+}
+
+int
+groupadd(struct userconf *cnf, char *name, gid_t id, char *members, int fd,
+ bool dryrun, bool pretty, bool precrypted)
+{
+ struct group *grp;
+ int rc;
+
+ struct group fakegroup = {
+ "nogroup",
+ "*",
+ -1,
+ NULL
+ };
+
+ grp = &fakegroup;
+ grp->gr_name = pw_checkname(name, 0);
+ grp->gr_passwd = "*";
+ grp->gr_gid = gr_gidpolicy(cnf, id);
+ grp->gr_mem = NULL;
+
+ /*
+ * This allows us to set a group password Group passwords is an
+ * antique idea, rarely used and insecure (no secure database) Should
+ * be discouraged, but it is apparently still supported by some
+ * software.
+ */
+ grp_set_passwd(grp, false, fd, precrypted);
+ grp_add_members(&grp, members);
+ if (dryrun)
+ return (print_group(grp, pretty));
+
+ if ((rc = addgrent(grp)) != 0) {
+ if (rc == -1)
+ errx(EX_IOERR, "group '%s' already exists",
+ grp->gr_name);
+ else
+ err(EX_IOERR, "group update");
+ }
+
+ pw_log(cnf, M_ADD, W_GROUP, "%s(%ju)", grp->gr_name,
+ (uintmax_t)grp->gr_gid);
+
+ return (EXIT_SUCCESS);
+}
+
+int
+pw_group_add(int argc, char **argv, char *arg1)
+{
+ struct userconf *cnf = NULL;
+ char *name = NULL;
+ char *members = NULL;
+ const char *cfg = NULL;
+ intmax_t id = -1;
+ int ch, rc, fd = -1;
+ bool quiet, precrypted, dryrun, pretty, nis;
+
+ quiet = precrypted = dryrun = pretty = nis = false;
+
+ if (arg1 != NULL) {
+ if (arg1[strspn(arg1, "0123456789")] == '\0')
+ id = pw_checkid(arg1, GID_MAX);
+ else
+ name = arg1;
+ }
+
+ while ((ch = getopt(argc, argv, "C:qn:g:h:H:M:oNPY")) != -1) {
+ switch (ch) {
+ case 'C':
+ cfg = optarg;
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ case 'n':
+ name = optarg;
+ break;
+ case 'g':
+ id = pw_checkid(optarg, GID_MAX);
+ break;
+ case 'H':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ precrypted = true;
+ if (fd == '-')
+ errx(EX_USAGE, "-H expects a file descriptor");
+ break;
+ case 'h':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ break;
+ case 'M':
+ members = optarg;
+ break;
+ case 'o':
+ conf.checkduplicate = false;
+ break;
+ case 'N':
+ dryrun = true;
+ break;
+ case 'P':
+ pretty = true;
+ break;
+ case 'Y':
+ nis = true;
+ break;
+ }
+ }
+
+ if (quiet)
+ freopen(_PATH_DEVNULL, "w", stderr);
+ if (name == NULL)
+ errx(EX_DATAERR, "group name required");
+ if (GETGRNAM(name) != NULL)
+ errx(EX_DATAERR, "group name `%s' already exists", name);
+ cnf = get_userconfig(cfg);
+ rc = groupadd(cnf, name, gr_gidpolicy(cnf, id), members, fd, dryrun,
+ pretty, precrypted);
+ if (nis && rc == EXIT_SUCCESS && nis_update() == 0)
+ pw_log(cnf, M_ADD, W_GROUP, "NIS maps updated");
+
+ return (rc);
+}
+
+int
+pw_group_mod(int argc, char **argv, char *arg1)
+{
+ struct userconf *cnf;
+ struct group *grp = NULL;
+ const char *cfg = NULL;
+ char *oldmembers = NULL;
+ char *members = NULL;
+ char *newmembers = NULL;
+ char *newname = NULL;
+ char *name = NULL;
+ intmax_t id = -1;
+ int ch, rc, fd = -1;
+ bool quiet, pretty, dryrun, nis, precrypted;
+
+ quiet = pretty = dryrun = nis = precrypted = false;
+
+ if (arg1 != NULL) {
+ if (arg1[strspn(arg1, "0123456789")] == '\0')
+ id = pw_checkid(arg1, GID_MAX);
+ else
+ name = arg1;
+ }
+
+ while ((ch = getopt(argc, argv, "C:qn:d:g:l:h:H:M:m:NPY")) != -1) {
+ switch (ch) {
+ case 'C':
+ cfg = optarg;
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ case 'n':
+ name = optarg;
+ break;
+ case 'g':
+ id = pw_checkid(optarg, GID_MAX);
+ break;
+ case 'd':
+ oldmembers = optarg;
+ break;
+ case 'l':
+ newname = optarg;
+ break;
+ case 'H':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ precrypted = true;
+ if (fd == '-')
+ errx(EX_USAGE, "-H expects a file descriptor");
+ break;
+ case 'h':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ break;
+ case 'M':
+ members = optarg;
+ break;
+ case 'm':
+ newmembers = optarg;
+ break;
+ case 'N':
+ dryrun = true;
+ break;
+ case 'P':
+ pretty = true;
+ break;
+ case 'Y':
+ nis = true;
+ break;
+ }
+ }
+ if (quiet)
+ freopen(_PATH_DEVNULL, "w", stderr);
+ cnf = get_userconfig(cfg);
+ grp = getgroup(name, id, true);
+ if (name == NULL)
+ name = grp->gr_name;
+ if (id > 0)
+ grp->gr_gid = id;
+
+ if (newname != NULL)
+ grp->gr_name = pw_checkname(newname, 0);
+
+ grp_set_passwd(grp, true, fd, precrypted);
+ /*
+ * Keep the same logic as old code for now:
+ * if -M is passed, -d and -m are ignored
+ * then id -d, -m is ignored
+ * last is -m
+ */
+
+ if (members) {
+ grp->gr_mem = NULL;
+ grp_add_members(&grp, members);
+ } else if (oldmembers) {
+ delete_members(grp, oldmembers);
+ } else if (newmembers) {
+ grp_add_members(&grp, newmembers);
+ }
+
+ if (dryrun) {
+ print_group(grp, pretty);
+ return (EXIT_SUCCESS);
+ }
+
+ if ((rc = chggrent(name, grp)) != 0) {
+ if (rc == -1)
+ errx(EX_IOERR, "group '%s' not available (NIS?)",
+ grp->gr_name);
+ else
+ err(EX_IOERR, "group update");
+ }
+
+ if (newname)
+ name = newname;
+
+ /* grp may have been invalidated */
+ if ((grp = GETGRNAM(name)) == NULL)
+ errx(EX_SOFTWARE, "group disappeared during update");
+
+ pw_log(cnf, M_UPDATE, W_GROUP, "%s(%ju)", grp->gr_name,
+ (uintmax_t)grp->gr_gid);
+
+ if (nis && nis_update() == 0)
+ pw_log(cnf, M_UPDATE, W_GROUP, "NIS maps updated");
+
+ return (EXIT_SUCCESS);
git.ckatri.com / pw-darwin.git / blobdiff