshd/hackers_git/hackers.go b/src/nshd/hackers_git/hackers.go
index ca3974d..c62c476 100644
--- a/src/nshd/hackers_git/hackers.go
+++ b/src/nshd/hackers_git/hackers.go
@@ -26,6 +26,7 @@ type Hackers struct {
 	lock      sync.RWMutex
 	workers   sync.WaitGroup
 	users     map[int32]user
+	groups    map[string]map[string]bool
 
 	in_fd      *inotify.Inotify
 	in_wd_home inotify.Wd
diff --git a/src/nshd/hackers_git/hackers_watch.go b/src/nshd/hackers_git/hackers_watch.go
index 2d09f7c..96e0480 100644
--- a/src/nshd/hackers_git/hackers_watch.go
+++ b/src/nshd/hackers_git/hackers_watch.go
@@ -53,6 +53,7 @@ func (o *Hackers) close() {
 	o.in_wd_home = -1
 	o.in_wd_yaml = -1
 	o.users = make(map[int32]user, 0)
+	o.groups = make(map[string]map[string]bool)
 	o.in_uid2wd = make(map[int32]inotify.Wd, 0)
 	o.in_wd2uid = make(map[inotify.Wd]int32, 0)
 }
@@ -65,6 +66,7 @@ func (o *Hackers) reload() (err error) {
 
 	filenames, err := filepath.Glob(o.cfg.Yamldir + "/*.yml")
 	o.users = make(map[int32]user, len(filenames))
+	o.groups = make(map[string]map[string]bool)
 	o.in_uid2wd = make(map[int32]inotify.Wd, len(filenames))
 	o.in_wd2uid = make(map[inotify.Wd]int32, len(filenames))
 	for _, filename := range filenames {
@@ -75,6 +77,26 @@ func (o *Hackers) reload() (err error) {
 	return
 }
 
+func (o *Hackers) add_user_to_group(username string, groupname string) {
+	group, found := o.groups[groupname]
+	if !found {
+		group = make(map[string]bool)
+		o.groups[groupname] = group
+	}
+	group[username] = true
+}
+
+func (o *Hackers) del_user_from_group(username string, groupname string) {
+	group, found := o.groups[groupname]
+	if !found {
+		return
+	}
+	delete(group, username)
+	if len(group) < 1 {
+		delete(o.groups, groupname)
+	}
+}
+
 func (o *Hackers) load_yaml_file(filename string) {
 	logger.Debug("hackers.git: Loading YAML file: %s", filename)
 	user, err := parse_user_yaml(filename)
@@ -83,6 +105,14 @@ func (o *Hackers) load_yaml_file(filename string) {
 		logger.Debug("hackers.git:  -> User %d added/updated", uid)
 		o.lock.Lock()
 		defer o.lock.Unlock()
+		if olduser, found := o.users[uid]; found {
+			for _, groupname := range olduser.groups {
+				o.del_user_from_group(olduser.passwd.Name, groupname)
+			}
+		}
+		for _, groupname := range user.groups {
+			o.add_user_to_group(user.passwd.Name, groupname)
+		}
 		o.users[uid] = user
 		o.watchHomedir(uid)
 	} else if uid >= 0 {
@@ -93,7 +123,12 @@ func (o *Hackers) load_yaml_file(filename string) {
 		if wd, found := o.in_uid2wd[uid]; found {
 			o.unwatchHomedir(wd)
 		}
-		delete(o.users, uid)
+		if olduser, found := o.users[uid]; found {
+			for _, groupname := range olduser.groups {
+				o.del_user_from_group(olduser.passwd.Name, groupname)
+			}
+			delete(o.users, uid)
+		}
 	} else {
 		logger.Debug("hackers.git:  -> File ignored: %v", err)
 	}
-- 
cgit v1.2.2