]> git.cameronkatri.com Git - pw-darwin.git/blob - adduser/adduser.perl
git.ckatri.com / pw-darwin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Change "no" answer to "default" for login class, because "no" class
[pw-darwin.git] / adduser / adduser.perl
1 #!/usr/bin/perl
2 #
3 # Copyright (c) 1995-1996 Wolfram Schneider <wosch@FreeBSD.org>. Berlin.
4 # All rights reserved.
5 #
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions
8 # are met:
9 # 1. Redistributions of source code must retain the above copyright
10 # notice, this list of conditions and the following disclaimer.
11 # 2. Redistributions in binary form must reproduce the above copyright
12 # notice, this list of conditions and the following disclaimer in the
13 # documentation and/or other materials provided with the distribution.
14 #
15 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25 # SUCH DAMAGE.
26 #
27 # $Id: adduser.perl,v 1.30 1997/05/01 23:23:06 ache Exp $
28
29
30 # read variables
31 sub variables {
32 $verbose = 1; # verbose = [0-2]
33 $defaultpasswd = "yes"; # use password for new users
34 $dotdir = "/usr/share/skel"; # copy dotfiles from this dir
35 $dotdir_bak = $dotdir;
36 $send_message = "/etc/adduser.message"; # send message to new user
37 $send_message_bak = '/etc/adduser.message';
38 $config = "/etc/adduser.conf"; # config file for adduser
39 $config_read = 1; # read config file
40 $logfile = "/var/log/adduser"; # logfile
41 $home = "/home"; # default HOME
42 $etc_shells = "/etc/shells";
43 $etc_passwd = "/etc/master.passwd";
44 $group = "/etc/group";
45 $pwd_mkdb = "pwd_mkdb -p"; # program for building passwd database
46
47
48 # List of directories where shells located
49 @path = ('/bin', '/usr/bin', '/usr/local/bin');
50 # common shells, first element has higher priority
51 @shellpref = ('csh', 'sh', 'bash', 'tcsh', 'ksh');
52
53 $defaultshell = 'sh'; # defaultshell if not empty
54 $group_uniq = 'USER';
55 $defaultgroup = $group_uniq;# login groupname, $group_uniq means username
56 $defaultclass = '';
57
58 $uid_start = 1000; # new users get this uid
59 $uid_end = 32000; # max. uid
60
61 # global variables
62 # passwd
63 $username = ''; # $username{username} = uid
64 $uid = ''; # $uid{uid} = username
65 $pwgid = ''; # $pwgid{pwgid} = username; gid from passwd db
66
67 $password = ''; # password for new users
68
69 # group
70 $groupname =''; # $groupname{groupname} = gid
71 $groupmembers = ''; # $groupmembers{gid} = members of group/kommalist
72 $gid = ''; # $gid{gid} = groupname; gid form group db
73
74 # shell
75 $shell = ''; # $shell{`basename sh`} = sh
76
77 # only for me (=Wolfram)
78 if ($test) {
79 $home = "/home/w/tmp/adduser/home";
80 $etc_shells = "./shells";
81 $etc_passwd = "./master.passwd";
82 $group = "./group";
83 $pwd_mkdb = "pwd_mkdb -p -d .";
84 $config = "adduser.conf";
85 $send_message = "./adduser.message";
86 $logfile = "./log.adduser";
87 }
88
89 umask 022; # don't give login group write access
90
91 $ENV{'PATH'} = "/sbin:/bin:/usr/sbin:/usr/bin";
92 @passwd_backup = '';
93 @group_backup = '';
94 @message_buffer = '';
95 @user_variable_list = ''; # user variables in /etc/adduser.conf
96 $do_not_delete = '## DO NOT DELETE THIS LINE!';
97 }
98
99 # read shell database, see also: shells(5)
100 sub shells_read {
101 local($sh);
102 local($err) = 0;
103
104 print "Check $etc_shells\n" if $verbose;
105 open(S, $etc_shells) || die "$etc_shells:$!\n";
106
107 while(<S>) {
108 if (/^\s*\//) {
109 s/^\s*//; s/\s+.*//; # chop
110 $sh = $_;
111 if (-x $sh) {
112 $shell{&basename($sh)} = $sh;
113 } else {
114 warn "Shell: $sh not executable!\n";
115 $err++;
116 }
117 }
118 }
119
120 # Allow /nonexistent and /bin/date as a valid shell for system utils
121 push(@list, "/nonexistent");
122 push(@shellpref, "no");
123 $shell{"no"} = "/nonexistent";
124
125 push(@list, "/bin/date");
126 push(@shellpref, "date");
127 $shell{"date"} = "/bin/date";
128
129 return $err;
130 }
131
132 # add new shells if possible
133 sub shells_add {
134 local($sh,$dir,@list);
135
136 return 1 unless $verbose;
137
138 foreach $sh (@shellpref) {
139 # all known shells
140 if (!$shell{$sh}) {
141 # shell $sh is not defined as login shell
142 foreach $dir (@path) {
143 if (-x "$dir/$sh") {
144 # found shell
145 if (&confirm_yn("Found shell: $dir/$sh. Add to $etc_shells?", "yes")) {
146 push(@list, "$dir/$sh");
147 push(@shellpref, "$sh");
148 $shell{&basename("$dir/$sh")} = "$dir/$sh";
149 $changes++;
150 }
151 }
152 }
153 }
154 }
155 &append_file($etc_shells, @list) if $#list >= 0;
156 }
157
158 # choose your favourite shell and return the shell
159 sub shell_default {
160 local($e,$i,$new_shell);
161 local($sh);
162
163 $sh = &shell_default_valid($defaultshell);
164 return $sh unless $verbose;
165
166 $new_shell = &confirm_list("Enter your default shell:", 0,
167 $sh, sort(keys %shell));
168 print "Your default shell is: $new_shell -> $shell{$new_shell}\n";
169 $changes++ if $new_shell ne $sh;
170 return $new_shell;
171 }
172
173 sub shell_default_valid {
174 local($sh) = @_;
175 local($s,$e);
176
177 return $sh if $shell{$sh};
178
179 foreach $e (@shellpref) {
180 $s = $e;
181 last if defined($shell{$s});
182 }
183 $s = "sh" unless $s;
184 warn "Shell ``$sh'' is undefined, use ``$s''\n";
185 return $s;
186 }
187
188 # return default home partition (f.e. "/home")
189 # create base directory if nesseccary
190 sub home_partition {
191 local($home) = @_;
192 $home = &stripdir($home);
193 local($h) = $home;
194
195 return $h if !$verbose && $h eq &home_partition_valid($h);
196
197 while(1) {
198 $h = &confirm_list("Enter your default HOME partition:", 1, $home, "");
199 $h = &stripdir($h);
200 last if $h eq &home_partition_valid($h);
201 }
202
203 $changes++ if $h ne $home;
204 return $h;
205 }
206
207 sub home_partition_valid {
208 local($h) = @_;
209
210 $h = &stripdir($h);
211 # all right (I hope)
212 return $h if $h =~ "^/" && -e $h && -w $h && (-d $h || -l $h);
213
214 # Errors or todo
215 if ($h !~ "^/") {
216 warn "Please use absolute path for home: ``$h''.\a\n";
217 return 0;
218 }
219
220 if (-e $h) {
221 warn "$h exists, but is not a directory or symlink!\n"
222 unless -d $h || -l $h;
223 warn "$h is not writable!\n"
224 unless -w $h;
225 return 0;
226 } else {
227 # create home partition
228 return $h if &mkdir_home($h);
229 }
230 return 0;
231 }
232
233 # check for valid passwddb
234 sub passwd_check {
235 system("$pwd_mkdb -c $etc_passwd");
236 die "\nInvalid $etc_passwd - cannot add any users!\n" if $?;
237 }
238
239 # read /etc/passwd
240 sub passwd_read {
241 local($p_username, $pw, $p_uid, $p_gid, $sh, %shlist);
242
243 print "Check $etc_passwd\n" if $verbose;
244 open(P, "$etc_passwd") || die "$passwd: $!\n";
245
246 while(<P>) {
247 chop;
248 push(@passwd_backup, $_);
249 # ignore comments
250 next if /^\s*$/;
251 next if /^\s*#/;
252
253 ($p_username, $pw, $p_uid, $p_gid, $sh) = (split(/:/, $_))[0..3,9];
254
255 print "$p_username already exists with uid: $username{$p_username}!\n"
256 if $username{$p_username} && $verbose;
257 $username{$p_username} = $p_uid;
258 print "User $p_username: uid $p_uid exists twice: $uid{$p_uid}\n"
259 if $uid{$p_uid} && $verbose && $p_uid; # don't warn for uid 0
260 print "User $p_username: illegal shell: ``$sh''\n"
261 if ($verbose && $sh &&
262 !$shell{&basename($sh)} &&
263 $p_username !~ /^(news|xten|bin|nobody|uucp)$/ &&
264 $sh !~ /\/(pppd|sliplogin)$/);
265 $uid{$p_uid} = $p_username;
266 $pwgid{$p_gid} = $p_username;
267 }
268 close P;
269 }
270
271 # read /etc/group
272 sub group_read {
273 local($g_groupname,$pw,$g_gid, $memb);
274
275 print "Check $group\n" if $verbose;
276 open(G, "$group") || die "$group: $!\n";
277 while(<G>) {
278 chop;
279 push(@group_backup, $_);
280 # ignore comments
281 next if /^\s*$/;
282 next if /^\s*#/;
283
284 ($g_groupname, $pw, $g_gid, $memb) = (split(/:/, $_))[0..3];
285
286 $groupmembers{$g_gid} = $memb;
287 warn "Groupname exists twice: $g_groupname:$g_gid -> $g_groupname:$groupname{$g_groupname}\n"
288 if $groupname{$g_groupname} && $verbose;
289 $groupname{$g_groupname} = $g_gid;
290 warn "Groupid exists twice: $g_groupname:$g_gid -> $gid{$g_gid}:$g_gid\n"
291 if $gid{$g_gid} && $verbose;
292 $gid{$g_gid} = $g_groupname;
293 }
294 close G;
295 }
296
297 # check gids /etc/passwd <-> /etc/group
298 sub group_check {
299 local($c_gid, $c_username, @list);
300
301 foreach $c_gid (keys %pwgid) {
302 if (!$gid{$c_gid}) {
303 $c_username = $pwgid{$c_gid};
304 warn "User ``$c_username'' has gid $c_gid but a group with this " .
305 "gid does not exist.\n" if $verbose;
306 }
307 }
308 }
309
310 #
311 # main loop for creating new users
312 #
313
314 # return username
315 sub new_users_name {
316 local($name);
317
318 while(1) {
319 $name = &confirm_list("Enter username", 1, "a-z0-9_-", "");
320 if (length($name) > 16) {
321 warn "Username is longer than 16 chars\a\n";
322 next;
323 }
324 last if (&new_users_name_valid($name) eq $name);
325 }
326 return $name;
327 }
328
329 sub new_users_name_valid {
330 local($name) = @_;
331
332 if ($name !~ /^[a-z0-9_][a-z0-9_\-]*$/) {
333 warn "Wrong username. " .
334 "Please use only lowercase characters or digits\a\n";
335 return 0;
336 } elsif ($username{$name}) {
337 warn "Username ``$name'' already exists!\a\n"; return 0;
338 }
339 return $name;
340 }
341
342 # return full name
343 sub new_users_fullname {
344 local($name) = @_;
345 local($fullname);
346
347 while(1) {
348 $fullname = &confirm_list("Enter full name", 1, "", "");
349 last if $fullname eq &new_users_fullname_valid($fullname);
350 }
351 $fullname = $name unless $fullname;
352 return $fullname;
353 }
354
355 sub new_users_fullname_valid {
356 local($fullname) = @_;
357
358 return $fullname if $fullname !~ /:/;
359
360 warn "``:'' is not allowed!\a\n";
361 return 0;
362 }
363
364 # return shell (full path) for user
365 sub new_users_shell {
366 local($sh);
367
368 $sh = &confirm_list("Enter shell", 0, $defaultshell, keys %shell);
369 return $shell{$sh};
370 }
371
372 # return free uid and gid
373 sub new_users_id {
374 local($name) = @_;
375 local($u_id, $g_id) = &next_id($name);
376 local($u_id_tmp, $e);
377
378 while(1) {
379 $u_id_tmp = &confirm_list("Uid", 1, $u_id, "");
380 last if $u_id_tmp =~ /^[0-9]+$/ && $u_id_tmp <= $uid_end &&
381 ! $uid{$u_id_tmp};
382 if ($uid{$u_id_tmp}) {
383 warn "Uid ``$u_id_tmp'' in use!\a\n";
384 } else {
385 warn "Wrong uid.\a\n";
386 }
387 }
388 # use calculated uid
389 return ($u_id_tmp, $g_id) if $u_id_tmp eq $u_id;
390 # recalculate gid
391 $uid_start = $u_id_tmp;
392 return &next_id($name);
393 }
394
395 # return login class for user
396 sub new_users_class {
397 local($def) = @_;
398 local($class);
399
400 $class = &confirm_list("Enter login class:", 1, $def, ($def, "default"));
401 $class = "" if $class eq "default";
402 return $class;
403 }
404
405 # add user to group
406 sub add_group {
407 local($gid, $name) = @_;
408
409 return 0 if
410 $groupmembers{$gid} =~ /^(.+,)?$name(,.+)?$/;
411
412 $groupmembers_bak{$gid} = $groupmembers{$gid};
413 $groupmembers{$gid} .= "," if $groupmembers{$gid};
414 $groupmembers{$gid} .= "$name";
415
416 return $name;
417 }
418
419
420 # return login group
421 sub new_users_grplogin {
422 local($name, $defaultgroup, $new_users_ok) = @_;
423 local($group_login, $group);
424
425 $group = $name;
426 $group = $defaultgroup if $defaultgroup ne $group_uniq;
427
428 if ($new_users_ok) {
429 # clean up backup
430 foreach $e (keys %groupmembers_bak) { delete $groupmembers_bak{$e}; }
431 } else {
432 # restore old groupmembers, user was not accept
433 foreach $e (keys %groupmembers_bak) {
434 $groupmembers{$e} = $groupmembers_bak{$e};
435 }
436 }
437
438 while(1) {
439 $group_login = &confirm_list("Login group", 1, $group,
440 ($name, $group));
441 last if $group_login eq $group;
442 last if $group_login eq $name;
443 last if defined $groupname{$group_login};
444 if ($group_login eq $group_uniq) {
445 $group_login = $name; last;
446 }
447
448 if (defined $gid{$group_login}) {
449 # convert numeric groupname (gid) to groupname
450 $group_login = $gid{$group_login};
451 last;
452 }
453 warn "Group does not exist!\a\n";
454 }
455
456 #if (defined($groupname{$group_login})) {
457 # &add_group($groupname{$group_login}, $name);
458 #}
459
460 return ($group_login, $group_uniq) if $group_login eq $name;
461 return ($group_login, $group_login);
462 }
463
464 # return login group
465 sub new_users_grplogin_batch {
466 local($name, $defaultgroup) = @_;
467 local($group_login, $group);
468
469 $group_login = $name;
470 $group_login = $defaultgroup if $defaultgroup ne $group_uniq;
471
472 if (defined $gid{$group_login}) {
473 # convert numeric groupname (gid) to groupname
474 $group_login = $gid{$group_login};
475 }
476
477 # if (defined($groupname{$group_login})) {
478 # &add_group($groupname{$group_login}, $name);
479 # }
480
481 return $group_login
482 if defined($groupname{$group_login}) || $group_login eq $name;
483 warn "Group ``$group_login'' does not exist\a\n";
484 return 0;
485 }
486
487 # return other groups (string)
488 sub new_users_groups {
489 local($name, $other_groups) = @_;
490 local($string) =
491 "Login group is ``$group_login''. Invite $name into other groups:";
492 local($e, $flag);
493 local($new_groups,$groups);
494
495 $other_groups = "no" unless $other_groups;
496
497 while(1) {
498 $groups = &confirm_list($string, 1, $other_groups,
499 ("no", $other_groups, "guest"));
500 # no other groups
501 return "" if $groups eq "no";
502
503 ($flag, $new_groups) = &new_users_groups_valid($groups);
504 last unless $flag;
505 }
506 $new_groups =~ s/\s*$//;
507 return $new_groups;
508 }
509
510 sub new_users_groups_valid {
511 local($groups) = @_;
512 local($e, $new_groups);
513 local($flag) = 0;
514
515 foreach $e (split(/[,\s]+/, $groups)) {
516 # convert numbers to groupname
517 if ($e =~ /^[0-9]+$/ && $gid{$e}) {
518 $e = $gid{$e};
519 }
520 if (defined($groupname{$e})) {
521 if ($e eq $group_login) {
522 # do not add user to a group if this group
523 # is also the login group.
524 } elsif (&add_group($groupname{$e}, $name)) {
525 $new_groups .= "$e ";
526 } else {
527 warn "$name is already member of group ``$e''\n";
528 }
529 } else {
530 warn "Group ``$e'' does not exist\a\n"; $flag++;
531 }
532 }
533 return ($flag, $new_groups);
534 }
535
536 # your last change
537 sub new_users_ok {
538
539 print <<EOF;
540
541 Name: $name
542 Password: ****
543 Fullname: $fullname
544 Uid: $u_id
545 Gid: $g_id ($group_login)
546 Class: $class
547 Groups: $group_login $new_groups
548 HOME: $home/$name
549 Shell: $sh
550 EOF
551
552 return &confirm_yn("OK?", "yes");
553 }
554
555 # make password database
556 sub new_users_pwdmkdb {
557 local($last) = @_;
558
559 system("$pwd_mkdb $etc_passwd");
560 if ($?) {
561 warn "$last\n";
562 warn "``$pwd_mkdb'' failed\n";
563 exit($? >> 8);
564 }
565 }
566
567 # update group database
568 sub new_users_group_update {
569 local($e, @a);
570
571 # Add *new* group
572 if (!defined($groupname{$group_login}) &&
573 !defined($gid{$groupname{$group_login}})) {
574 push(@group_backup, "$group_login:*:$g_id:");
575 $groupname{$group_login} = $g_id;
576 $gid{$g_id} = $group_login;
577 # $groupmembers{$g_id} = $group_login;
578 }
579
580 if ($new_groups || defined($groupname{$group_login}) ||
581 defined($gid{$groupname{$group_login}}) &&
582 $gid{$groupname{$group_login}} ne "+") {
583 # new user is member of some groups
584 # new login group is already in name space
585 rename($group, "$group.bak");
586 #warn "$group_login $groupname{$group_login} $groupmembers{$groupname{$group_login}}\n";
587 foreach $e (sort {$a <=> $b} (keys %gid)) {
588 push(@a, "$gid{$e}:*:$e:$groupmembers{$e}");
589 }
590 &append_file($group, @a);
591 } else {
592 &append_file($group, "$group_login:*:$g_id:");
593 }
594
595 }
596
597 sub new_users_passwd_update {
598 # update passwd/group variables
599 push(@passwd_backup, $new_entry);
600 $username{$name} = $u_id;
601 $uid{$u_id} = $name;
602 $pwgid{$g_id} = $name;
603 }
604
605 # send message to new user
606 sub new_users_sendmessage {
607 return 1 if $send_message eq "no";
608
609 local($cc) =
610 &confirm_list("Send message to ``$name'' and:",
611 1, "no", ("root", "second_mail_address", "no"));
612 local($e);
613 $cc = "" if $cc eq "no";
614
615 foreach $e (@message_buffer) {
616 print eval "\"$e\"";
617 }
618 print "\n";
619
620 local(@message_buffer_append) = ();
621 if (!&confirm_yn("Add anything to default message", "no")) {
622 print "Use ``.'' or ^D alone on a line to finish your message.\n";
623 push(@message_buffer_append, "\n");
624 while($read = <STDIN>) {
625 last if $read eq "\.\n";
626 push(@message_buffer_append, $read);
627 }
628 }
629
630 &sendmessage("$name $cc", (@message_buffer, @message_buffer_append))
631 if (&confirm_yn("Send message", "yes"));
632 }
633
634 sub sendmessage {
635 local($to, @message) = @_;
636 local($e);
637
638 if (!open(M, "| mail -s Welcome $to")) {
639 warn "Cannot send mail to: $to!\n";
640 return 0;
641 } else {
642 foreach $e (@message) {
643 print M eval "\"$e\"";
644 }
645 close M;
646 }
647 }
648
649
650 sub new_users_password {
651
652 # empty password
653 return "" if $defaultpasswd ne "yes";
654
655 local($password);
656
657 while(1) {
658 system("stty -echo");
659 $password = &confirm_list("Enter password", 1, "", "");
660 system("stty echo");
661 print "\n";
662 if ($password ne "") {
663 system("stty -echo");
664 $newpass = &confirm_list("Enter password again", 1, "", "");
665 system("stty echo");
666 print "\n";
667 last if $password eq $newpass;
668 print "They didn't match, please try again\n";
669 }
670 elsif (&confirm_yn("Use an empty password?", "yes")) {
671 last;
672 }
673 }
674
675 return $password;
676 }
677
678
679 sub new_users {
680
681 print "\n" if $verbose;
682 print "Ok, let's go.\n" .
683 "Don't worry about mistakes. I will give you the chance later to " .
684 "correct any input.\n" if $verbose;
685
686 # name: Username
687 # fullname: Full name
688 # sh: shell
689 # u_id: user id
690 # g_id: group id
691 # class: login class
692 # group_login: groupname of g_id
693 # new_groups: some other groups
694 local($name, $group_login, $fullname, $sh, $u_id, $g_id, $class, $new_groups);
695 local($groupmembers_bak, $cryptpwd);
696 local($new_users_ok) = 1;
697
698
699 $new_groups = "no";
700 $new_groups = "no" unless $groupname{$new_groups};
701
702 while(1) {
703 $name = &new_users_name;
704 $fullname = &new_users_fullname($name);
705 $sh = &new_users_shell;
706 ($u_id, $g_id) = &new_users_id($name);
707 $class = &new_users_class($defaultclass);
708 ($group_login, $defaultgroup) =
709 &new_users_grplogin($name, $defaultgroup, $new_users_ok);
710 # do not use uniq username and login group
711 $g_id = $groupname{$group_login} if (defined($groupname{$group_login}));
712
713 $new_groups = &new_users_groups($name, $new_groups);
714 $password = &new_users_password;
715
716
717 if (&new_users_ok) {
718 $new_users_ok = 1;
719
720 $cryptpwd = "";
721 $cryptpwd = crypt($password, &salt) if $password ne "";
722 # obscure perl bug
723 $new_entry = "$name\:" . "$cryptpwd" .
724 "\:$u_id\:$g_id\:$class\:0:0:$fullname:$home/$name:$sh";
725 &append_file($etc_passwd, "$new_entry");
726 &new_users_pwdmkdb("$new_entry");
727 &new_users_group_update;
728 &new_users_passwd_update; print "Added user ``$name''\n";
729 &new_users_sendmessage;
730 &adduser_log("$name:*:$u_id:$g_id($group_login):$fullname");
731 &home_create($name, $group_login);
732 } else {
733 $new_users_ok = 0;
734 }
735 if (!&confirm_yn("Add another user?", "yes")) {
736 print "Goodbye!\n" if $verbose;
737 last;
738 }
739 print "\n" if !$verbose;
740 }
741 }
742
743 sub batch {
744 local($name, $groups, $class, $fullname, $password) = @_;
745 local($sh);
746
747 $defaultshell = &shell_default_valid($defaultshell);
748 return 0 unless $home = &home_partition_valid($home);
749 return 0 if $dotdir ne &dotdir_default_valid($dotdir);
750 $send_message = &message_default;
751
752 return 0 if $name ne &new_users_name_valid($name);
753 $sh = $shell{$defaultshell};
754 ($u_id, $g_id) = &next_id($name);
755 $group_login = &new_users_grplogin_batch($name, $defaultgroup);
756 return 0 unless $group_login;
757 $g_id = $groupname{$group_login} if (defined($groupname{$group_login}));
758 ($flag, $new_groups) = &new_users_groups_valid($groups);
759 return 0 if $flag;
760
761 $class = $defaultclass if $class eq "";
762 $cryptpwd = "";
763 $cryptpwd = crypt($password, &salt) if $password ne "";
764 # obscure perl bug
765 $new_entry = "$name\:" . "$cryptpwd" .
766 "\:$u_id\:$g_id\:$class\:0:0:$fullname:$home/$name:$sh";
767 &append_file($etc_passwd, "$new_entry");
768 &new_users_pwdmkdb("$new_entry");
769 &new_users_group_update;
770 &new_users_passwd_update; print "Added user ``$name''\n";
771 &sendmessage($name, @message_buffer) if $send_message ne "no";
772 &adduser_log("$name:*:$u_id:$g_id($group_login):$fullname");
773 &home_create($name, $group_login);
774 }
775
776 # ask for password usage
777 sub password_default {
778 local($p) = $defaultpasswd;
779 if ($verbose) {
780 $p = &confirm_yn("Use passwords", $defaultpasswd);
781 $changes++ unless $p;
782 }
783 return "yes" if (($defaultpasswd eq "yes" && $p) ||
784 ($defaultpasswd eq "no" && !$p));
785 return "no"; # otherwise
786 }
787
788 # misc
789 sub check_root {
790 die "You are not root!\n" if $< && !$test;
791 }
792
793 sub usage {
794 warn <<USAGE;
795 usage: adduser
796 [-batch username [group[,group]...] [class] [fullname] [password]]
797 [-check_only]
798 [-class login_class]
799 [-config_create]
800 [-dotdir dotdir]
801 [-group login_group]
802 [-h|-help]
803 [-home home]
804 [-message message_file]
805 [-noconfig]
806 [-shell shell]
807 [-s|-silent|-q|-quiet]
808 [-uid uid_start]
809 [-v|-verbose]
810
811 home=$home shell=$defaultshell dotdir=$dotdir login_group=$defaultgroup
812 login_class=$defaultclass message_file=$send_message uid_start=$uid_start
813 USAGE
814 exit 1;
815 }
816
817 # uniq(1)
818 sub uniq {
819 local(@list) = @_;
820 local($e, $last, @array);
821
822 foreach $e (sort @list) {
823 push(@array, $e) unless $e eq $last;
824 $last = $e;
825 }
826 return @array;
827 }
828
829 # see /usr/src/usr.bin/passwd/local_passwd.c or librcypt, crypt(3)
830 sub salt {
831 local($salt); # initialization
832 local($i, $rand);
833 local(@itoa64) = ( 0 .. 9, a .. z, A .. Z ); # 0 .. 63
834
835 warn "calculate salt\n" if $verbose > 1;
836 # to64
837 for ($i = 0; $i < 8; $i++) {
838 srand(time + $rand + $$);
839 $rand = rand(25*29*17 + $rand);
840 $salt .= $itoa64[$rand & $#itoa64];
841 }
842 warn "Salt is: $salt\n" if $verbose > 1;
843
844 return $salt;
845 }
846
847
848 # print banner
849 sub copyright {
850 return;
851 }
852
853 # hints
854 sub hints {
855 if ($verbose) {
856 print "Use option ``-silent'' if you don't want see " .
857 "all warnings & questions.\n\n";
858 } else {
859 print "Use option ``-verbose'' if you want see more warnings & " .
860 "questions \nor try to repair bugs.\n\n";
861 }
862 }
863
864 #
865 sub parse_arguments {
866 local(@argv) = @_;
867
868 while ($_ = $argv[0], /^-/) {
869 shift @argv;
870 last if /^--$/;
871 if (/^--?(v|verbose)$/) { $verbose = 1 }
872 elsif (/^--?(s|silent|q|quiet)$/) { $verbose = 0 }
873 elsif (/^--?(debug)$/) { $verbose = 2 }
874 elsif (/^--?(h|help|\?)$/) { &usage }
875 elsif (/^--?(home)$/) { $home = $argv[0]; shift @argv }
876 elsif (/^--?(shell)$/) { $defaultshell = $argv[0]; shift @argv }
877 elsif (/^--?(dotdir)$/) { $dotdir = $argv[0]; shift @argv }
878 elsif (/^--?(uid)$/) { $uid_start = $argv[0]; shift @argv }
879 elsif (/^--?(class)$/) { $defaultclass = $argv[0]; shift @argv }
880 elsif (/^--?(group)$/) { $defaultgroup = $argv[0]; shift @argv }
881 elsif (/^--?(check_only)$/) { $check_only = 1 }
882 elsif (/^--?(message)$/) { $send_message = $argv[0]; shift @argv;
883 $sendmessage = 1; }
884 elsif (/^--?(batch)$/) {
885 @batch = splice(@argv, 0, 5); $verbose = 0;
886 die "batch: too few arguments\n" if $#batch < 0;
887 }
888 # see &config_read
889 elsif (/^--?(config_create)$/) { &create_conf; }
890 elsif (/^--?(noconfig)$/) { $config_read = 0; }
891 else { &usage }
892 }
893 #&usage if $#argv < 0;
894 }
895
896 sub basename {
897 local($name) = @_;
898 $name =~ s|/+$||;
899 $name =~ s|.*/+||;
900 return $name;
901 }
902
903 sub dirname {
904 local($name) = @_;
905 $name = &stripdir($name);
906 $name =~ s|/+[^/]+$||;
907 $name = "/" unless $name; # dirname of / is /
908 return $name;
909 }
910
911 # return 1 if $file is a readable file or link
912 sub filetest {
913 local($file, $verb) = @_;
914
915 if (-e $file) {
916 if (-f $file || -l $file) {
917 return 1 if -r _;
918 warn "$file unreadable\n" if $verbose;
919 } else {
920 warn "$file is not a plain file or link\n" if $verbose;
921 }
922 }
923 return 0;
924 }
925
926 # create configuration files and exit
927 sub create_conf {
928 $create_conf = 1;
929 if ($send_message ne 'no') {
930 &message_create($send_message);
931 } else {
932 &message_create($send_message_bak);
933 }
934 &config_write(1);
935 exit(0);
936 }
937
938 # log for new user in /var/log/adduser
939 sub adduser_log {
940 local($string) = @_;
941 local($e);
942
943 return 1 if $logfile eq "no";
944
945 local($sec, $min, $hour, $mday, $mon, $year) = localtime;
946 $mon++;
947
948 foreach $e ('sec', 'min', 'hour', 'mday', 'mon', 'year') {
949 # '7' -> '07'
950 eval "\$$e = 0 . \$$e" if (eval "\$$e" < 10);
951 }
952
953 &append_file($logfile, "$year/$mon/$mday $hour:$min:$sec $string");
954 }
955
956 # create HOME directory, copy dotfiles from $dotdir to $HOME
957 sub home_create {
958 local($name, $group) = @_;
959 local($homedir) = "$home/$name";
960
961 if (-e "$homedir") {
962 warn "HOME Directory ``$homedir'' already exist\a\n";
963 return 0;
964 }
965
966 if ($dotdir eq 'no') {
967 if (!mkdir("$homedir",0755)) {
968 warn "mkdir $homedir: $!\n"; return 0;
969 }
970 system 'chown', "$name:$group", $homedir;
971 return !$?;
972 }
973
974 # copy files from $dotdir to $homedir
975 # rename 'dot.foo' files to '.foo'
976 print "Copy files from $dotdir to $homedir\n" if $verbose;
977 system("cp -r $dotdir $homedir");
978 system("chmod -R u+wrX,go-w $homedir");
979 system("chown -R $name:$group $homedir");
980
981 # security
982 opendir(D, $homedir);
983 foreach $file (readdir(D)) {
984 if ($file =~ /^dot\./ && -f "$homedir/$file") {
985 $file =~ s/^dot\././;
986 rename("$homedir/dot$file", "$homedir/$file");
987 }
988 chmod(0600, "$homedir/$file")
989 if ($file =~ /^\.(rhosts|Xauthority|kermrc|netrc)$/);
990 chmod(0700, "$homedir/$file")
991 if ($file =~ /^(Mail|prv|\.(iscreen|term))$/);
992 }
993 closedir D;
994 return 1;
995 }
996
997 # makes a directory hierarchy
998 sub mkdir_home {
999 local($dir) = @_;
1000 $dir = &stripdir($dir);
1001 local($user_partition) = "/usr";
1002 local($dirname) = &dirname($dir);
1003
1004
1005 -e $dirname || &mkdirhier($dirname);
1006
1007 if (((stat($dirname))[0]) == ((stat("/"))[0])){
1008 # home partition is on root partition
1009 # create home partition on $user_partition and make
1010 # a symlink from $dir to $user_partition/`basename $dir`
1011 # For instance: /home -> /usr/home
1012
1013 local($basename) = &basename($dir);
1014 local($d) = "$user_partition/$basename";
1015
1016
1017 if (-d $d) {
1018 warn "Oops, $d already exist\n" if $verbose;
1019 } else {
1020 print "Create $d\n" if $verbose;
1021 if (!mkdir("$d", 0755)) {
1022 warn "$d: $!\a\n"; return 0;
1023 }
1024 }
1025
1026 unlink($dir); # symlink to nonexist file
1027 print "Create symlink: $dir -> $d\n" if $verbose;
1028 if (!symlink("$d", $dir)) {
1029 warn "Symlink $d: $!\a\n"; return 0;
1030 }
1031 } else {
1032 print "Create $dir\n" if $verbose;
1033 if (!mkdir("$dir", 0755)) {
1034 warn "Directory ``$dir'': $!\a\n"; return 0;
1035 }
1036 }
1037 return 1;
1038 }
1039
1040 sub mkdirhier {
1041 local($dir) = @_;
1042 local($d,$p);
1043
1044 $dir = &stripdir($dir);
1045
1046 foreach $d (split('/', $dir)) {
1047 $dir = "$p/$d";
1048 $dir =~ s|^//|/|;
1049 if (! -e "$dir") {
1050 print "Create $dir\n" if $verbose;
1051 if (!mkdir("$dir", 0755)) {
1052 warn "$dir: $!\n"; return 0;
1053 }
1054 }
1055 $p .= "/$d";
1056 }
1057 return 1;
1058 }
1059
1060 # stript unused '/'
1061 # F.i.: //usr///home// -> /usr/home
1062 sub stripdir {
1063 local($dir) = @_;
1064
1065 $dir =~ s|/+|/|g; # delete double '/'
1066 $dir =~ s|/$||; # delete '/' at end
1067 return $dir if $dir ne "";
1068 return '/';
1069 }
1070
1071 # Read one of the elements from @list. $confirm is default.
1072 # If !$allow accept only elements from @list.
1073 sub confirm_list {
1074 local($message, $allow, $confirm, @list) = @_;
1075 local($read, $c, $print);
1076
1077 $print = "$message" if $message;
1078 $print .= " " unless $message =~ /\n$/ || $#list == 0;
1079
1080 $print .= join($", &uniq(@list)); #"
1081 $print .= " " unless $message =~ /\n$/ && $#list == 0;
1082 print "$print";
1083 print "\n" if (length($print) + length($confirm)) > 60;
1084 print "[$confirm]: ";
1085
1086 chop($read = <STDIN>);
1087 $read =~ s/^\s*//;
1088 $read =~ s/\s*$//;
1089 return $confirm if $read eq "";
1090 return "$read" if $allow;
1091
1092 foreach $c (@list) {
1093 return $read if $c eq $read;
1094 }
1095 warn "$read: is not allowed!\a\n";
1096 return &confirm_list($message, $allow, $confirm, @list);
1097 }
1098
1099 # YES or NO question
1100 # return 1 if &confirm("message", "yes") and answer is yes
1101 # or if &confirm("message", "no") an answer is no
1102 # otherwise 0
1103 sub confirm_yn {
1104 local($message, $confirm) = @_;
1105 local($yes) = '^(yes|YES|y|Y)$';
1106 local($no) = '^(no|NO|n|N)$';
1107 local($read, $c);
1108
1109 if ($confirm && ($confirm =~ "$yes" || $confirm == 1)) {
1110 $confirm = "y";
1111 } else {
1112 $confirm = "n";
1113 }
1114 print "$message (y/n) [$confirm]: ";
1115 chop($read = <STDIN>);
1116 $read =~ s/^\s*//;
1117 $read =~ s/\s*$//;
1118 return 1 unless $read;
1119
1120 if (($confirm eq "y" && $read =~ "$yes") ||
1121 ($confirm eq "n" && $read =~ "$no")) {
1122 return 1;
1123 }
1124
1125 if ($read !~ "$yes" && $read !~ "$no") {
1126 warn "Wrong value. Enter again!\a\n";
1127 return &confirm_yn($message, $confirm);
1128 }
1129 return 0;
1130 }
1131
1132 # test if $dotdir exist
1133 # return "no" if $dotdir not exist or dotfiles should not copied
1134 sub dotdir_default {
1135 local($dir) = $dotdir;
1136
1137 return &dotdir_default_valid($dir) unless $verbose;
1138 while($verbose) {
1139 $dir = &confirm_list("Copy dotfiles from:", 1,
1140 $dir, ("no", $dotdir_bak, $dir));
1141 last if $dir eq &dotdir_default_valid($dir);
1142 }
1143 warn "Do not copy dotfiles.\n" if $verbose && $dir eq "no";
1144
1145 $changes++ if $dir ne $dotdir;
1146 return $dir;
1147 }
1148
1149 sub dotdir_default_valid {
1150 local($dir) = @_;
1151
1152 return $dir if (-e $dir && -r _ && (-d _ || -l $dir) && $dir =~ "^/");
1153 return $dir if $dir eq "no";
1154 warn "Dotdir ``$dir'' is not a directory\a\n";
1155 return "no";
1156 }
1157
1158 # ask for messages to new users
1159 sub message_default {
1160 local($file) = $send_message;
1161 local(@d) = ($file, $send_message_bak, "no");
1162
1163 while($verbose) {
1164 $file = &confirm_list("Send message from file:", 1, $file, @d);
1165 last if $file eq "no";
1166 last if &filetest($file, 1);
1167
1168 # maybe create message file
1169 &message_create($file) if &confirm_yn("Create ``$file''?", "yes");
1170 last if &filetest($file, 0);
1171 last if !&confirm_yn("File ``$file'' does not exist, try again?",
1172 "yes");
1173 }
1174
1175 if ($file eq "no" || !&filetest($file, 0)) {
1176 warn "Do not send message\n" if $verbose;
1177 $file = "no";
1178 } else {
1179 &message_read($file);
1180 }
1181
1182 $changes++ if $file ne $send_message && $verbose;
1183 return $file;
1184 }
1185
1186 # create message file
1187 sub message_create {
1188 local($file) = @_;
1189
1190 rename($file, "$file.bak");
1191 if (!open(M, "> $file")) {
1192 warn "Messagefile ``$file'': $!\n"; return 0;
1193 }
1194 print M <<EOF;
1195 #
1196 # Message file for adduser(8)
1197 # comment: ``#''
1198 # default variables: \$name, \$fullname, \$password
1199 # other variables: see /etc/adduser.conf after
1200 # line ``$do_not_delete''
1201 #
1202
1203 \$fullname,
1204
1205 your account ``\$name'' was created.
1206 Have fun!
1207
1208 See also chpass(1), finger(1), passwd(1)
1209 EOF
1210 close M;
1211 return 1;
1212 }
1213
1214 # read message file into buffer
1215 sub message_read {
1216 local($file) = @_;
1217 @message_buffer = '';
1218
1219 if (!open(R, "$file")) {
1220 warn "File ``$file'':$!\n"; return 0;
1221 }
1222 while(<R>) {
1223 push(@message_buffer, $_) unless /^\s*#/;
1224 }
1225 close R;
1226 }
1227
1228 # write @list to $file with file-locking
1229 sub append_file {
1230 local($file,@list) = @_;
1231 local($e);
1232 local($LOCK_EX) = 2;
1233 local($LOCK_NB) = 4;
1234 local($LOCK_UN) = 8;
1235
1236 open(F, ">> $file") || die "$file: $!\n";
1237 print "Lock $file.\n" if $verbose > 1;
1238 while(!flock(F, $LOCK_EX | $LOCK_NB)) {
1239 warn "Cannot lock file: $file\a\n";
1240 die "Sorry, give up\n"
1241 unless &confirm_yn("Try again?", "yes");
1242 }
1243 print F join("\n", @list) . "\n";
1244 close F;
1245 print "Unlock $file.\n" if $verbose > 1;
1246 flock(F, $LOCK_UN);
1247 }
1248
1249 # return free uid+gid
1250 # uid == gid if possible
1251 sub next_id {
1252 local($group) = @_;
1253
1254 $uid_start = 1000 if ($uid_start <= 0 || $uid_start >= $uid_end);
1255 # looking for next free uid
1256 while($uid{$uid_start}) {
1257 $uid_start++;
1258 $uid_start = 1000 if $uid_start >= $uid_end;
1259 print "$uid_start\n" if $verbose > 1;
1260 }
1261
1262 local($gid_start) = $uid_start;
1263 # group for user (username==groupname) already exist
1264 if ($groupname{$group}) {
1265 $gid_start = $groupname{$group};
1266 }
1267 # gid is in use, looking for another gid.
1268 # Note: uid an gid are not equal
1269 elsif ($gid{$uid_start}) {
1270 while($gid{$gid_start} || $uid{$gid_start}) {
1271 $gid_start--;
1272 $gid_start = $uid_end if $gid_start < 100;
1273 }
1274 }
1275 return ($uid_start, $gid_start);
1276 }
1277
1278 # read config file
1279 sub config_read {
1280 local($opt) = @_;
1281 local($user_flag) = 0;
1282
1283 # don't read config file
1284 return 1 if $opt =~ /-(noconfig|config_create)/ || !$config_read;
1285
1286 if(!open(C, "$config")) {
1287 warn "$config: $!\n"; return 0;
1288 }
1289
1290 while(<C>) {
1291 # user defined variables
1292 /^$do_not_delete/ && $user_flag++;
1293 # found @array or $variable
1294 if (s/^(\w+\s*=\s*\()/\@$1/ || s/^(\w+\s*=)/\$$1/) {
1295 eval $_;
1296 #warn "$_";
1297 }
1298 # lines with '^##' are not saved
1299 push(@user_variable_list, $_)
1300 if $user_flag && !/^##/ && (s/^[\$\@]// || /^[#\s]/);
1301 }
1302 #warn "X @user_variable_list X\n";
1303 close C;
1304 }
1305
1306
1307 # write config file
1308 sub config_write {
1309 local($silent) = @_;
1310
1311 # nothing to do
1312 return 1 unless ($changes || ! -e $config || !$config_read || $silent);
1313
1314 if (!$silent) {
1315 if (-e $config) {
1316 return 1 if &confirm_yn("\nWrite your changes to $config?", "no");
1317 } else {
1318 return 1 unless
1319 &confirm_yn("\nWrite your configuration to $config?", "yes");
1320 }
1321 }
1322
1323 rename($config, "$config.bak");
1324 open(C, "> $config") || die "$config: $!\n";
1325
1326 # prepare some variables
1327 $send_message = "no" unless $send_message;
1328 $defaultpasswd = "no" unless $defaultpasswd;
1329 local($shpref) = "'" . join("', '", @shellpref) . "'";
1330 local($shpath) = "'" . join("', '", @path) . "'";
1331 local($user_var) = join('', @user_variable_list);
1332
1333 print C <<EOF;
1334 #
1335 # $config - automatic generated by adduser(8)
1336 #
1337 # Note: adduser read *and* write this file.
1338 # You may change values, but don't add new things befor the
1339 # line ``$do_not_delete''
1340 #
1341
1342 # verbose = [0-2]
1343 verbose = $verbose
1344
1345 # use password for new users
1346 # defaultpasswd = yes | no
1347 defaultpasswd = $defaultpasswd
1348
1349 # copy dotfiles from this dir ("/usr/share/skel" or "no")
1350 dotdir = "$dotdir"
1351
1352 # send this file to new user ("/etc/adduser.message" or "no")
1353 send_message = "$send_message"
1354
1355 # config file for adduser ("/etc/adduser.conf")
1356 config = "$config"
1357
1358 # logfile ("/var/log/adduser" or "no")
1359 logfile = "$logfile"
1360
1361 # default HOME directory ("/home")
1362 home = "$home"
1363
1364 # List of directories where shells located
1365 # path = ('/bin', '/usr/bin', '/usr/local/bin')
1366 path = ($shpath)
1367
1368 # common shell list, first element has higher priority
1369 # shellpref = ('bash', 'tcsh', 'ksh', 'csh', 'sh')
1370 shellpref = ($shpref)
1371
1372 # defaultshell if not empty ("bash")
1373 defaultshell = "$defaultshell"
1374
1375 # defaultgroup ('USER' for same as username or any other valid group)
1376 defaultgroup = $defaultgroup
1377
1378 # defaultclass if not empty
1379 defaultclass = "$defaultclass"
1380
1381 # new users get this uid (1000)
1382 uid_start = 1000
1383
1384 $do_not_delete
1385 ## your own variables, see /etc/adduser.message
1386 $user_var
1387
1388 ## end
1389 EOF
1390 close C;
1391 }
1392
1393 ################
1394 # main
1395 #
1396 $test = 0; # test mode, only for development
1397 $check_only = 0;
1398
1399 &check_root; # you must be root to run this script!
1400 &variables; # initialize variables
1401 &config_read(@ARGV); # read variables form config-file
1402 &parse_arguments(@ARGV); # parse arguments
1403
1404 if (!$check_only && $#batch < 0) {
1405 &copyright; &hints;
1406 }
1407
1408 # check
1409 $changes = 0;
1410 &passwd_check; # check for valid passwdb
1411 &shells_read; # read /etc/shells
1412 &passwd_read; # read /etc/master.passwd
1413 &group_read; # read /etc/group
1414 &group_check; # check for incon*
1415 exit 0 if $check_only; # only check consistence and exit
1416
1417 exit(!&batch(@batch)) if $#batch >= 0; # batch mode
1418
1419 # interactive
1420 # some questions
1421 &shells_add; # maybe add some new shells
1422 $defaultshell = &shell_default; # enter default shell
1423 $home = &home_partition($home); # find HOME partition
1424 $dotdir = &dotdir_default; # check $dotdir
1425 $send_message = &message_default; # send message to new user
1426 $defaultpasswd = &password_default; # maybe use password
1427 &config_write(!$verbose); # write variables in file
1428
1429 # main loop for creating new users
1430 &new_users; # add new users
1431
1432 #end
A port of FreeBSDs pw for Darwin