Page:
Technical_Decomp_Accounts
Pages
Contact Me
Home
Technical_Decomp_Accounts
Technical_Decomp_Cache
Technical_Decomp_Diff
Technical_Decomp_Harvest
Technical_Decomp_Ignore
Technical_Decomp_JinjaTurtle
Technical_Decomp_Manifest
Technical_Decomp_PathFilter
Technical_Decomp_SopsUtil
Technical_Decomp_Systemd
Troubleshooting
enroll single-shot
enroll diff
enroll harvest
enroll manifest
No results
This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
enroll/accounts.py
UserRecord (dataclass)
Purpose: represents one “human” (non-system) user found on the machine.
Fields:
- name, uid, gid, gecos, home, shell: parsed from /etc/passwd
- primary_group: resolved from /etc/group by matching the user’s primary gid
- supplementary_groups: any other groups where the user appears in the group member list
- ssh_files: list of safe-to-copy SSH public material, currently only:
- ~/.ssh/authorized_keys if it exists and isn’t a symlink
Lifecycle / where it’s used:
Constructed in collect_non_system_users().
harvest.harvest() converts it into a plain dict list (users_list) which is stored inside the UsersSnapshot and ultimately serialized into state.json.
The actual ssh_files are also copied into artifacts/users/... as managed files (subject to ignore/exclude policy), and recorded as ManagedFile entries.
Important semantics:
- A “human” user is determined by UID_MIN from
/etc/login.defs(default 1000), and shell not being nologin/false. - root and nobody are explicitly skipped.