]> git.cameronkatri.com Git - pw-darwin.git/blob - adduser/adduser.sh
git.ckatri.com / pw-darwin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Accept full path names in addition to base names for shells.
[pw-darwin.git] / adduser / adduser.sh
1 #!/bin/sh
2 #
3 # Copyright (c) 2002-2004 Michael Telahun Makonnen. All rights reserved.
4 #
5 # Redistribution and use in source and binary forms, with or without
6 # modification, are permitted provided that the following conditions
7 # are met:
8 # 1. Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # 2. Redistributions in binary form must reproduce the above copyright
11 # notice, this list of conditions and the following disclaimer in the
12 # documentation and/or other materials provided with the distribution.
13 #
14 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 #
25 # Email: Mike Makonnen <mtm@FreeBSD.Org>
26 #
27 # $FreeBSD$
28 #
29
30 # err msg
31 # Display $msg on stderr, unless we're being quiet.
32 #
33 err() {
34 if [ -z "$quietflag" ]; then
35 echo 1>&2 ${THISCMD}: ERROR: $*
36 fi
37 }
38
39 # info msg
40 # Display $msg on stdout, unless we're being quiet.
41 #
42 info() {
43 if [ -z "$quietflag" ]; then
44 echo ${THISCMD}: INFO: $*
45 fi
46 }
47
48 # get_nextuid
49 # Output the value of $_uid if it is available for use. If it
50 # is not, output the value of the next higher uid that is available.
51 # If a uid is not specified, output the first available uid, as indicated
52 # by pw(8).
53 #
54 get_nextuid () {
55 _uid=$1
56 _nextuid=
57
58 if [ -z "$_uid" ]; then
59 _nextuid="`${PWCMD} usernext | cut -f1 -d:`"
60 else
61 while : ; do
62 ${PWCMD} usershow $_uid > /dev/null 2>&1
63 if [ ! "$?" -eq 0 ]; then
64 _nextuid=$_uid
65 break
66 fi
67 _uid=$(($_uid + 1))
68 done
69 fi
70 echo $_nextuid
71 }
72
73 # show_usage
74 # Display usage information for this utility.
75 #
76 show_usage() {
77 echo "usage: ${THISCMD} [options]"
78 echo " options may include:"
79 echo " -C save to the configuration file only"
80 echo " -D do not attempt to create the home directory"
81 echo " -E disable this account after creation"
82 echo " -G additional groups to add accounts to"
83 echo " -L login class of the user"
84 echo " -N do not read configuration file"
85 echo " -S a nonexistent shell is not an error"
86 echo " -d home directory"
87 echo " -f file from which input will be received"
88 echo " -g default login group"
89 echo " -h display this usage message"
90 echo " -k path to skeleton home directory"
91 echo " -m user welcome message file"
92 echo " -q absolute minimal user feedback"
93 echo " -s shell"
94 echo " -u uid to start at"
95 echo " -w password type: no, none, yes or random"
96 }
97
98 # valid_shells
99 # Outputs a list of valid shells from /etc/shells. Only the
100 # basename of the shell is output.
101 #
102 valid_shells() {
103 _prefix=
104 cat ${ETCSHELLS} |
105 while read _path _junk ; do
106 case $_path in
107 \#*|'')
108 ;;
109 *)
110 echo -n "${_prefix}`basename $_path`"
111 _prefix=' '
112 ;;
113 esac
114 done
115
116 # /usr/sbin/nologin is a special case
117 [ -x "${NOLOGIN_PATH}" ] && echo -n " ${NOLOGIN}"
118 }
119
120 # fullpath_from_shell shell
121 # Given $shell, which is either the full path to a shell or
122 # the basename component of a valid shell, get the
123 # full path to the shell from the /etc/shells file.
124 #
125 fullpath_from_shell() {
126 _shell=$1
127 [ -z "$_shell" ] && return 1
128
129 cat ${ETCSHELLS} |
130 while read _path _junk ; do
131 case "$_path" in
132 \#*|'')
133 ;;
134 *)
135 if [ "$_path" = "$_shell" -o \
136 "`basename $_path`" = "$_shell" ]; then
137 echo $_path
138 return 0
139 fi
140 ;;
141 esac
142 done
143
144 # /usr/sbin/nologin is a special case
145 if [ "$_shell" = "${NOLOGIN}" ]; then
146 echo ${NOLOGIN_PATH}
147 return 0;
148 fi
149
150 return 1
151 }
152
153 # shell_exists shell
154 # If the given shell is listed in ${ETCSHELLS} or it is
155 # the nologin shell this function will return 0.
156 # Otherwise, it will return 1. If shell is valid but
157 # the path is invalid or it is not executable it
158 # will emit an informational message saying so.
159 #
160 shell_exists()
161 {
162 _sh="$1"
163 _shellchk="${GREPCMD} '^$_sh$' ${ETCSHELLS} > /dev/null 2>&1"
164
165 if ! eval $_shellchk; then
166 # The nologin shell is not listed in /etc/shells.
167 if [ "$_sh" != "${NOLOGIN_PATH}" ]; then
168 err "Invalid shell ($_sh) for user $username."
169 return 1
170 fi
171 fi
172 ! [ -x "$_sh" ] &&
173 info "The shell ($_sh) does not exist or is not executable."
174
175 return 0
176 }
177
178 # save_config
179 # Save some variables to a configuration file.
180 # Note: not all script variables are saved, only those that
181 # it makes sense to save.
182 #
183 save_config() {
184 echo "# Configuration file for adduser(8)." > ${ADDUSERCONF}
185 echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
186 echo "# Last Modified on `${DATECMD}`." >> ${ADDUSERCONF}
187 echo '' >> ${ADDUSERCONF}
188 echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
189 echo "defaultclass=$uclass" >> ${ADDUSERCONF}
190 echo "defaultgroups=$ugroups" >> ${ADDUSERCONF}
191 echo "passwdtype=$passwdtype" >> ${ADDUSERCONF}
192 echo "homeprefix=$homeprefix" >> ${ADDUSERCONF}
193 echo "defaultshell=$ushell" >> ${ADDUSERCONF}
194 echo "udotdir=$udotdir" >> ${ADDUSERCONF}
195 echo "msgfile=$msgfile" >> ${ADDUSERCONF}
196 echo "disableflag=$disableflag" >> ${ADDUSERCONF}
197 }
198
199 # add_user
200 # Add a user to the user database. If the user chose to send a welcome
201 # message or lock the account, do so.
202 #
203 add_user() {
204
205 # Is this a configuration run? If so, don't modify user database.
206 #
207 if [ -n "$configflag" ]; then
208 save_config
209 return
210 fi
211
212 _uid=
213 _name=
214 _comment=
215 _gecos=
216 _home=
217 _group=
218 _grouplist=
219 _shell=
220 _class=
221 _dotdir=
222 _expire=
223 _pwexpire=
224 _passwd=
225 _upasswd=
226 _passwdmethod=
227
228 _name="-n '$username'"
229 [ -n "$uuid" ] && _uid='-u "$uuid"'
230 [ -n "$ulogingroup" ] && _group='-g "$ulogingroup"'
231 [ -n "$ugroups" ] && _grouplist='-G "$ugroups"'
232 [ -n "$ushell" ] && _shell='-s "$ushell"'
233 [ -n "$uclass" ] && _class='-L "$uclass"'
234 [ -n "$ugecos" ] && _comment='-c "$ugecos"'
235 [ -n "$udotdir" ] && _dotdir='-k "$udotdir"'
236 [ -n "$uexpire" ] && _expire='-e "$uexpire"'
237 [ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"'
238 if [ -z "$Dflag" -a -n "$uhome" ]; then
239 # The /nonexistent home directory is special. It
240 # means the user has no home directory.
241 if [ "$uhome" = "$NOHOME" ]; then
242 _home='-d "$uhome"'
243 else
244 _home='-m -d "$uhome"'
245 fi
246 elif [ -n "$Dflag" -a -n "$uhome" ]; then
247 _home='-d "$uhome"'
248 fi
249 case $passwdtype in
250 no)
251 _passwdmethod="-w no"
252 _passwd="-h -"
253 ;;
254 yes)
255 # Note on processing the password: The outer double quotes
256 # make literal everything except ` and \ and $.
257 # The outer single quotes make literal ` and $.
258 # We can ensure the \ isn't treated specially by specifying
259 # the -r switch to the read command used to obtain the input.
260 #
261 _passwdmethod="-w yes"
262 _passwd="-h 0"
263 _upasswd='echo "$upass" |'
264 ;;
265 none)
266 _passwdmethod="-w none"
267 ;;
268 random)
269 _passwdmethod="-w random"
270 ;;
271 esac
272
273 _pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
274 _pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
275 _pwcmd="$_pwcmd $_expire $_pwexpire"
276
277 if ! _output=`eval $_pwcmd` ; then
278 err "There was an error adding user ($username)."
279 return 1
280 else
281 info "Successfully added ($username) to the user database."
282 if [ "random" = "$passwdtype" ]; then
283 randompass="$_output"
284 info "Password for ($username) is: $randompass"
285 fi
286 fi
287
288 if [ -n "$disableflag" ]; then
289 if ${PWCMD} lock $username ; then
290 info "Account ($username) is locked."
291 else
292 info "Account ($username) could NOT be locked."
293 fi
294 fi
295
296 _line=
297 _owner=
298 _perms=
299 if [ -n "$msgflag" ]; then
300 [ -r "$msgfile" ] && {
301 # We're evaluating the contents of an external file.
302 # Let's not open ourselves up for attack. _perms will
303 # be empty if it's writeable only by the owner. _owner
304 # will *NOT* be empty if the file is owned by root.
305 #
306 _dir="`dirname $msgfile`"
307 _file="`basename $msgfile`"
308 _perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
309 _owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
310 if [ -z "$_owner" -o -n "$_perms" ]; then
311 err "The message file ($msgfile) may be writeable only by root."
312 return 1
313 fi
314 cat "$msgfile" |
315 while read _line ; do
316 eval echo "$_line"
317 done | ${MAILCMD} -s"Welcome" ${username}
318 info "Sent welcome message to ($username)."
319 }
320 fi
321 }
322
323 # get_user
324 # Reads username of the account from standard input or from a global
325 # variable containing an account line from a file. The username is
326 # required. If this is an interactive session it will prompt in
327 # a loop until a username is entered. If it is batch processing from
328 # a file it will output an error message and return to the caller.
329 #
330 get_user() {
331 _input=
332
333 # No need to take down user names if this is a configuration saving run.
334 [ -n "$configflag" ] && return
335
336 while : ; do
337 if [ -z "$fflag" ]; then
338 echo -n "Username: "
339 read _input
340 else
341 _input="`echo "$fileline" | cut -f1 -d:`"
342 fi
343
344 # There *must* be a username. If this is an interactive
345 # session give the user an opportunity to retry.
346 #
347 if [ -z "$_input" ]; then
348 err "You must enter a username!"
349 [ -z "$fflag" ] && continue
350 fi
351 break
352 done
353 username="$_input"
354 }
355
356 # get_gecos
357 # Reads extra information about the user. Can be used both in interactive
358 # and batch (from file) mode.
359 #
360 get_gecos() {
361 _input=
362
363 # No need to take down additional user information for a configuration run.
364 [ -n "$configflag" ] && return
365
366 if [ -z "$fflag" ]; then
367 echo -n "Full name: "
368 read _input
369 else
370 _input="`echo "$fileline" | cut -f7 -d:`"
371 fi
372 ugecos="$_input"
373 }
374
375 # get_shell
376 # Get the account's shell. Works in interactive and batch mode. It
377 # accepts either the base name of the shell or the full path.
378 # If an invalid shell is entered it will simply use the default shell.
379 #
380 get_shell() {
381 _input=
382 _fullpath=
383 ushell="$defaultshell"
384
385 # Make sure the current value of the shell is a valid one
386 if [ -z "$Sflag" ]; then
387 if ! shell_exists $ushell ; then
388 info "Using default shell ${defaultshell}."
389 ushell="$defaultshell"
390 fi
391 fi
392
393 if [ -z "$fflag" ]; then
394 echo -n "Shell ($shells) [`basename $ushell`]: "
395 read _input
396 else
397 _input="`echo "$fileline" | cut -f9 -d:`"
398 fi
399 if [ -n "$_input" ]; then
400 if [ -n "$Sflag" ]; then
401 ushell="$_input"
402 else
403 _fullpath=`fullpath_from_shell $_input`
404 if [ -n "$_fullpath" ]; then
405 ushell="$_fullpath"
406 else
407 err "Invalid shell ($_input) for user $username."
408 info "Using default shell ${defaultshell}."
409 ushell="$defaultshell"
410 fi
411 fi
412 fi
413 }
414
415 # get_homedir
416 # Reads the account's home directory. Used both with interactive input
417 # and batch input.
418 #
419 get_homedir() {
420 _input=
421 if [ -z "$fflag" ]; then
422 echo -n "Home directory [${homeprefix}/${username}]: "
423 read _input
424 else
425 _input="`echo "$fileline" | cut -f8 -d:`"
426 fi
427
428 if [ -n "$_input" ]; then
429 uhome="$_input"
430 # if this is a configuration run, then user input is the home
431 # directory prefix. Otherwise it is understood to
432 # be $prefix/$user
433 #
434 [ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
435 else
436 uhome="${homeprefix}/${username}"
437 fi
438 }
439
440 # get_uid
441 # Reads a numeric userid in an interactive or batch session. Automatically
442 # allocates one if it is not specified.
443 #
444 get_uid() {
445 uuid=${uidstart}
446 _input=
447 _prompt=
448
449 # No need to take down uids for a configuration saving run.
450 [ -n "$configflag" ] && return
451
452 if [ -n "$uuid" ]; then
453 _prompt="Uid [$uuid]: "
454 else
455 _prompt="Uid (Leave empty for default): "
456 fi
457 if [ -z "$fflag" ]; then
458 echo -n "$_prompt"
459 read _input
460 else
461 _input="`echo "$fileline" | cut -f2 -d:`"
462 fi
463
464 [ -n "$_input" ] && uuid=$_input
465 uuid=`get_nextuid $uuid`
466 uidstart=$uuid
467 }
468
469 # get_class
470 # Reads login class of account. Can be used in interactive or batch mode.
471 #
472 get_class() {
473 uclass="$defaultclass"
474 _input=
475 _class=${uclass:-"default"}
476
477 if [ -z "$fflag" ]; then
478 echo -n "Login class [$_class]: "
479 read _input
480 else
481 _input="`echo "$fileline" | cut -f4 -d:`"
482 fi
483
484 [ -n "$_input" ] && uclass="$_input"
485 }
486
487 # get_logingroup
488 # Reads user's login group. Can be used in both interactive and batch
489 # modes. The specified value can be a group name or its numeric id.
490 # This routine leaves the field blank if nothing is provided and
491 # a default login group has not been set. The pw(8) command
492 # will then provide a login group with the same name as the username.
493 #
494 get_logingroup() {
495 ulogingroup="$defaultLgroup"
496 _input=
497
498 if [ -z "$fflag" ]; then
499 echo -n "Login group [${ulogingroup:-$username}]: "
500 read _input
501 else
502 _input="`echo "$fileline" | cut -f3 -d:`"
503 fi
504
505 # Pw(8) will use the username as login group if it's left empty
506 [ -n "$_input" ] && ulogingroup="$_input"
507 }
508
509 # get_groups
510 # Read additional groups for the user. It can be used in both interactive
511 # and batch modes.
512 #
513 get_groups() {
514 ugroups="$defaultgroups"
515 _input=
516 _group=${ulogingroup:-"${username}"}
517
518 if [ -z "$configflag" ]; then
519 [ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
520 [ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
521 else
522 [ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
523 fi
524 read _input
525
526 [ -n "$_input" ] && ugroups="$_input"
527 }
528
529 # get_expire_dates
530 # Read expiry information for the account and also for the password. This
531 # routine is used only from batch processing mode.
532 #
533 get_expire_dates() {
534 upwexpire="`echo "$fileline" | cut -f5 -d:`"
535 uexpire="`echo "$fileline" | cut -f6 -d:`"
536 }
537
538 # get_password
539 # Read the password in batch processing mode. The password field matters
540 # only when the password type is "yes" or "random". If the field is empty and the
541 # password type is "yes", then it assumes the account has an empty passsword
542 # and changes the password type accordingly. If the password type is "random"
543 # and the password field is NOT empty, then it assumes the account will NOT
544 # have a random password and set passwdtype to "yes."
545 #
546 get_password() {
547 # We may temporarily change a password type. Make sure it's changed
548 # back to whatever it was before we process the next account.
549 #
550 [ -n "$savedpwtype" ] && {
551 passwdtype=$savedpwtype
552 savedpwtype=
553 }
554
555 # There may be a ':' in the password
556 upass=${fileline#*:*:*:*:*:*:*:*:*:}
557
558 if [ -z "$upass" ]; then
559 case $passwdtype in
560 yes)
561 # if it's empty, assume an empty password
562 passwdtype=none
563 savedpwtype=yes
564 ;;
565 esac
566 else
567 case $passwdtype in
568 random)
569 passwdtype=yes
570 savedpwtype=random
571 ;;
572 esac
573 fi
574 }
575
576 # input_from_file
577 # Reads a line of account information from standard input and
578 # adds it to the user database.
579 #
580 input_from_file() {
581 _field=
582
583 while read -r fileline ; do
584 case "$fileline" in
585 \#*|'')
586 return 0
587 ;;
588 esac
589
590 get_user || continue
591 get_gecos
592 get_uid
593 get_logingroup
594 get_class
595 get_shell
596 get_homedir
597 get_password
598 get_expire_dates
599
600 add_user
601 done
602 }
603
604 # input_interactive
605 # Prompts for user information interactively, and commits to
606 # the user database.
607 #
608 input_interactive() {
609
610 _disable=
611 _pass=
612 _passconfirm=
613 _random="no"
614 _emptypass="no"
615 _usepass="yes"
616 _logingroup_ok="no"
617 _groups_ok="no"
618 case $passwdtype in
619 none)
620 _emptypass="yes"
621 _usepass="yes"
622 ;;
623 no)
624 _usepass="no"
625 ;;
626 random)
627 _random="yes"
628 ;;
629 esac
630
631 get_user
632 get_gecos
633 get_uid
634
635 # The case where group = user is handled elsewhere, so
636 # validate any other groups the user is invited to.
637 until [ "$_logingroup_ok" = yes ]; do
638 get_logingroup
639 _logingroup_ok=yes
640 if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then
641 if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then
642 echo "Group $ulogingroup does not exist!"
643 _logingroup_ok=no
644 fi
645 fi
646 done
647 until [ "$_groups_ok" = yes ]; do
648 get_groups
649 _groups_ok=yes
650 for i in $ugroups; do
651 if [ "$username" != "$i" ]; then
652 if ! ${PWCMD} show group $i > /dev/null 2>&1; then
653 echo "Group $i does not exist!"
654 _groups_ok=no
655 fi
656 fi
657 done
658 done
659
660 get_class
661 get_shell
662 get_homedir
663
664 while : ; do
665 echo -n "Use password-based authentication? [$_usepass]: "
666 read _input
667 [ -z "$_input" ] && _input=$_usepass
668 case $_input in
669 [Nn][Oo]|[Nn])
670 passwdtype="no"
671 ;;
672 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
673 while : ; do
674 echo -n "Use an empty password? (yes/no) [$_emptypass]: "
675 read _input
676 [ -n "$_input" ] && _emptypass=$_input
677 case $_emptypass in
678 [Nn][Oo]|[Nn])
679 echo -n "Use a random password? (yes/no) [$_random]: "
680 read _input
681 [ -n "$_input" ] && _random="$_input"
682 case $_random in
683 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
684 passwdtype="random"
685 break
686 ;;
687 esac
688 passwdtype="yes"
689 [ -n "$configflag" ] && break
690 trap 'stty echo; exit' 0 1 2 3 15
691 stty -echo
692 echo -n "Enter password: "
693 read -r upass
694 echo''
695 echo -n "Enter password again: "
696 read -r _passconfirm
697 echo ''
698 stty echo
699 # if user entered a blank password
700 # explicitly ask again.
701 [ -z "$upass" -a -z "$_passconfirm" ] \
702 && continue
703 ;;
704 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
705 passwdtype="none"
706 break;
707 ;;
708 *)
709 # invalid answer; repeat the loop
710 continue
711 ;;
712 esac
713 if [ "$upass" != "$_passconfirm" ]; then
714 echo "Passwords did not match!"
715 continue
716 fi
717 break
718 done
719 ;;
720 *)
721 # invalid answer; repeat loop
722 continue
723 ;;
724 esac
725 break;
726 done
727 _disable=${disableflag:-"no"}
728 while : ; do
729 echo -n "Lock out the account after creation? [$_disable]: "
730 read _input
731 [ -z "$_input" ] && _input=$_disable
732 case $_input in
733 [Nn][Oo]|[Nn])
734 disableflag=
735 ;;
736 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
737 disableflag=yes
738 ;;
739 *)
740 # invalid answer; repeat loop
741 continue
742 ;;
743 esac
744 break
745 done
746
747 # Display the information we have so far and prompt to
748 # commit it.
749 #
750 _disable=${disableflag:-"no"}
751 [ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
752 case $passwdtype in
753 yes)
754 _pass='*****'
755 ;;
756 no)
757 _pass='<disabled>'
758 ;;
759 none)
760 _pass='<blank>'
761 ;;
762 random)
763 _pass='<random>'
764 ;;
765 esac
766 [ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
767 [ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
768 [ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
769 [ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
770 printf "%-10s : %s\n" "Class" "$uclass"
771 printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
772 printf "%-10s : %s\n" "Home" "$uhome"
773 printf "%-10s : %s\n" "Shell" "$ushell"
774 printf "%-10s : %s\n" "Locked" "$_disable"
775 while : ; do
776 echo -n "OK? (yes/no): "
777 read _input
778 case $_input in
779 [Nn][Oo]|[Nn])
780 return 1
781 ;;
782 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
783 add_user
784 ;;
785 *)
786 continue
787 ;;
788 esac
789 break
790 done
791 return 0
792 }
793
794 #### END SUBROUTINE DEFENITION ####
795
796 THISCMD=`/usr/bin/basename $0`
797 DEFAULTSHELL=/bin/sh
798 ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
799 PWCMD="${PWCMD:-/usr/sbin/pw}"
800 MAILCMD="${MAILCMD:-mail}"
801 ETCSHELLS="${ETCSHELLS:-/etc/shells}"
802 NOHOME="/nonexistent"
803 NOLOGIN="nologin"
804 NOLOGIN_PATH="/usr/sbin/nologin"
805 GREPCMD="/usr/bin/grep"
806 DATECMD="/bin/date"
807
808 # Set default values
809 #
810 username=
811 uuid=
812 uidstart=
813 ugecos=
814 ulogingroup=
815 uclass=
816 uhome=
817 upass=
818 ushell=
819 udotdir=/usr/share/skel
820 ugroups=
821 uexpire=
822 upwexpire=
823 shells="`valid_shells`"
824 passwdtype="yes"
825 msgfile=/etc/adduser.msg
826 msgflag=
827 quietflag=
828 configflag=
829 fflag=
830 infile=
831 disableflag=
832 Dflag=
833 Sflag=
834 readconfig="yes"
835 homeprefix="/home"
836 randompass=
837 fileline=
838 savedpwtype=
839 defaultclass=
840 defaultLgroup=
841 defaultgroups=
842 defaultshell="${DEFAULTSHELL}"
843
844 # Make sure the user running this program is root. This isn't a security
845 # measure as much as it is a usefull method of reminding the user to
846 # 'su -' before he/she wastes time entering data that won't be saved.
847 #
848 procowner=${procowner:-`/usr/bin/id -u`}
849 if [ "$procowner" != "0" ]; then
850 err 'you must be the super-user (uid 0) to use this utility.'
851 exit 1
852 fi
853
854 # Overide from our conf file
855 # Quickly go through the commandline line to see if we should read
856 # from our configuration file. The actual parsing of the commandline
857 # arguments happens after we read in our configuration file (commandline
858 # should override configuration file).
859 #
860 for _i in $* ; do
861 if [ "$_i" = "-N" ]; then
862 readconfig=
863 break;
864 fi
865 done
866 if [ -n "$readconfig" ]; then
867 # On a long-lived system, the first time this script is run it
868 # will barf upon reading the configuration file for its perl predecessor.
869 if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
870 [ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
871 fi
872 fi
873
874 # Proccess command-line options
875 #
876 for _switch ; do
877 case $_switch in
878 -L)
879 defaultclass="$2"
880 shift; shift
881 ;;
882 -C)
883 configflag=yes
884 shift
885 ;;
886 -D)
887 Dflag=yes
888 shift
889 ;;
890 -E)
891 disableflag=yes
892 shift
893 ;;
894 -k)
895 udotdir="$2"
896 shift; shift
897 ;;
898 -f)
899 [ "$2" != "-" ] && infile="$2"
900 fflag=yes
901 shift; shift
902 ;;
903 -g)
904 defaultLgroup="$2"
905 shift; shift
906 ;;
907 -G)
908 defaultgroups="$2"
909 shift; shift
910 ;;
911 -h)
912 show_usage
913 exit 0
914 ;;
915 -d)
916 homeprefix="$2"
917 shift; shift
918 ;;
919 -m)
920 case "$2" in
921 [Nn][Oo])
922 msgflag=
923 ;;
924 *)
925 msgflag=yes
926 msgfile="$2"
927 ;;
928 esac
929 shift; shift
930 ;;
931 -N)
932 readconfig=
933 shift
934 ;;
935 -w)
936 case "$2" in
937 no|none|random|yes)
938 passwdtype=$2
939 ;;
940 *)
941 show_usage
942 exit 1
943 ;;
944 esac
945 shift; shift
946 ;;
947 -q)
948 quietflag=yes
949 shift
950 ;;
951 -s)
952 defaultshell="`fullpath_from_shell $2`"
953 shift; shift
954 ;;
955 -S)
956 Sflag=yes
957 shift
958 ;;
959 -u)
960 uidstart=$2
961 shift; shift
962 ;;
963 esac
964 done
965
966 # If the -f switch was used, get input from a file. Otherwise,
967 # this is an interactive session.
968 #
969 if [ -n "$fflag" ]; then
970 if [ -z "$infile" ]; then
971 input_from_file
972 elif [ -n "$infile" ]; then
973 if [ -r "$infile" ]; then
974 input_from_file < $infile
975 else
976 err "File ($infile) is unreadable or does not exist."
977 fi
978 fi
979 else
980 input_interactive
981 while : ; do
982 if [ -z "$configflag" ]; then
983 echo -n "Add another user? (yes/no): "
984 else
985 echo -n "Re-edit the default configuration? (yes/no): "
986 fi
987 read _input
988 case $_input in
989 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
990 uidstart=`get_nextuid $uidstart`
991 input_interactive
992 continue
993 ;;
994 [Nn][Oo]|[Nn])
995 echo "Goodbye!"
996 ;;
997 *)
998 continue
999 ;;
1000 esac
1001 break
1002 done
1003 fi
A port of FreeBSDs pw for Darwin