- existing_groups = current_user_groups[username] || []
- groups = l[:groups] || []
- # Adding users to the FUSE group has long been hardcoded behavior.
- groups << "fuse"
- groups << username
- groups.select! { |g| Etc.getgrnam(g) rescue false }
-
- groups.each do |addgroup|
- if existing_groups.index(addgroup).nil?
- # User should be in group, but isn't, so add them.
- STDERR.puts "Add user #{username} to #{addgroup} group"
- out, st = Open3.capture2e("usermod", "-aG", addgroup, username)
- if st.exitstatus != 0
- STDERR.puts "Failed to add #{username} to #{addgroup} group:\n#{out}"
- end
+ have_groups = current_user_groups[username]
+ want_groups = l[:groups] || []
+ want_groups |= minimum_groups
+ want_groups &= all_groups
+
+ (want_groups - have_groups).each do |addgroup|
+ # User should be in group, but isn't, so add them.
+ STDERR.puts "Add user #{username} to #{addgroup} group"
+ out, st = Open3.capture2e("usermod", "-aG", addgroup, username)
+ if st.exitstatus != 0
+ STDERR.puts "Failed to add #{username} to #{addgroup} group:\n#{out}"