]> git.cameronkatri.com Git - pw-darwin.git/blob - adduser/adduser.sh
git.ckatri.com / pw-darwin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Errm... I don't see how rev. 1.26 could have possibly worked or been tested.
[pw-darwin.git] / adduser / adduser.sh
1 #!/bin/sh
2 #
3 # Copyright (c) 2002-2004 Michael Telahun Makonnen. All rights reserved.
4 #
5 # Redistribution and use in source and binary forms, with or without
6 # modification, are permitted provided that the following conditions
7 # are met:
8 # 1. Redistributions of source code must retain the above copyright
9 # notice, this list of conditions and the following disclaimer.
10 # 2. Redistributions in binary form must reproduce the above copyright
11 # notice, this list of conditions and the following disclaimer in the
12 # documentation and/or other materials provided with the distribution.
13 #
14 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15 # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16 # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17 # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19 # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20 # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21 # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23 # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 #
25 # Email: Mike Makonnen <mtm@FreeBSD.Org>
26 #
27 # $FreeBSD$
28 #
29
30 # err msg
31 # Display $msg on stderr, unless we're being quiet.
32 #
33 err() {
34 if [ -z "$quietflag" ]; then
35 echo 1>&2 ${THISCMD}: ERROR: $*
36 fi
37 }
38
39 # info msg
40 # Display $msg on stdout, unless we're being quiet.
41 #
42 info() {
43 if [ -z "$quietflag" ]; then
44 echo ${THISCMD}: INFO: $*
45 fi
46 }
47
48 # get_nextuid
49 # Output the value of $_uid if it is available for use. If it
50 # is not, output the value of the next higher uid that is available.
51 # If a uid is not specified, output the first available uid, as indicated
52 # by pw(8).
53 #
54 get_nextuid () {
55 _uid=$1
56 _nextuid=
57
58 if [ -z "$_uid" ]; then
59 _nextuid="`${PWCMD} usernext | cut -f1 -d:`"
60 else
61 while : ; do
62 ${PWCMD} usershow $_uid > /dev/null 2>&1
63 if [ ! "$?" -eq 0 ]; then
64 _nextuid=$_uid
65 break
66 fi
67 _uid=$(($_uid + 1))
68 done
69 fi
70 echo $_nextuid
71 }
72
73 # show_usage
74 # Display usage information for this utility.
75 #
76 show_usage() {
77 echo "usage: ${THISCMD} [options]"
78 echo " options may include:"
79 echo " -C save to the configuration file only"
80 echo " -D do not attempt to create the home directory"
81 echo " -E disable this account after creation"
82 echo " -G additional groups to add accounts to"
83 echo " -L login class of the user"
84 echo " -N do not read configuration file"
85 echo " -S a nonexistent shell is not an error"
86 echo " -d home directory"
87 echo " -f file from which input will be received"
88 echo " -g default login group"
89 echo " -h display this usage message"
90 echo " -k path to skeleton home directory"
91 echo " -m user welcome message file"
92 echo " -q absolute minimal user feedback"
93 echo " -s shell"
94 echo " -u uid to start at"
95 echo " -w password type: no, none, yes or random"
96 }
97
98 # valid_shells
99 # Outputs a list of valid shells from /etc/shells. Only the
100 # basename of the shell is output.
101 #
102 valid_shells() {
103 _prefix=
104 cat ${ETCSHELLS} |
105 while read _path _junk ; do
106 case $_path in
107 \#*|'')
108 ;;
109 *)
110 echo -n "${_prefix}`basename $_path`"
111 _prefix=' '
112 ;;
113 esac
114 done
115
116 # /usr/sbin/nologin is a special case
117 [ -x "${NOLOGIN_PATH}" ] && echo -n " ${NOLOGIN}"
118 }
119
120 # fullpath_from_shell shell
121 # Given $shell, which is either the full path to a shell or
122 # the basename component of a valid shell, get the
123 # full path to the shell from the /etc/shells file.
124 #
125 fullpath_from_shell() {
126 _shell=$1
127 [ -z "$_shell" ] && return 1
128
129 # /usr/sbin/nologin is a special case; it needs to be handled
130 # before the cat | while loop, since a 'return' from within
131 # a subshell will not terminate the function's execution, and
132 # the path to the nologin shell might be printed out twice.
133 #
134 if [ "$_shell" = "${NOLOGIN}" -o \
135 "$_shell" = "${NOLOGIN_PATH}" ]; then
136 echo ${NOLOGIN_PATH}
137 return 0;
138 fi
139
140 cat ${ETCSHELLS} |
141 while read _path _junk ; do
142 case "$_path" in
143 \#*|'')
144 ;;
145 *)
146 if [ "$_path" = "$_shell" -o \
147 "`basename $_path`" = "$_shell" ]; then
148 echo $_path
149 return 0
150 fi
151 ;;
152 esac
153 done
154
155 return 1
156 }
157
158 # shell_exists shell
159 # If the given shell is listed in ${ETCSHELLS} or it is
160 # the nologin shell this function will return 0.
161 # Otherwise, it will return 1. If shell is valid but
162 # the path is invalid or it is not executable it
163 # will emit an informational message saying so.
164 #
165 shell_exists()
166 {
167 _sh="$1"
168 _shellchk="${GREPCMD} '^$_sh$' ${ETCSHELLS} > /dev/null 2>&1"
169
170 if ! eval $_shellchk; then
171 # The nologin shell is not listed in /etc/shells.
172 if [ "$_sh" != "${NOLOGIN_PATH}" ]; then
173 err "Invalid shell ($_sh) for user $username."
174 return 1
175 fi
176 fi
177 ! [ -x "$_sh" ] &&
178 info "The shell ($_sh) does not exist or is not executable."
179
180 return 0
181 }
182
183 # save_config
184 # Save some variables to a configuration file.
185 # Note: not all script variables are saved, only those that
186 # it makes sense to save.
187 #
188 save_config() {
189 echo "# Configuration file for adduser(8)." > ${ADDUSERCONF}
190 echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
191 echo "# Last Modified on `${DATECMD}`." >> ${ADDUSERCONF}
192 echo '' >> ${ADDUSERCONF}
193 echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
194 echo "defaultclass=$uclass" >> ${ADDUSERCONF}
195 echo "defaultgroups=$ugroups" >> ${ADDUSERCONF}
196 echo "passwdtype=$passwdtype" >> ${ADDUSERCONF}
197 echo "homeprefix=$homeprefix" >> ${ADDUSERCONF}
198 echo "defaultshell=$ushell" >> ${ADDUSERCONF}
199 echo "udotdir=$udotdir" >> ${ADDUSERCONF}
200 echo "msgfile=$msgfile" >> ${ADDUSERCONF}
201 echo "disableflag=$disableflag" >> ${ADDUSERCONF}
202 }
203
204 # add_user
205 # Add a user to the user database. If the user chose to send a welcome
206 # message or lock the account, do so.
207 #
208 add_user() {
209
210 # Is this a configuration run? If so, don't modify user database.
211 #
212 if [ -n "$configflag" ]; then
213 save_config
214 return
215 fi
216
217 _uid=
218 _name=
219 _comment=
220 _gecos=
221 _home=
222 _group=
223 _grouplist=
224 _shell=
225 _class=
226 _dotdir=
227 _expire=
228 _pwexpire=
229 _passwd=
230 _upasswd=
231 _passwdmethod=
232
233 _name="-n '$username'"
234 [ -n "$uuid" ] && _uid='-u "$uuid"'
235 [ -n "$ulogingroup" ] && _group='-g "$ulogingroup"'
236 [ -n "$ugroups" ] && _grouplist='-G "$ugroups"'
237 [ -n "$ushell" ] && _shell='-s "$ushell"'
238 [ -n "$uclass" ] && _class='-L "$uclass"'
239 [ -n "$ugecos" ] && _comment='-c "$ugecos"'
240 [ -n "$udotdir" ] && _dotdir='-k "$udotdir"'
241 [ -n "$uexpire" ] && _expire='-e "$uexpire"'
242 [ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"'
243 if [ -z "$Dflag" -a -n "$uhome" ]; then
244 # The /nonexistent home directory is special. It
245 # means the user has no home directory.
246 if [ "$uhome" = "$NOHOME" ]; then
247 _home='-d "$uhome"'
248 else
249 _home='-m -d "$uhome"'
250 fi
251 elif [ -n "$Dflag" -a -n "$uhome" ]; then
252 _home='-d "$uhome"'
253 fi
254 case $passwdtype in
255 no)
256 _passwdmethod="-w no"
257 _passwd="-h -"
258 ;;
259 yes)
260 # Note on processing the password: The outer double quotes
261 # make literal everything except ` and \ and $.
262 # The outer single quotes make literal ` and $.
263 # We can ensure the \ isn't treated specially by specifying
264 # the -r switch to the read command used to obtain the input.
265 #
266 _passwdmethod="-w yes"
267 _passwd="-h 0"
268 _upasswd='echo "$upass" |'
269 ;;
270 none)
271 _passwdmethod="-w none"
272 ;;
273 random)
274 _passwdmethod="-w random"
275 ;;
276 esac
277
278 _pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
279 _pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
280 _pwcmd="$_pwcmd $_expire $_pwexpire"
281
282 if ! _output=`eval $_pwcmd` ; then
283 err "There was an error adding user ($username)."
284 return 1
285 else
286 info "Successfully added ($username) to the user database."
287 if [ "random" = "$passwdtype" ]; then
288 randompass="$_output"
289 info "Password for ($username) is: $randompass"
290 fi
291 fi
292
293 if [ -n "$disableflag" ]; then
294 if ${PWCMD} lock $username ; then
295 info "Account ($username) is locked."
296 else
297 info "Account ($username) could NOT be locked."
298 fi
299 fi
300
301 _line=
302 _owner=
303 _perms=
304 if [ -n "$msgflag" ]; then
305 [ -r "$msgfile" ] && {
306 # We're evaluating the contents of an external file.
307 # Let's not open ourselves up for attack. _perms will
308 # be empty if it's writeable only by the owner. _owner
309 # will *NOT* be empty if the file is owned by root.
310 #
311 _dir="`dirname $msgfile`"
312 _file="`basename $msgfile`"
313 _perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
314 _owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
315 if [ -z "$_owner" -o -n "$_perms" ]; then
316 err "The message file ($msgfile) may be writeable only by root."
317 return 1
318 fi
319 cat "$msgfile" |
320 while read _line ; do
321 eval echo "$_line"
322 done | ${MAILCMD} -s"Welcome" ${username}
323 info "Sent welcome message to ($username)."
324 }
325 fi
326 }
327
328 # get_user
329 # Reads username of the account from standard input or from a global
330 # variable containing an account line from a file. The username is
331 # required. If this is an interactive session it will prompt in
332 # a loop until a username is entered. If it is batch processing from
333 # a file it will output an error message and return to the caller.
334 #
335 get_user() {
336 _input=
337
338 # No need to take down user names if this is a configuration saving run.
339 [ -n "$configflag" ] && return
340
341 while : ; do
342 if [ -z "$fflag" ]; then
343 echo -n "Username: "
344 read _input
345 else
346 _input="`echo "$fileline" | cut -f1 -d:`"
347 fi
348
349 # There *must* be a username, and it must not exist. If
350 # this is an interactive session give the user an
351 # opportunity to retry.
352 #
353 if [ -z "$_input" ]; then
354 err "You must enter a username!"
355 [ -z "$fflag" ] && continue
356 fi
357 ${PWCMD} usershow $_input > /dev/null 2>&1
358 if [ "$?" -eq 0 ]; then
359 err "User exists!"
360 [ -z "$fflag" ] && continue
361 fi
362 break
363 done
364 username="$_input"
365 }
366
367 # get_gecos
368 # Reads extra information about the user. Can be used both in interactive
369 # and batch (from file) mode.
370 #
371 get_gecos() {
372 _input=
373
374 # No need to take down additional user information for a configuration run.
375 [ -n "$configflag" ] && return
376
377 if [ -z "$fflag" ]; then
378 echo -n "Full name: "
379 read _input
380 else
381 _input="`echo "$fileline" | cut -f7 -d:`"
382 fi
383 ugecos="$_input"
384 }
385
386 # get_shell
387 # Get the account's shell. Works in interactive and batch mode. It
388 # accepts either the base name of the shell or the full path.
389 # If an invalid shell is entered it will simply use the default shell.
390 #
391 get_shell() {
392 _input=
393 _fullpath=
394 ushell="$defaultshell"
395
396 # Make sure the current value of the shell is a valid one
397 if [ -z "$Sflag" ]; then
398 if ! shell_exists $ushell ; then
399 info "Using default shell ${defaultshell}."
400 ushell="$defaultshell"
401 fi
402 fi
403
404 if [ -z "$fflag" ]; then
405 echo -n "Shell ($shells) [`basename $ushell`]: "
406 read _input
407 else
408 _input="`echo "$fileline" | cut -f9 -d:`"
409 fi
410 if [ -n "$_input" ]; then
411 if [ -n "$Sflag" ]; then
412 ushell="$_input"
413 else
414 _fullpath=`fullpath_from_shell $_input`
415 if [ -n "$_fullpath" ]; then
416 ushell="$_fullpath"
417 else
418 err "Invalid shell ($_input) for user $username."
419 info "Using default shell ${defaultshell}."
420 ushell="$defaultshell"
421 fi
422 fi
423 fi
424 }
425
426 # get_homedir
427 # Reads the account's home directory. Used both with interactive input
428 # and batch input.
429 #
430 get_homedir() {
431 _input=
432 if [ -z "$fflag" ]; then
433 echo -n "Home directory [${homeprefix}/${username}]: "
434 read _input
435 else
436 _input="`echo "$fileline" | cut -f8 -d:`"
437 fi
438
439 if [ -n "$_input" ]; then
440 uhome="$_input"
441 # if this is a configuration run, then user input is the home
442 # directory prefix. Otherwise it is understood to
443 # be $prefix/$user
444 #
445 [ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
446 else
447 uhome="${homeprefix}/${username}"
448 fi
449 }
450
451 # get_uid
452 # Reads a numeric userid in an interactive or batch session. Automatically
453 # allocates one if it is not specified.
454 #
455 get_uid() {
456 if [ -z "$uuid" ]; then
457 uuid=${uidstart}
458 fi
459
460 _input=
461 _prompt=
462
463 # No need to take down uids for a configuration saving run.
464 [ -n "$configflag" ] && return
465
466 if [ -n "$uuid" ]; then
467 _prompt="Uid [$uuid]: "
468 else
469 _prompt="Uid (Leave empty for default): "
470 fi
471 if [ -z "$fflag" ]; then
472 echo -n "$_prompt"
473 read _input
474 else
475 _input="`echo "$fileline" | cut -f2 -d:`"
476 fi
477
478 [ -n "$_input" ] && uuid=$_input
479 uuid=`get_nextuid $uuid`
480 uidstart=$uuid
481 }
482
483 # get_class
484 # Reads login class of account. Can be used in interactive or batch mode.
485 #
486 get_class() {
487 uclass="$defaultclass"
488 _input=
489 _class=${uclass:-"default"}
490
491 if [ -z "$fflag" ]; then
492 echo -n "Login class [$_class]: "
493 read _input
494 else
495 _input="`echo "$fileline" | cut -f4 -d:`"
496 fi
497
498 [ -n "$_input" ] && uclass="$_input"
499 }
500
501 # get_logingroup
502 # Reads user's login group. Can be used in both interactive and batch
503 # modes. The specified value can be a group name or its numeric id.
504 # This routine leaves the field blank if nothing is provided and
505 # a default login group has not been set. The pw(8) command
506 # will then provide a login group with the same name as the username.
507 #
508 get_logingroup() {
509 ulogingroup="$defaultLgroup"
510 _input=
511
512 if [ -z "$fflag" ]; then
513 echo -n "Login group [${ulogingroup:-$username}]: "
514 read _input
515 else
516 _input="`echo "$fileline" | cut -f3 -d:`"
517 fi
518
519 # Pw(8) will use the username as login group if it's left empty
520 [ -n "$_input" ] && ulogingroup="$_input"
521 }
522
523 # get_groups
524 # Read additional groups for the user. It can be used in both interactive
525 # and batch modes.
526 #
527 get_groups() {
528 ugroups="$defaultgroups"
529 _input=
530 _group=${ulogingroup:-"${username}"}
531
532 if [ -z "$configflag" ]; then
533 [ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
534 [ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
535 else
536 [ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
537 fi
538 read _input
539
540 [ -n "$_input" ] && ugroups="$_input"
541 }
542
543 # get_expire_dates
544 # Read expiry information for the account and also for the password. This
545 # routine is used only from batch processing mode.
546 #
547 get_expire_dates() {
548 upwexpire="`echo "$fileline" | cut -f5 -d:`"
549 uexpire="`echo "$fileline" | cut -f6 -d:`"
550 }
551
552 # get_password
553 # Read the password in batch processing mode. The password field matters
554 # only when the password type is "yes" or "random". If the field is empty and the
555 # password type is "yes", then it assumes the account has an empty passsword
556 # and changes the password type accordingly. If the password type is "random"
557 # and the password field is NOT empty, then it assumes the account will NOT
558 # have a random password and set passwdtype to "yes."
559 #
560 get_password() {
561 # We may temporarily change a password type. Make sure it's changed
562 # back to whatever it was before we process the next account.
563 #
564 [ -n "$savedpwtype" ] && {
565 passwdtype=$savedpwtype
566 savedpwtype=
567 }
568
569 # There may be a ':' in the password
570 upass=${fileline#*:*:*:*:*:*:*:*:*:}
571
572 if [ -z "$upass" ]; then
573 case $passwdtype in
574 yes)
575 # if it's empty, assume an empty password
576 passwdtype=none
577 savedpwtype=yes
578 ;;
579 esac
580 else
581 case $passwdtype in
582 random)
583 passwdtype=yes
584 savedpwtype=random
585 ;;
586 esac
587 fi
588 }
589
590 # input_from_file
591 # Reads a line of account information from standard input and
592 # adds it to the user database.
593 #
594 input_from_file() {
595 _field=
596
597 while read -r fileline ; do
598 case "$fileline" in
599 \#*|'')
600 ;;
601 *)
602 get_user || continue
603 get_gecos
604 get_uid
605 get_logingroup
606 get_class
607 get_shell
608 get_homedir
609 get_password
610 get_expire_dates
611
612 add_user
613 ;;
614 esac
615 done
616 }
617
618 # input_interactive
619 # Prompts for user information interactively, and commits to
620 # the user database.
621 #
622 input_interactive() {
623
624 _disable=
625 _pass=
626 _passconfirm=
627 _random="no"
628 _emptypass="no"
629 _usepass="yes"
630 _logingroup_ok="no"
631 _groups_ok="no"
632 case $passwdtype in
633 none)
634 _emptypass="yes"
635 _usepass="yes"
636 ;;
637 no)
638 _usepass="no"
639 ;;
640 random)
641 _random="yes"
642 ;;
643 esac
644
645 get_user
646 get_gecos
647 get_uid
648
649 # The case where group = user is handled elsewhere, so
650 # validate any other groups the user is invited to.
651 until [ "$_logingroup_ok" = yes ]; do
652 get_logingroup
653 _logingroup_ok=yes
654 if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then
655 if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then
656 echo "Group $ulogingroup does not exist!"
657 _logingroup_ok=no
658 fi
659 fi
660 done
661 until [ "$_groups_ok" = yes ]; do
662 get_groups
663 _groups_ok=yes
664 for i in $ugroups; do
665 if [ "$username" != "$i" ]; then
666 if ! ${PWCMD} show group $i > /dev/null 2>&1; then
667 echo "Group $i does not exist!"
668 _groups_ok=no
669 fi
670 fi
671 done
672 done
673
674 get_class
675 get_shell
676 get_homedir
677
678 while : ; do
679 echo -n "Use password-based authentication? [$_usepass]: "
680 read _input
681 [ -z "$_input" ] && _input=$_usepass
682 case $_input in
683 [Nn][Oo]|[Nn])
684 passwdtype="no"
685 ;;
686 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
687 while : ; do
688 echo -n "Use an empty password? (yes/no) [$_emptypass]: "
689 read _input
690 [ -n "$_input" ] && _emptypass=$_input
691 case $_emptypass in
692 [Nn][Oo]|[Nn])
693 echo -n "Use a random password? (yes/no) [$_random]: "
694 read _input
695 [ -n "$_input" ] && _random="$_input"
696 case $_random in
697 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
698 passwdtype="random"
699 break
700 ;;
701 esac
702 passwdtype="yes"
703 [ -n "$configflag" ] && break
704 trap 'stty echo; exit' 0 1 2 3 15
705 stty -echo
706 echo -n "Enter password: "
707 read -r upass
708 echo''
709 echo -n "Enter password again: "
710 read -r _passconfirm
711 echo ''
712 stty echo
713 # if user entered a blank password
714 # explicitly ask again.
715 [ -z "$upass" -a -z "$_passconfirm" ] \
716 && continue
717 ;;
718 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
719 passwdtype="none"
720 break;
721 ;;
722 *)
723 # invalid answer; repeat the loop
724 continue
725 ;;
726 esac
727 if [ "$upass" != "$_passconfirm" ]; then
728 echo "Passwords did not match!"
729 continue
730 fi
731 break
732 done
733 ;;
734 *)
735 # invalid answer; repeat loop
736 continue
737 ;;
738 esac
739 break;
740 done
741 _disable=${disableflag:-"no"}
742 while : ; do
743 echo -n "Lock out the account after creation? [$_disable]: "
744 read _input
745 [ -z "$_input" ] && _input=$_disable
746 case $_input in
747 [Nn][Oo]|[Nn])
748 disableflag=
749 ;;
750 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
751 disableflag=yes
752 ;;
753 *)
754 # invalid answer; repeat loop
755 continue
756 ;;
757 esac
758 break
759 done
760
761 # Display the information we have so far and prompt to
762 # commit it.
763 #
764 _disable=${disableflag:-"no"}
765 [ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
766 case $passwdtype in
767 yes)
768 _pass='*****'
769 ;;
770 no)
771 _pass='<disabled>'
772 ;;
773 none)
774 _pass='<blank>'
775 ;;
776 random)
777 _pass='<random>'
778 ;;
779 esac
780 [ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
781 [ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
782 [ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
783 [ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
784 printf "%-10s : %s\n" "Class" "$uclass"
785 printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
786 printf "%-10s : %s\n" "Home" "$uhome"
787 printf "%-10s : %s\n" "Shell" "$ushell"
788 printf "%-10s : %s\n" "Locked" "$_disable"
789 while : ; do
790 echo -n "OK? (yes/no): "
791 read _input
792 case $_input in
793 [Nn][Oo]|[Nn])
794 return 1
795 ;;
796 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
797 add_user
798 ;;
799 *)
800 continue
801 ;;
802 esac
803 break
804 done
805 return 0
806 }
807
808 #### END SUBROUTINE DEFINITION ####
809
810 THISCMD=`/usr/bin/basename $0`
811 DEFAULTSHELL=/bin/sh
812 ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
813 PWCMD="${PWCMD:-/usr/sbin/pw}"
814 MAILCMD="${MAILCMD:-mail}"
815 ETCSHELLS="${ETCSHELLS:-/etc/shells}"
816 NOHOME="/nonexistent"
817 NOLOGIN="nologin"
818 NOLOGIN_PATH="/usr/sbin/nologin"
819 GREPCMD="/usr/bin/grep"
820 DATECMD="/bin/date"
821
822 # Set default values
823 #
824 username=
825 uuid=
826 uidstart=
827 ugecos=
828 ulogingroup=
829 uclass=
830 uhome=
831 upass=
832 ushell=
833 udotdir=/usr/share/skel
834 ugroups=
835 uexpire=
836 upwexpire=
837 shells="`valid_shells`"
838 passwdtype="yes"
839 msgfile=/etc/adduser.msg
840 msgflag=
841 quietflag=
842 configflag=
843 fflag=
844 infile=
845 disableflag=
846 Dflag=
847 Sflag=
848 readconfig="yes"
849 homeprefix="/home"
850 randompass=
851 fileline=
852 savedpwtype=
853 defaultclass=
854 defaultLgroup=
855 defaultgroups=
856 defaultshell="${DEFAULTSHELL}"
857
858 # Make sure the user running this program is root. This isn't a security
859 # measure as much as it is a usefull method of reminding the user to
860 # 'su -' before he/she wastes time entering data that won't be saved.
861 #
862 procowner=${procowner:-`/usr/bin/id -u`}
863 if [ "$procowner" != "0" ]; then
864 err 'you must be the super-user (uid 0) to use this utility.'
865 exit 1
866 fi
867
868 # Overide from our conf file
869 # Quickly go through the commandline line to see if we should read
870 # from our configuration file. The actual parsing of the commandline
871 # arguments happens after we read in our configuration file (commandline
872 # should override configuration file).
873 #
874 for _i in $* ; do
875 if [ "$_i" = "-N" ]; then
876 readconfig=
877 break;
878 fi
879 done
880 if [ -n "$readconfig" ]; then
881 # On a long-lived system, the first time this script is run it
882 # will barf upon reading the configuration file for its perl predecessor.
883 if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
884 [ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
885 fi
886 fi
887
888 # Proccess command-line options
889 #
890 for _switch ; do
891 case $_switch in
892 -L)
893 defaultclass="$2"
894 shift; shift
895 ;;
896 -C)
897 configflag=yes
898 shift
899 ;;
900 -D)
901 Dflag=yes
902 shift
903 ;;
904 -E)
905 disableflag=yes
906 shift
907 ;;
908 -k)
909 udotdir="$2"
910 shift; shift
911 ;;
912 -f)
913 [ "$2" != "-" ] && infile="$2"
914 fflag=yes
915 shift; shift
916 ;;
917 -g)
918 defaultLgroup="$2"
919 shift; shift
920 ;;
921 -G)
922 defaultgroups="$2"
923 shift; shift
924 ;;
925 -h)
926 show_usage
927 exit 0
928 ;;
929 -d)
930 homeprefix="$2"
931 shift; shift
932 ;;
933 -m)
934 case "$2" in
935 [Nn][Oo])
936 msgflag=
937 ;;
938 *)
939 msgflag=yes
940 msgfile="$2"
941 ;;
942 esac
943 shift; shift
944 ;;
945 -N)
946 readconfig=
947 shift
948 ;;
949 -w)
950 case "$2" in
951 no|none|random|yes)
952 passwdtype=$2
953 ;;
954 *)
955 show_usage
956 exit 1
957 ;;
958 esac
959 shift; shift
960 ;;
961 -q)
962 quietflag=yes
963 shift
964 ;;
965 -s)
966 defaultshell="`fullpath_from_shell $2`"
967 shift; shift
968 ;;
969 -S)
970 Sflag=yes
971 shift
972 ;;
973 -u)
974 uidstart=$2
975 shift; shift
976 ;;
977 esac
978 done
979
980 # If the -f switch was used, get input from a file. Otherwise,
981 # this is an interactive session.
982 #
983 if [ -n "$fflag" ]; then
984 if [ -z "$infile" ]; then
985 input_from_file
986 elif [ -n "$infile" ]; then
987 if [ -r "$infile" ]; then
988 input_from_file < $infile
989 else
990 err "File ($infile) is unreadable or does not exist."
991 fi
992 fi
993 else
994 input_interactive
995 while : ; do
996 if [ -z "$configflag" ]; then
997 echo -n "Add another user? (yes/no): "
998 else
999 echo -n "Re-edit the default configuration? (yes/no): "
1000 fi
1001 read _input
1002 case $_input in
1003 [Yy][Ee][Ss]|[Yy][Ee]|[Yy])
1004 uidstart=`get_nextuid $uidstart`
1005 input_interactive
1006 continue
1007 ;;
1008 [Nn][Oo]|[Nn])
1009 echo "Goodbye!"
1010 ;;
1011 *)
1012 continue
1013 ;;
1014 esac
1015 break
1016 done
1017 fi
A port of FreeBSDs pw for Darwin