]> git.cameronkatri.com Git - pw-darwin.git/blob - adduser/adduser.sh
git.ckatri.com / pw-darwin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
o Add an -S option to not attempt to ascertain the validity of a shell.
[pw-darwin.git] / adduser / adduser.sh
1 #!/bin/sh
2 #
3 # Copyright (c) 2002-2004 Michael Telahun Makonnen. All rights reserved.
4 #
5 # Redistribution and use in source and binary forms, with or without
6 # modification, are permitted provided that the following conditions
7 # are met:
8 # 1. Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # 2. Redistributions in binary form must reproduce the above copyright
11 # notice, this list of conditions and the following disclaimer in the
12 # documentation and/or other materials provided with the distribution.
13 #
14 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 #
25 # Email: Mike Makonnen <mtm@FreeBSD.Org>
26 #
27 # $FreeBSD$
28 #
29
30 # err msg
31 # Display $msg on stderr, unless we're being quiet.
32 #
33 err() {
34 if [ -z "$quietflag" ]; then
35 echo 1>&2 ${THISCMD}: ERROR: $*
36 fi
37 }
38
39 # info msg
40 # Display $msg on stdout, unless we're being quiet.
41 #
42 info() {
43 if [ -z "$quietflag" ]; then
44 echo ${THISCMD}: INFO: $*
45 fi
46 }
47
48 # get_nextuid
49 # Output the value of $_uid if it is available for use. If it
50 # is not, output the value of the next higher uid that is available.
51 # If a uid is not specified, output the first available uid, as indicated
52 # by pw(8).
53 #
54 get_nextuid () {
55 _uid=$1
56 _nextuid=
57
58 if [ -z "$_uid" ]; then
59 _nextuid="`${PWCMD} usernext | cut -f1 -d:`"
60 else
61 while : ; do
62 ${PWCMD} usershow $_uid > /dev/null 2>&1
63 if [ ! "$?" -eq 0 ]; then
64 _nextuid=$_uid
65 break
66 fi
67 _uid=$(($_uid + 1))
68 done
69 fi
70 echo $_nextuid
71 }
72
73 # show_usage
74 # Display usage information for this utility.
75 #
76 show_usage() {
77 echo "usage: ${THISCMD} [options]"
78 echo " options may include:"
79 echo " -C save to the configuration file only"
80 echo " -D do not attempt to create the home directory"
81 echo " -E disable this account after creation"
82 echo " -G additional groups to add accounts to"
83 echo " -L login class of the user"
84 echo " -N do not read configuration file"
85 echo " -S a nonexistent shell is not an error"
86 echo " -d home directory"
87 echo " -f file from which input will be received"
88 echo " -g default login group"
89 echo " -h display this usage message"
90 echo " -k path to skeleton home directory"
91 echo " -m user welcome message file"
92 echo " -q absolute minimal user feedback"
93 echo " -s shell"
94 echo " -u uid to start at"
95 echo " -w password type: no, none, yes or random"
96 }
97
98 # valid_shells
99 # Outputs a list of valid shells from /etc/shells. Only the
100 # basename of the shell is output.
101 #
102 valid_shells() {
103 _prefix=
104 cat ${ETCSHELLS} |
105 while read _path _junk ; do
106 case $_path in
107 \#*|'')
108 ;;
109 *)
110 echo -n "${_prefix}`basename $_path`"
111 _prefix=' '
112 ;;
113 esac
114 done
115
116 # /sbin/nologin is a special case
117 [ -x "${NOLOGIN_PATH}" ] && echo -n " ${NOLOGIN}"
118 }
119
120 # fullpath_from_shell shell
121 # Given $shell, the basename component of a valid shell, get the
122 # full path to the shell from the /etc/shells file.
123 #
124 fullpath_from_shell() {
125 _shell=$1
126 [ -z "$_shell" ] && return 1
127
128 cat ${ETCSHELLS} |
129 while read _path _junk ; do
130 case "$_path" in
131 \#*|'')
132 ;;
133 *)
134 if [ "`basename $_path`" = "$_shell" ]; then
135 echo $_path
136 return 0
137 fi
138 ;;
139 esac
140 done
141
142 # /sbin/nologin is a special case
143 if [ "$_shell" = "${NOLOGIN}" ]; then
144 echo ${NOLOGIN_PATH}
145 return 0;
146 fi
147
148 return 1
149 }
150
151 # shell_exists shell
152 # If the given shell is listed in ${ETCSHELLS} or it is
153 # the nologin shell this function will return 0.
154 # Otherwise, it will return 1. If shell is valid but
155 # the path is invalid or it is not executable it
156 # will emit an informational message saying so.
157 #
158 shell_exists()
159 {
160 _sh="$1"
161 _shellchk="${GREPCMD} '^$_sh$' ${ETCSHELLS} > /dev/null 2>&1"
162
163 if ! eval $_shellchk; then
164 # The nologin shell is not listed in /etc/shells.
165 if [ "$_sh" != "${NOLOGIN_PATH}" ]; then
166 err "Invalid shell ($_sh) for user $username."
167 return 1
168 fi
169 fi
170 ! [ -x "$_sh" ] &&
171 info "The shell ($_sh) does not exist or is not executable."
172
173 return 0
174 }
175
176 # save_config
177 # Save some variables to a configuration file.
178 # Note: not all script variables are saved, only those that
179 # it makes sense to save.
180 #
181 save_config() {
182 echo "# Configuration file for adduser(8)." > ${ADDUSERCONF}
183 echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
184 echo "# Last Modified on `${DATECMD}`." >> ${ADDUSERCONF}
185 echo '' >> ${ADDUSERCONF}
186 echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
187 echo "defaultclass=$uclass" >> ${ADDUSERCONF}
188 echo "defaultgroups=$ugroups" >> ${ADDUSERCONF}
189 echo "passwdtype=$passwdtype" >> ${ADDUSERCONF}
190 echo "homeprefix=$homeprefix" >> ${ADDUSERCONF}
191 echo "defaultshell=$ushell" >> ${ADDUSERCONF}
192 echo "udotdir=$udotdir" >> ${ADDUSERCONF}
193 echo "msgfile=$msgfile" >> ${ADDUSERCONF}
194 echo "disableflag=$disableflag" >> ${ADDUSERCONF}
195 }
196
197 # add_user
198 # Add a user to the user database. If the user chose to send a welcome
199 # message or lock the account, do so.
200 #
201 add_user() {
202
203 # Is this a configuration run? If so, don't modify user database.
204 #
205 if [ -n "$configflag" ]; then
206 save_config
207 return
208 fi
209
210 _uid=
211 _name=
212 _comment=
213 _gecos=
214 _home=
215 _group=
216 _grouplist=
217 _shell=
218 _class=
219 _dotdir=
220 _expire=
221 _pwexpire=
222 _passwd=
223 _upasswd=
224 _passwdmethod=
225
226 _name="-n '$username'"
227 [ -n "$uuid" ] && _uid='-u "$uuid"'
228 [ -n "$ulogingroup" ] && _group='-g "$ulogingroup"'
229 [ -n "$ugroups" ] && _grouplist='-G "$ugroups"'
230 [ -n "$ushell" ] && _shell='-s "$ushell"'
231 [ -n "$uclass" ] && _class='-L "$uclass"'
232 [ -n "$ugecos" ] && _comment='-c "$ugecos"'
233 [ -n "$udotdir" ] && _dotdir='-k "$udotdir"'
234 [ -n "$uexpire" ] && _expire='-e "$uexpire"'
235 [ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"'
236 if [ -z "$Dflag" -a -n "$uhome" ]; then
237 # The /nonexistent home directory is special. It
238 # means the user has no home directory.
239 if [ "$uhome" = "$NOHOME" ]; then
240 _home='-d "$uhome"'
241 else
242 _home='-m -d "$uhome"'
243 fi
244 elif [ -n "$Dflag" -a -n "$uhome" ]; then
245 _home='-d "$uhome"'
246 fi
247 case $passwdtype in
248 no)
249 _passwdmethod="-w no"
250 _passwd="-h -"
251 ;;
252 yes)
253 # Note on processing the password: The outer double quotes
254 # make literal everything except ` and \ and $.
255 # The outer single quotes make literal ` and $.
256 # We can ensure the \ isn't treated specially by specifying
257 # the -r switch to the read command used to obtain the input.
258 #
259 _passwdmethod="-w yes"
260 _passwd="-h 0"
261 _upasswd='echo "$upass" |'
262 ;;
263 none)
264 _passwdmethod="-w none"
265 ;;
266 random)
267 _passwdmethod="-w random"
268 ;;
269 esac
270
271 _pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
272 _pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
273 _pwcmd="$_pwcmd $_expire $_pwexpire"
274
275 if ! _output=`eval $_pwcmd` ; then
276 err "There was an error adding user ($username)."
277 return 1
278 else
279 info "Successfully added ($username) to the user database."
280 if [ "random" = "$passwdtype" ]; then
281 randompass="$_output"
282 info "Password for ($username) is: $randompass"
283 fi
284 fi
285
286 if [ -n "$disableflag" ]; then
287 if ${PWCMD} lock $username ; then
288 info "Account ($username) is locked."
289 else
290 info "Account ($username) could NOT be locked."
291 fi
292 fi
293
294 _line=
295 _owner=
296 _perms=
297 if [ -n "$msgflag" ]; then
298 [ -r "$msgfile" ] && {
299 # We're evaluating the contents of an external file.
300 # Let's not open ourselves up for attack. _perms will
301 # be empty if it's writeable only by the owner. _owner
302 # will *NOT* be empty if the file is owned by root.
303 #
304 _dir="`dirname $msgfile`"
305 _file="`basename $msgfile`"
306 _perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
307 _owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
308 if [ -z "$_owner" -o -n "$_perms" ]; then
309 err "The message file ($msgfile) may be writeable only by root."
310 return 1
311 fi
312 cat "$msgfile" |
313 while read _line ; do
314 eval echo "$_line"
315 done | ${MAILCMD} -s"Welcome" ${username}
316 info "Sent welcome message to ($username)."
317 }
318 fi
319 }
320
321 # get_user
322 # Reads username of the account from standard input or from a global
323 # variable containing an account line from a file. The username is
324 # required. If this is an interactive session it will prompt in
325 # a loop until a username is entered. If it is batch processing from
326 # a file it will output an error message and return to the caller.
327 #
328 get_user() {
329 _input=
330
331 # No need to take down user names if this is a configuration saving run.
332 [ -n "$configflag" ] && return
333
334 while : ; do
335 if [ -z "$fflag" ]; then
336 echo -n "Username: "
337 read _input
338 else
339 _input="`echo "$fileline" | cut -f1 -d:`"
340 fi
341
342 # There *must* be a username. If this is an interactive
343 # session give the user an opportunity to retry.
344 #
345 if [ -z "$_input" ]; then
346 err "You must enter a username!"
347 [ -z "$fflag" ] && continue
348 fi
349 break
350 done
351 username="$_input"
352 }
353
354 # get_gecos
355 # Reads extra information about the user. Can be used both in interactive
356 # and batch (from file) mode.
357 #
358 get_gecos() {
359 _input=
360
361 # No need to take down additional user information for a configuration run.
362 [ -n "$configflag" ] && return
363
364 if [ -z "$fflag" ]; then
365 echo -n "Full name: "
366 read _input
367 else
368 _input="`echo "$fileline" | cut -f7 -d:`"
369 fi
370 ugecos="$_input"
371 }
372
373 # get_shell
374 # Get the account's shell. Works in interactive and batch mode. It
375 # accepts only the base name of the shell, NOT the full path.
376 # If an invalid shell is entered it will simply use the default shell.
377 #
378 get_shell() {
379 _input=
380 _fullpath=
381 ushell="$defaultshell"
382
383 # Make sure the current value of the shell is a valid one
384 if [ -z "$Sflag" ]; then
385 if ! shell_exists $ushell ; then
386 info "Using default shell ${defaultshell}."
387 ushell="$defaultshell"
388 fi
389 fi
390
391 if [ -z "$fflag" ]; then
392 echo -n "Shell ($shells) [`basename $ushell`]: "
393 read _input
394 else
395 _input="`echo "$fileline" | cut -f9 -d:`"
396 fi
397 if [ -n "$_input" ]; then
398 if [ -n "$Sflag" ]; then
399 ushell="$_input"
400 else
401 _fullpath=`fullpath_from_shell $_input`
402 if [ -n "$_fullpath" ]; then
403 ushell="$_fullpath"
404 else
405 err "Invalid shell ($_input) for user $username."
406 info "Using default shell ${defaultshell}."
407 ushell="$defaultshell"
408 fi
409 fi
410 fi
411 }
412
413 # get_homedir
414 # Reads the account's home directory. Used both with interactive input
415 # and batch input.
416 #
417 get_homedir() {
418 _input=
419 if [ -z "$fflag" ]; then
420 echo -n "Home directory [${homeprefix}/${username}]: "
421 read _input
422 else
423 _input="`echo "$fileline" | cut -f8 -d:`"
424 fi
425
426 if [ -n "$_input" ]; then
427 uhome="$_input"
428 # if this is a configuration run, then user input is the home
429 # directory prefix. Otherwise it is understood to
430 # be $prefix/$user
431 #
432 [ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
433 else
434 uhome="${homeprefix}/${username}"
435 fi
436 }
437
438 # get_uid
439 # Reads a numeric userid in an interactive or batch session. Automatically
440 # allocates one if it is not specified.
441 #
442 get_uid() {
443 uuid=${uidstart}
444 _input=
445 _prompt=
446
447 # No need to take down uids for a configuration saving run.
448 [ -n "$configflag" ] && return
449
450 if [ -n "$uuid" ]; then
451 _prompt="Uid [$uuid]: "
452 else
453 _prompt="Uid (Leave empty for default): "
454 fi
455 if [ -z "$fflag" ]; then
456 echo -n "$_prompt"
457 read _input
458 else
459 _input="`echo "$fileline" | cut -f2 -d:`"
460 fi
461
462 [ -n "$_input" ] && uuid=$_input
463 uuid=`get_nextuid $uuid`
464 uidstart=$uuid
465 }
466
467 # get_class
468 # Reads login class of account. Can be used in interactive or batch mode.
469 #
470 get_class() {
471 uclass="$defaultclass"
472 _input=
473 _class=${uclass:-"default"}
474
475 if [ -z "$fflag" ]; then
476 echo -n "Login class [$_class]: "
477 read _input
478 else
479 _input="`echo "$fileline" | cut -f4 -d:`"
480 fi
481
482 [ -n "$_input" ] && uclass="$_input"
483 }
484
485 # get_logingroup
486 # Reads user's login group. Can be used in both interactive and batch
487 # modes. The specified value can be a group name or its numeric id.
488 # This routine leaves the field blank if nothing is provided and
489 # a default login group has not been set. The pw(8) command
490 # will then provide a login group with the same name as the username.
491 #
492 get_logingroup() {
493 ulogingroup="$defaultLgroup"
494 _input=
495
496 if [ -z "$fflag" ]; then
497 echo -n "Login group [${ulogingroup:-$username}]: "
498 read _input
499 else
500 _input="`echo "$fileline" | cut -f3 -d:`"
501 fi
502
503 # Pw(8) will use the username as login group if it's left empty
504 [ -n "$_input" ] && ulogingroup="$_input"
505 }
506
507 # get_groups
508 # Read additional groups for the user. It can be used in both interactive
509 # and batch modes.
510 #
511 get_groups() {
512 ugroups="$defaultgroups"
513 _input=
514 _group=${ulogingroup:-"${username}"}
515
516 if [ -z "$configflag" ]; then
517 [ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
518 [ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
519 else
520 [ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
521 fi
522 read _input
523
524 [ -n "$_input" ] && ugroups="$_input"
525 }
526
527 # get_expire_dates
528 # Read expiry information for the account and also for the password. This
529 # routine is used only from batch processing mode.
530 #
531 get_expire_dates() {
532 upwexpire="`echo "$fileline" | cut -f5 -d:`"
533 uexpire="`echo "$fileline" | cut -f6 -d:`"
534 }
535
536 # get_password
537 # Read the password in batch processing mode. The password field matters
538 # only when the password type is "yes" or "random". If the field is empty and the
539 # password type is "yes", then it assumes the account has an empty passsword
540 # and changes the password type accordingly. If the password type is "random"
541 # and the password field is NOT empty, then it assumes the account will NOT
542 # have a random password and set passwdtype to "yes."
543 #
544 get_password() {
545 # We may temporarily change a password type. Make sure it's changed
546 # back to whatever it was before we process the next account.
547 #
548 [ -n "$savedpwtype" ] && {
549 passwdtype=$savedpwtype
550 savedpwtype=
551 }
552
553 # There may be a ':' in the password
554 upass=${fileline#*:*:*:*:*:*:*:*:*:}
555
556 if [ -z "$upass" ]; then
557 case $passwdtype in
558 yes)
559 # if it's empty, assume an empty password
560 passwdtype=none
561 savedpwtype=yes
562 ;;
563 esac
564 else
565 case $passwdtype in
566 random)
567 passwdtype=yes
568 savedpwtype=random
569 ;;
570 esac
571 fi
572 }
573
574 # input_from_file
575 # Reads a line of account information from standard input and
576 # adds it to the user database.
577 #
578 input_from_file() {
579 _field=
580
581 while read -r fileline ; do
582 case "$fileline" in
583 \#*|'')
584 return 0
585 ;;
586 esac
587
588 get_user || continue
589 get_gecos
590 get_uid
591 get_logingroup
592 get_class
593 get_shell
594 get_homedir
595 get_password
596 get_expire_dates
597
598 add_user
599 done
600 }
601
602 # input_interactive
603 # Prompts for user information interactively, and commits to
604 # the user database.
605 #
606 input_interactive() {
607
608 _disable=
609 _pass=
610 _passconfirm=
611 _random="no"
612 _emptypass="no"
613 _usepass="yes"
614 _logingroup_ok="no"
615 _groups_ok="no"
616 case $passwdtype in
617 none)
618 _emptypass="yes"
619 _usepass="yes"
620 ;;
621 no)
622 _usepass="no"
623 ;;
624 random)
625 _random="yes"
626 ;;
627 esac
628
629 get_user
630 get_gecos
631 get_uid
632
633 # The case where group = user is handled elsewhere, so
634 # validate any other groups the user is invited to.
635 until [ "$_logingroup_ok" = yes ]; do
636 get_logingroup
637 _logingroup_ok=yes
638 if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then
639 if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then
640 echo "Group $ulogingroup does not exist!"
641 _logingroup_ok=no
642 fi
643 fi
644 done
645 until [ "$_groups_ok" = yes ]; do
646 get_groups
647 _groups_ok=yes
648 for i in $ugroups; do
649 if [ "$username" != "$i" ]; then
650 if ! ${PWCMD} show group $i > /dev/null 2>&1; then
651 echo "Group $i does not exist!"
652 _groups_ok=no
653 fi
654 fi
655 done
656 done
657
658 get_class
659 get_shell
660 get_homedir
661
662 while : ; do
663 echo -n "Use password-based authentication? [$_usepass]: "
664 read _input
665 [ -z "$_input" ] && _input=$_usepass
666 case $_input in
667 [Nn][Oo]|[Nn])
668 passwdtype="no"
669 ;;
670 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
671 while : ; do
672 echo -n "Use an empty password? (yes/no) [$_emptypass]: "
673 read _input
674 [ -n "$_input" ] && _emptypass=$_input
675 case $_emptypass in
676 [Nn][Oo]|[Nn])
677 echo -n "Use a random password? (yes/no) [$_random]: "
678 read _input
679 [ -n "$_input" ] && _random="$_input"
680 case $_random in
681 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
682 passwdtype="random"
683 break
684 ;;
685 esac
686 passwdtype="yes"
687 [ -n "$configflag" ] && break
688 trap 'stty echo; exit' 0 1 2 3 15
689 stty -echo
690 echo -n "Enter password: "
691 read -r upass
692 echo''
693 echo -n "Enter password again: "
694 read -r _passconfirm
695 echo ''
696 stty echo
697 # if user entered a blank password
698 # explicitly ask again.
699 [ -z "$upass" -a -z "$_passconfirm" ] \
700 && continue
701 ;;
702 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
703 passwdtype="none"
704 break;
705 ;;
706 *)
707 # invalid answer; repeat the loop
708 continue
709 ;;
710 esac
711 if [ "$upass" != "$_passconfirm" ]; then
712 echo "Passwords did not match!"
713 continue
714 fi
715 break
716 done
717 ;;
718 *)
719 # invalid answer; repeat loop
720 continue
721 ;;
722 esac
723 break;
724 done
725 _disable=${disableflag:-"no"}
726 while : ; do
727 echo -n "Lock out the account after creation? [$_disable]: "
728 read _input
729 [ -z "$_input" ] && _input=$_disable
730 case $_input in
731 [Nn][Oo]|[Nn])
732 disableflag=
733 ;;
734 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
735 disableflag=yes
736 ;;
737 *)
738 # invalid answer; repeat loop
739 continue
740 ;;
741 esac
742 break
743 done
744
745 # Display the information we have so far and prompt to
746 # commit it.
747 #
748 _disable=${disableflag:-"no"}
749 [ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
750 case $passwdtype in
751 yes)
752 _pass='*****'
753 ;;
754 no)
755 _pass='<disabled>'
756 ;;
757 none)
758 _pass='<blank>'
759 ;;
760 random)
761 _pass='<random>'
762 ;;
763 esac
764 [ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
765 [ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
766 [ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
767 [ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
768 printf "%-10s : %s\n" "Class" "$uclass"
769 printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
770 printf "%-10s : %s\n" "Home" "$uhome"
771 printf "%-10s : %s\n" "Shell" "$ushell"
772 printf "%-10s : %s\n" "Locked" "$_disable"
773 while : ; do
774 echo -n "OK? (yes/no): "
775 read _input
776 case $_input in
777 [Nn][Oo]|[Nn])
778 return 1
779 ;;
780 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
781 add_user
782 ;;
783 *)
784 continue
785 ;;
786 esac
787 break
788 done
789 return 0
790 }
791
792 #### END SUBROUTINE DEFENITION ####
793
794 THISCMD=`/usr/bin/basename $0`
795 DEFAULTSHELL=/bin/sh
796 ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
797 PWCMD="${PWCMD:-/usr/sbin/pw}"
798 MAILCMD="${MAILCMD:-mail}"
799 ETCSHELLS="${ETCSHELLS:-/etc/shells}"
800 NOHOME="/nonexistent"
801 NOLOGIN="nologin"
802 NOLOGIN_PATH="/sbin/nologin"
803 GREPCMD="/usr/bin/grep"
804 DATECMD="/bin/date"
805
806 # Set default values
807 #
808 username=
809 uuid=
810 uidstart=
811 ugecos=
812 ulogingroup=
813 uclass=
814 uhome=
815 upass=
816 ushell=
817 udotdir=/usr/share/skel
818 ugroups=
819 uexpire=
820 upwexpire=
821 shells="`valid_shells`"
822 passwdtype="yes"
823 msgfile=/etc/adduser.msg
824 msgflag=
825 quietflag=
826 configflag=
827 fflag=
828 infile=
829 disableflag=
830 Dflag=
831 Sflag=
832 readconfig="yes"
833 homeprefix="/home"
834 randompass=
835 fileline=
836 savedpwtype=
837 defaultclass=
838 defaultLgroup=
839 defaultgroups=
840 defaultshell="${DEFAULTSHELL}"
841
842 # Make sure the user running this program is root. This isn't a security
843 # measure as much as it is a usefull method of reminding the user to
844 # 'su -' before he/she wastes time entering data that won't be saved.
845 #
846 procowner=${procowner:-`/usr/bin/id -u`}
847 if [ "$procowner" != "0" ]; then
848 err 'you must be the super-user (uid 0) to use this utility.'
849 exit 1
850 fi
851
852 # Overide from our conf file
853 # Quickly go through the commandline line to see if we should read
854 # from our configuration file. The actual parsing of the commandline
855 # arguments happens after we read in our configuration file (commandline
856 # should override configuration file).
857 #
858 for _i in $* ; do
859 if [ "$_i" = "-N" ]; then
860 readconfig=
861 break;
862 fi
863 done
864 if [ -n "$readconfig" ]; then
865 # On a long-lived system, the first time this script is run it
866 # will barf upon reading the configuration file for its perl predecessor.
867 if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
868 [ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
869 fi
870 fi
871
872 # Proccess command-line options
873 #
874 for _switch ; do
875 case $_switch in
876 -L)
877 defaultclass="$2"
878 shift; shift
879 ;;
880 -C)
881 configflag=yes
882 shift
883 ;;
884 -D)
885 Dflag=yes
886 shift
887 ;;
888 -E)
889 disableflag=yes
890 shift
891 ;;
892 -k)
893 udotdir="$2"
894 shift; shift
895 ;;
896 -f)
897 [ "$2" != "-" ] && infile="$2"
898 fflag=yes
899 shift; shift
900 ;;
901 -g)
902 defaultLgroup="$2"
903 shift; shift
904 ;;
905 -G)
906 defaultgroups="$2"
907 shift; shift
908 ;;
909 -h)
910 show_usage
911 exit 0
912 ;;
913 -d)
914 homeprefix="$2"
915 shift; shift
916 ;;
917 -m)
918 case "$2" in
919 [Nn][Oo])
920 msgflag=
921 ;;
922 *)
923 msgflag=yes
924 msgfile="$2"
925 ;;
926 esac
927 shift; shift
928 ;;
929 -N)
930 readconfig=
931 shift
932 ;;
933 -w)
934 case "$2" in
935 no|none|random|yes)
936 passwdtype=$2
937 ;;
938 *)
939 show_usage
940 exit 1
941 ;;
942 esac
943 shift; shift
944 ;;
945 -q)
946 quietflag=yes
947 shift
948 ;;
949 -s)
950 defaultshell="`fullpath_from_shell $2`"
951 shift; shift
952 ;;
953 -S)
954 Sflag=yes
955 shift
956 ;;
957 -u)
958 uidstart=$2
959 shift; shift
960 ;;
961 esac
962 done
963
964 # If the -f switch was used, get input from a file. Otherwise,
965 # this is an interactive session.
966 #
967 if [ -n "$fflag" ]; then
968 if [ -z "$infile" ]; then
969 input_from_file
970 elif [ -n "$infile" ]; then
971 if [ -r "$infile" ]; then
972 input_from_file < $infile
973 else
974 err "File ($infile) is unreadable or does not exist."
975 fi
976 fi
977 else
978 input_interactive
979 while : ; do
980 if [ -z "$configflag" ]; then
981 echo -n "Add another user? (yes/no): "
982 else
983 echo -n "Re-edit the default configuration? (yes/no): "
984 fi
985 read _input
986 case $_input in
987 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
988 uidstart=`get_nextuid $uidstart`
989 input_interactive
990 continue
991 ;;
992 [Nn][Oo]|[Nn])
993 echo "Goodbye!"
994 ;;
995 *)
996 continue
997 ;;
998 esac
999 break
1000 done
1001 fi
A port of FreeBSDs pw for Darwin