]> git.cameronkatri.com Git - pw-darwin.git/blob - adduser/adduser.sh
git.ckatri.com / pw-darwin.git / blob
? search:


3cb11b8bf3a71be39e22e2aaf058428c063a66b7
[pw-darwin.git] / adduser / adduser.sh
1 #!@MEMO_PREFIX@/bin/sh
2 #
3 # SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 #
5 # Copyright (c) 2002-2004 Michael Telahun Makonnen. All rights reserved.
6 #
7 # Redistribution and use in source and binary forms, with or without
8 # modification, are permitted provided that the following conditions
9 # are met:
10 # 1. Redistributions of source code must retain the above copyright
11 # notice, this list of conditions and the following disclaimer.
12 # 2. Redistributions in binary form must reproduce the above copyright
13 # notice, this list of conditions and the following disclaimer in the
14 # documentation and/or other materials provided with the distribution.
15 #
16 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 #
27 # Email: Mike Makonnen <mtm@FreeBSD.Org>
28 #
29 # $FreeBSD$
30 #
31
32 # err msg
33 # Display $msg on stderr, unless we're being quiet.
34 #
35 err() {
36 if [ -z "$quietflag" ]; then
37 echo 1>&2 ${THISCMD}: ERROR: $*
38 fi
39 }
40
41 # info msg
42 # Display $msg on stdout, unless we're being quiet.
43 #
44 info() {
45 if [ -z "$quietflag" ]; then
46 echo ${THISCMD}: INFO: $*
47 fi
48 }
49
50 # get_nextuid
51 # Output the value of $_uid if it is available for use. If it
52 # is not, output the value of the next higher uid that is available.
53 # If a uid is not specified, output the first available uid, as indicated
54 # by pw(8).
55 #
56 get_nextuid () {
57 _uid=$1
58 _nextuid=
59
60 if [ -z "$_uid" ]; then
61 _nextuid="`${PWCMD} usernext | cut -f1 -d:`"
62 else
63 while : ; do
64 ${PWCMD} usershow $_uid > /dev/null 2>&1
65 if [ ! "$?" -eq 0 ]; then
66 _nextuid=$_uid
67 break
68 fi
69 _uid=$(($_uid + 1))
70 done
71 fi
72 echo $_nextuid
73 }
74
75 # show_usage
76 # Display usage information for this utility.
77 #
78 show_usage() {
79 echo "usage: ${THISCMD} [options]"
80 echo " options may include:"
81 echo " -C save to the configuration file only"
82 echo " -D do not attempt to create the home directory"
83 echo " -E disable this account after creation"
84 echo " -G additional groups to add accounts to"
85 echo " -L login class of the user"
86 echo " -M file permission for home directory"
87 echo " -N do not read configuration file"
88 echo " -S a nonexistent shell is not an error"
89 echo " -d home directory"
90 echo " -f file from which input will be received"
91 echo " -g default login group"
92 echo " -h display this usage message"
93 echo " -k path to skeleton home directory"
94 echo " -m user welcome message file"
95 echo " -q absolute minimal user feedback"
96 echo " -s shell"
97 echo " -u uid to start at"
98 echo " -w password type: no, none, yes or random"
99 }
100
101 # valid_shells
102 # Outputs a list of valid shells from /etc/shells. Only the
103 # basename of the shell is output.
104 #
105 valid_shells() {
106 _prefix=
107 cat ${ETCSHELLS} |
108 while read _path _junk ; do
109 case $_path in
110 \#*|'')
111 ;;
112 *)
113 echo -n "${_prefix}`basename $_path`"
114 _prefix=' '
115 ;;
116 esac
117 done
118
119 # /usr/sbin/nologin is a special case
120 [ -x "${NOLOGIN_PATH}" ] && echo -n " ${NOLOGIN}"
121 }
122
123 # fullpath_from_shell shell
124 # Given $shell, which is either the full path to a shell or
125 # the basename component of a valid shell, get the
126 # full path to the shell from the /etc/shells file.
127 #
128 fullpath_from_shell() {
129 _shell=$1
130 [ -z "$_shell" ] && return 1
131
132 # /usr/sbin/nologin is a special case; it needs to be handled
133 # before the cat | while loop, since a 'return' from within
134 # a subshell will not terminate the function's execution, and
135 # the path to the nologin shell might be printed out twice.
136 #
137 if [ "$_shell" = "${NOLOGIN}" -o \
138 "$_shell" = "${NOLOGIN_PATH}" ]; then
139 echo ${NOLOGIN_PATH}
140 return 0;
141 fi
142
143 cat ${ETCSHELLS} |
144 while read _path _junk ; do
145 case "$_path" in
146 \#*|'')
147 ;;
148 *)
149 if [ "$_path" = "$_shell" -o \
150 "`basename $_path`" = "$_shell" ]; then
151 echo $_path
152 return 0
153 fi
154 ;;
155 esac
156 done
157
158 return 1
159 }
160
161 # shell_exists shell
162 # If the given shell is listed in ${ETCSHELLS} or it is
163 # the nologin shell this function will return 0.
164 # Otherwise, it will return 1. If shell is valid but
165 # the path is invalid or it is not executable it
166 # will emit an informational message saying so.
167 #
168 shell_exists() {
169 _sh="$1"
170 _shellchk="${GREPCMD} '^$_sh$' ${ETCSHELLS} > /dev/null 2>&1"
171
172 if ! eval $_shellchk; then
173 # The nologin shell is not listed in /etc/shells.
174 if [ "$_sh" != "${NOLOGIN_PATH}" ]; then
175 err "Invalid shell ($_sh) for user $username."
176 return 1
177 fi
178 fi
179 ! [ -x "$_sh" ] &&
180 info "The shell ($_sh) does not exist or is not executable."
181
182 return 0
183 }
184
185 # save_config
186 # Save some variables to a configuration file.
187 # Note: not all script variables are saved, only those that
188 # it makes sense to save.
189 #
190 save_config() {
191 echo "# Configuration file for adduser(8)." > ${ADDUSERCONF}
192 echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
193 echo "# Last Modified on `${DATECMD}`." >> ${ADDUSERCONF}
194 echo '' >> ${ADDUSERCONF}
195 echo "defaultHomePerm=$uhomeperm" >> ${ADDUSERCONF}
196 echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
197 echo "defaultclass=$uclass" >> ${ADDUSERCONF}
198 echo "defaultgroups=$ugroups" >> ${ADDUSERCONF}
199 echo "passwdtype=$passwdtype" >> ${ADDUSERCONF}
200 echo "homeprefix=$homeprefix" >> ${ADDUSERCONF}
201 echo "defaultshell=$ushell" >> ${ADDUSERCONF}
202 echo "udotdir=$udotdir" >> ${ADDUSERCONF}
203 echo "msgfile=$msgfile" >> ${ADDUSERCONF}
204 echo "disableflag=$disableflag" >> ${ADDUSERCONF}
205 echo "uidstart=$uidstart" >> ${ADDUSERCONF}
206 }
207
208 # add_user
209 # Add a user to the user database. If the user chose to send a welcome
210 # message or lock the account, do so.
211 #
212 add_user() {
213
214 # Is this a configuration run? If so, don't modify user database.
215 #
216 if [ -n "$configflag" ]; then
217 save_config
218 return
219 fi
220
221 _uid=
222 _name=
223 _comment=
224 _gecos=
225 _home=
226 _group=
227 _grouplist=
228 _shell=
229 _class=
230 _dotdir=
231 _expire=
232 _pwexpire=
233 _passwd=
234 _upasswd=
235 _passwdmethod=
236
237 _name="-n '$username'"
238 [ -n "$uuid" ] && _uid='-u "$uuid"'
239 [ -n "$ulogingroup" ] && _group='-g "$ulogingroup"'
240 [ -n "$ugroups" ] && _grouplist='-G "$ugroups"'
241 [ -n "$ushell" ] && _shell='-s "$ushell"'
242 [ -n "$uclass" ] && _class='-L "$uclass"'
243 [ -n "$ugecos" ] && _comment='-c "$ugecos"'
244 [ -n "$udotdir" ] && _dotdir='-k "$udotdir"'
245 [ -n "$uexpire" ] && _expire='-e "$uexpire"'
246 [ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"'
247 if [ -z "$Dflag" -a -n "$uhome" ]; then
248 # The /nonexistent home directory is special. It
249 # means the user has no home directory.
250 if [ "$uhome" = "$NOHOME" ]; then
251 _home='-d "$uhome"'
252 else
253 # Use home directory permissions if specified
254 if [ -n "$uhomeperm" ]; then
255 _home='-m -d "$uhome" -M "$uhomeperm"'
256 else
257 _home='-m -d "$uhome"'
258 fi
259 fi
260 elif [ -n "$Dflag" -a -n "$uhome" ]; then
261 _home='-d "$uhome"'
262 fi
263 case $passwdtype in
264 no)
265 _passwdmethod="-w no"
266 _passwd="-h -"
267 ;;
268 yes)
269 # Note on processing the password: The outer double quotes
270 # make literal everything except ` and \ and $.
271 # The outer single quotes make literal ` and $.
272 # We can ensure the \ isn't treated specially by specifying
273 # the -r switch to the read command used to obtain the input.
274 #
275 _passwdmethod="-w yes"
276 _passwd="-h 0"
277 _upasswd='echo "$upass" |'
278 ;;
279 none)
280 _passwdmethod="-w none"
281 ;;
282 random)
283 _passwdmethod="-w random"
284 ;;
285 esac
286
287 _pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
288 _pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
289 _pwcmd="$_pwcmd $_expire $_pwexpire"
290
291 if ! _output=`eval $_pwcmd` ; then
292 err "There was an error adding user ($username)."
293 return 1
294 else
295 info "Successfully added ($username) to the user database."
296 if [ "random" = "$passwdtype" ]; then
297 randompass="$_output"
298 info "Password for ($username) is: $randompass"
299 fi
300 fi
301
302 if [ -n "$disableflag" ]; then
303 if ${PWCMD} lock $username ; then
304 info "Account ($username) is locked."
305 else
306 info "Account ($username) could NOT be locked."
307 fi
308 fi
309
310 _line=
311 _owner=
312 _perms=
313 if [ -n "$msgflag" ]; then
314 [ -r "$msgfile" ] && {
315 # We're evaluating the contents of an external file.
316 # Let's not open ourselves up for attack. _perms will
317 # be empty if it's writeable only by the owner. _owner
318 # will *NOT* be empty if the file is owned by root.
319 #
320 _dir="`dirname $msgfile`"
321 _file="`basename $msgfile`"
322 _perms=`@MEMO_PREFIX@@MEMO_SUB_PREFIX@/bin/find $_dir -name $_file -perm +07022 -prune`
323 _owner=`@MEMO_PREFIX@@MEMO_SUB_PREFIX@/bin/find $_dir -name $_file -user 0 -prune`
324 if [ -z "$_owner" -o -n "$_perms" ]; then
325 err "The message file ($msgfile) may be writeable only by root."
326 return 1
327 fi
328 cat "$msgfile" |
329 while read _line ; do
330 eval echo "$_line"
331 done | ${MAILCMD} -s"Welcome" ${username}
332 info "Sent welcome message to ($username)."
333 }
334 fi
335 }
336
337 # get_user
338 # Reads username of the account from standard input or from a global
339 # variable containing an account line from a file. The username is
340 # required. If this is an interactive session it will prompt in
341 # a loop until a username is entered. If it is batch processing from
342 # a file it will output an error message and return to the caller.
343 #
344 get_user() {
345 _input=
346
347 # No need to take down user names if this is a configuration saving run.
348 [ -n "$configflag" ] && return
349
350 while : ; do
351 if [ -z "$fflag" ]; then
352 echo -n "Username: "
353 read _input
354 else
355 _input="`echo "$fileline" | cut -f1 -d:`"
356 fi
357
358 # There *must* be a username, and it must not exist. If
359 # this is an interactive session give the user an
360 # opportunity to retry.
361 #
362 if [ -z "$_input" ]; then
363 err "You must enter a username!"
364 [ -z "$fflag" ] && continue
365 fi
366 ${PWCMD} usershow $_input > /dev/null 2>&1
367 if [ "$?" -eq 0 ]; then
368 err "User exists!"
369 [ -z "$fflag" ] && continue
370 fi
371 break
372 done
373 username="$_input"
374 }
375
376 # get_gecos
377 # Reads extra information about the user. Can be used both in interactive
378 # and batch (from file) mode.
379 #
380 get_gecos() {
381 _input=
382
383 # No need to take down additional user information for a configuration run.
384 [ -n "$configflag" ] && return
385
386 if [ -z "$fflag" ]; then
387 echo -n "Full name: "
388 read _input
389 else
390 _input="`echo "$fileline" | cut -f7 -d:`"
391 fi
392 ugecos="$_input"
393 }
394
395 # get_shell
396 # Get the account's shell. Works in interactive and batch mode. It
397 # accepts either the base name of the shell or the full path.
398 # If an invalid shell is entered it will simply use the default shell.
399 #
400 get_shell() {
401 _input=
402 _fullpath=
403 ushell="$defaultshell"
404
405 # Make sure the current value of the shell is a valid one
406 if [ -z "$Sflag" ]; then
407 if ! shell_exists $ushell ; then
408 info "Using default shell ${defaultshell}."
409 ushell="$defaultshell"
410 fi
411 fi
412
413 if [ -z "$fflag" ]; then
414 echo -n "Shell ($shells) [`basename $ushell`]: "
415 read _input
416 else
417 _input="`echo "$fileline" | cut -f9 -d:`"
418 fi
419 if [ -n "$_input" ]; then
420 if [ -n "$Sflag" ]; then
421 ushell="$_input"
422 else
423 _fullpath=`fullpath_from_shell $_input`
424 if [ -n "$_fullpath" ]; then
425 ushell="$_fullpath"
426 else
427 err "Invalid shell ($_input) for user $username."
428 info "Using default shell ${defaultshell}."
429 ushell="$defaultshell"
430 fi
431 fi
432 fi
433 }
434
435 # get_homedir
436 # Reads the account's home directory. Used both with interactive input
437 # and batch input.
438 #
439 get_homedir() {
440 _input=
441 if [ -z "$fflag" ]; then
442 echo -n "Home directory [${homeprefix}/${username}]: "
443 read _input
444 else
445 _input="`echo "$fileline" | cut -f8 -d:`"
446 fi
447
448 if [ -n "$_input" ]; then
449 uhome="$_input"
450 # if this is a configuration run, then user input is the home
451 # directory prefix. Otherwise it is understood to
452 # be $prefix/$user
453 #
454 [ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
455 else
456 uhome="${homeprefix}/${username}"
457 fi
458 }
459
460 # get_homeperm
461 # Reads the account's home directory permissions.
462 #
463 get_homeperm() {
464 uhomeperm=$defaultHomePerm
465 _input=
466 _prompt=
467
468 if [ -n "$uhomeperm" ]; then
469 _prompt="Home directory permissions [${uhomeperm}]: "
470 else
471 _prompt="Home directory permissions (Leave empty for default): "
472 fi
473 if [ -z "$fflag" ]; then
474 echo -n "$_prompt"
475 read _input
476 fi
477
478 if [ -n "$_input" ]; then
479 uhomeperm="$_input"
480 fi
481 }
482
483 # get_uid
484 # Reads a numeric userid in an interactive or batch session. Automatically
485 # allocates one if it is not specified.
486 #
487 get_uid() {
488 uuid=${uidstart}
489 _input=
490 _prompt=
491
492 if [ -n "$uuid" ]; then
493 uuid=`get_nextuid $uuid`
494 _prompt="Uid [$uuid]: "
495 else
496 _prompt="Uid (Leave empty for default): "
497 fi
498 if [ -z "$fflag" ]; then
499 echo -n "$_prompt"
500 read _input
501 else
502 _input="`echo "$fileline" | cut -f2 -d:`"
503 fi
504
505 [ -n "$_input" ] && uuid=$_input
506 uuid=`get_nextuid $uuid`
507 uidstart=$uuid
508 }
509
510 # get_class
511 # Reads login class of account. Can be used in interactive or batch mode.
512 #
513 get_class() {
514 uclass="$defaultclass"
515 _input=
516 _class=${uclass:-"default"}
517
518 if [ -z "$fflag" ]; then
519 echo -n "Login class [$_class]: "
520 read _input
521 else
522 _input="`echo "$fileline" | cut -f4 -d:`"
523 fi
524
525 [ -n "$_input" ] && uclass="$_input"
526 }
527
528 # get_logingroup
529 # Reads user's login group. Can be used in both interactive and batch
530 # modes. The specified value can be a group name or its numeric id.
531 # This routine leaves the field blank if nothing is provided and
532 # a default login group has not been set. The pw(8) command
533 # will then provide a login group with the same name as the username.
534 #
535 get_logingroup() {
536 ulogingroup="$defaultLgroup"
537 _input=
538
539 if [ -z "$fflag" ]; then
540 echo -n "Login group [${ulogingroup:-$username}]: "
541 read _input
542 else
543 _input="`echo "$fileline" | cut -f3 -d:`"
544 fi
545
546 # Pw(8) will use the username as login group if it's left empty
547 [ -n "$_input" ] && ulogingroup="$_input"
548 }
549
550 # get_groups
551 # Read additional groups for the user. It can be used in both interactive
552 # and batch modes.
553 #
554 get_groups() {
555 ugroups="$defaultgroups"
556 _input=
557 _group=${ulogingroup:-"${username}"}
558
559 if [ -z "$configflag" ]; then
560 [ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
561 [ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
562 else
563 [ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
564 fi
565 read _input
566
567 [ -n "$_input" ] && ugroups="$_input"
568 }
569
570 # get_expire_dates
571 # Read expiry information for the account and also for the password. This
572 # routine is used only from batch processing mode.
573 #
574 get_expire_dates() {
575 upwexpire="`echo "$fileline" | cut -f5 -d:`"
576 uexpire="`echo "$fileline" | cut -f6 -d:`"
577 }
578
579 # get_password
580 # Read the password in batch processing mode. The password field matters
581 # only when the password type is "yes" or "random". If the field is empty and the
582 # password type is "yes", then it assumes the account has an empty passsword
583 # and changes the password type accordingly. If the password type is "random"
584 # and the password field is NOT empty, then it assumes the account will NOT
585 # have a random password and set passwdtype to "yes."
586 #
587 get_password() {
588 # We may temporarily change a password type. Make sure it's changed
589 # back to whatever it was before we process the next account.
590 #
591 [ -n "$savedpwtype" ] && {
592 passwdtype=$savedpwtype
593 savedpwtype=
594 }
595
596 # There may be a ':' in the password
597 upass=${fileline#*:*:*:*:*:*:*:*:*:}
598
599 if [ -z "$upass" ]; then
600 case $passwdtype in
601 yes)
602 # if it's empty, assume an empty password
603 passwdtype=none
604 savedpwtype=yes
605 ;;
606 esac
607 else
608 case $passwdtype in
609 random)
610 passwdtype=yes
611 savedpwtype=random
612 ;;
613 esac
614 fi
615 }
616
617 # input_from_file
618 # Reads a line of account information from standard input and
619 # adds it to the user database.
620 #
621 input_from_file() {
622 _field=
623
624 while read -r fileline ; do
625 case "$fileline" in
626 \#*|'')
627 ;;
628 *)
629 get_user || continue
630 get_gecos
631 get_uid
632 get_logingroup
633 get_class
634 get_shell
635 get_homedir
636 get_homeperm
637 get_password
638 get_expire_dates
639 ugroups="$defaultgroups"
640
641 add_user
642 ;;
643 esac
644 done
645 }
646
647 # input_interactive
648 # Prompts for user information interactively, and commits to
649 # the user database.
650 #
651 input_interactive() {
652 _disable=
653 _pass=
654 _passconfirm=
655 _random="no"
656 _emptypass="no"
657 _usepass="yes"
658 _logingroup_ok="no"
659 _groups_ok="no"
660 case $passwdtype in
661 none)
662 _emptypass="yes"
663 _usepass="yes"
664 ;;
665 no)
666 _usepass="no"
667 ;;
668 random)
669 _random="yes"
670 ;;
671 esac
672
673 get_user
674 get_gecos
675 get_uid
676
677 # The case where group = user is handled elsewhere, so
678 # validate any other groups the user is invited to.
679 until [ "$_logingroup_ok" = yes ]; do
680 get_logingroup
681 _logingroup_ok=yes
682 if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then
683 if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then
684 echo "Group $ulogingroup does not exist!"
685 _logingroup_ok=no
686 fi
687 fi
688 done
689 until [ "$_groups_ok" = yes ]; do
690 get_groups
691 _groups_ok=yes
692 for i in $ugroups; do
693 if [ "$username" != "$i" ]; then
694 if ! ${PWCMD} show group $i > /dev/null 2>&1; then
695 echo "Group $i does not exist!"
696 _groups_ok=no
697 fi
698 fi
699 done
700 done
701
702 get_class
703 get_shell
704 get_homedir
705 get_homeperm
706
707 while : ; do
708 echo -n "Use password-based authentication? [$_usepass]: "
709 read _input
710 [ -z "$_input" ] && _input=$_usepass
711 case $_input in
712 [Nn][Oo]|[Nn])
713 passwdtype="no"
714 ;;
715 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
716 while : ; do
717 echo -n "Use an empty password? (yes/no) [$_emptypass]: "
718 read _input
719 [ -n "$_input" ] && _emptypass=$_input
720 case $_emptypass in
721 [Nn][Oo]|[Nn])
722 echo -n "Use a random password? (yes/no) [$_random]: "
723 read _input
724 [ -n "$_input" ] && _random="$_input"
725 case $_random in
726 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
727 passwdtype="random"
728 break
729 ;;
730 esac
731 passwdtype="yes"
732 [ -n "$configflag" ] && break
733 trap 'stty echo; exit' 0 1 2 3 15
734 stty -echo
735 echo -n "Enter password: "
736 IFS= read -r upass
737 echo''
738 echo -n "Enter password again: "
739 IFS= read -r _passconfirm
740 echo ''
741 stty echo
742 # if user entered a blank password
743 # explicitly ask again.
744 [ -z "$upass" -a -z "$_passconfirm" ] \
745 && continue
746 ;;
747 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
748 passwdtype="none"
749 break;
750 ;;
751 *)
752 # invalid answer; repeat the loop
753 continue
754 ;;
755 esac
756 if [ "$upass" != "$_passconfirm" ]; then
757 echo "Passwords did not match!"
758 continue
759 fi
760 break
761 done
762 ;;
763 *)
764 # invalid answer; repeat loop
765 continue
766 ;;
767 esac
768 break;
769 done
770 _disable=${disableflag:-"no"}
771 while : ; do
772 echo -n "Lock out the account after creation? [$_disable]: "
773 read _input
774 [ -z "$_input" ] && _input=$_disable
775 case $_input in
776 [Nn][Oo]|[Nn])
777 disableflag=
778 ;;
779 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
780 disableflag=yes
781 ;;
782 *)
783 # invalid answer; repeat loop
784 continue
785 ;;
786 esac
787 break
788 done
789
790 # Display the information we have so far and prompt to
791 # commit it.
792 #
793 _disable=${disableflag:-"no"}
794 [ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
795 case $passwdtype in
796 yes)
797 _pass='*****'
798 ;;
799 no)
800 _pass='<disabled>'
801 ;;
802 none)
803 _pass='<blank>'
804 ;;
805 random)
806 _pass='<random>'
807 ;;
808 esac
809 [ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
810 [ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
811 [ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
812 [ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
813 printf "%-10s : %s\n" "Class" "$uclass"
814 printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
815 printf "%-10s : %s\n" "Home" "$uhome"
816 printf "%-10s : %s\n" "Home Mode" "$uhomeperm"
817 printf "%-10s : %s\n" "Shell" "$ushell"
818 printf "%-10s : %s\n" "Locked" "$_disable"
819 while : ; do
820 echo -n "OK? (yes/no): "
821 read _input
822 case $_input in
823 [Nn][Oo]|[Nn])
824 return 1
825 ;;
826 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
827 add_user
828 ;;
829 *)
830 continue
831 ;;
832 esac
833 break
834 done
835 return 0
836 }
837
838 #### END SUBROUTINE DEFINITION ####
839
840 THISCMD=`@MEMO_PREFIX@@MEMO_SUB_PREFIX@/bin/basename $0`
841 DEFAULTSHELL=@PREFIX@/bin/sh
842 ADDUSERCONF="${ADDUSERCONF:-@MEMO_PREFIX@/etc/adduser.conf}"
843 PWCMD="${PWCMD:-@MEMO_PREFIX@@MEMO_SUB_PREFIX@/sbin/pw}"
844 MAILCMD="${MAILCMD:-mail}"
845 ETCSHELLS="${ETCSHELLS:-@MEMO_PREFIX@/etc/shells}"
846 NOHOME="@MEMO_PREFIX@/var/lib/empty"
847 NOLOGIN="nologin"
848 NOLOGIN_PATH="@MEMO_PREFIX@@MEMO_SUB_PREFIX@/sbin/nologin"
849 GREPCMD="@MEMO_PREFIX@@MEMO_SUB_PREFIX@/bin/grep"
850 DATECMD="@MEMO_PREFIX@/bin/date"
851
852 # Set default values
853 #
854 username=
855 uuid=
856 uidstart=
857 ugecos=
858 ulogingroup=
859 uclass=
860 uhome=
861 uhomeperm=
862 upass=
863 ushell=
864 udotdir=@MEMO_PREFIX@@MEMO_SUB_PREFIX@/share/skel
865 ugroups=
866 uexpire=
867 upwexpire=
868 shells="`valid_shells`"
869 passwdtype="yes"
870 msgfile=@MEMO_PREFIX@/etc/adduser.msg
871 msgflag=
872 quietflag=
873 configflag=
874 fflag=
875 infile=
876 disableflag=
877 Dflag=
878 Sflag=
879 readconfig="yes"
880 homeprefix="@MEMO_PREFIX@/var"
881 randompass=
882 fileline=
883 savedpwtype=
884 defaultclass=
885 defaultLgroup=
886 defaultgroups=
887 defaultshell="${DEFAULTSHELL}"
888 defaultHomePerm=
889
890 # Make sure the user running this program is root. This isn't a security
891 # measure as much as it is a useful method of reminding the user to
892 # 'su -' before he/she wastes time entering data that won't be saved.
893 #
894 procowner=${procowner:-`@MEMO_PREFIX@@MEMO_SUB_PREFIX@/bin/id -u`}
895 if [ "$procowner" != "0" ]; then
896 err 'you must be the super-user (uid 0) to use this utility.'
897 exit 1
898 fi
899
900 # Override from our conf file
901 # Quickly go through the commandline line to see if we should read
902 # from our configuration file. The actual parsing of the commandline
903 # arguments happens after we read in our configuration file (commandline
904 # should override configuration file).
905 #
906 for _i in $* ; do
907 if [ "$_i" = "-N" ]; then
908 readconfig=
909 break;
910 fi
911 done
912 if [ -n "$readconfig" ]; then
913 # On a long-lived system, the first time this script is run it
914 # will barf upon reading the configuration file for its perl predecessor.
915 if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
916 [ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
917 fi
918 fi
919
920 # Process command-line options
921 #
922 for _switch ; do
923 case $_switch in
924 -L)
925 defaultclass="$2"
926 shift; shift
927 ;;
928 -C)
929 configflag=yes
930 shift
931 ;;
932 -D)
933 Dflag=yes
934 shift
935 ;;
936 -E)
937 disableflag=yes
938 shift
939 ;;
940 -k)
941 udotdir="$2"
942 shift; shift
943 ;;
944 -f)
945 [ "$2" != "-" ] && infile="$2"
946 fflag=yes
947 shift; shift
948 ;;
949 -g)
950 defaultLgroup="$2"
951 shift; shift
952 ;;
953 -G)
954 defaultgroups="$2"
955 shift; shift
956 ;;
957 -h)
958 show_usage
959 exit 0
960 ;;
961 -d)
962 homeprefix="$2"
963 shift; shift
964 ;;
965 -m)
966 case "$2" in
967 [Nn][Oo])
968 msgflag=
969 ;;
970 *)
971 msgflag=yes
972 msgfile="$2"
973 ;;
974 esac
975 shift; shift
976 ;;
977 -M)
978 defaultHomePerm=$2
979 shift; shift
980 ;;
981 -N)
982 readconfig=
983 shift
984 ;;
985 -w)
986 case "$2" in
987 no|none|random|yes)
988 passwdtype=$2
989 ;;
990 *)
991 show_usage
992 exit 1
993 ;;
994 esac
995 shift; shift
996 ;;
997 -q)
998 quietflag=yes
999 shift
1000 ;;
1001 -s)
1002 defaultshell="`fullpath_from_shell $2`"
1003 shift; shift
1004 ;;
1005 -S)
1006 Sflag=yes
1007 shift
1008 ;;
1009 -u)
1010 uidstart=$2
1011 shift; shift
1012 ;;
1013 esac
1014 done
1015
1016 # If the -f switch was used, get input from a file. Otherwise,
1017 # this is an interactive session.
1018 #
1019 if [ -n "$fflag" ]; then
1020 if [ -z "$infile" ]; then
1021 input_from_file
1022 elif [ -n "$infile" ]; then
1023 if [ -r "$infile" ]; then
1024 input_from_file < $infile
1025 else
1026 err "File ($infile) is unreadable or does not exist."
1027 fi
1028 fi
1029 else
1030 input_interactive
1031 while : ; do
1032 if [ -z "$configflag" ]; then
1033 echo -n "Add another user? (yes/no): "
1034 else
1035 echo -n "Re-edit the default configuration? (yes/no): "
1036 fi
1037 read _input
1038 case $_input in
1039 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
1040 uidstart=`get_nextuid $uidstart`
1041 input_interactive
1042 continue
1043 ;;
1044 [Nn][Oo]|[Nn])
1045 echo "Goodbye!"
1046 ;;
1047 *)
1048 continue
1049 ;;
1050 esac
1051 break
1052 done
1053 fi
A port of FreeBSDs pw for Darwin