+ return (EXIT_SUCCESS);
+ }
+
+ buf = gr_make(grp);
+ printf("%s\n", buf);
+ free(buf);
+ return (EXIT_SUCCESS);
+}
+
+int
+pw_group_next(int argc, char **argv, char *arg1 __unused)
+{
+ struct userconf *cnf;
+ const char *cfg = NULL;
+ int ch;
+ bool quiet = false;
+
+ while ((ch = getopt(argc, argv, "C:q")) != -1) {
+ switch (ch) {
+ case 'C':
+ cfg = optarg;
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ }
+ }
+
+ if (quiet)
+ freopen(_PATH_DEVNULL, "w", stderr);
+ cnf = get_userconfig(cfg);
+ return (pw_groupnext(cnf, quiet));
+}
+
+int
+pw_group_show(int argc, char **argv, char *arg1)
+{
+ struct group *grp = NULL;
+ char *name = NULL;
+ intmax_t id = -1;
+ int ch;
+ bool all, force, quiet, pretty;
+
+ all = force = quiet = pretty = false;
+
+ struct group fakegroup = {
+ "nogroup",
+ "*",
+ -1,
+ NULL
+ };
+
+ if (arg1 != NULL) {
+ if (arg1[strspn(arg1, "0123456789")] == '\0')
+ id = pw_checkid(arg1, GID_MAX);
+ else
+ name = arg1;
+ }
+
+ while ((ch = getopt(argc, argv, "C:qn:g:FPa")) != -1) {
+ switch (ch) {
+ case 'C':
+ /* ignore compatibility */
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ case 'n':
+ name = optarg;
+ break;
+ case 'g':
+ id = pw_checkid(optarg, GID_MAX);
+ break;
+ case 'F':
+ force = true;
+ break;
+ case 'P':
+ pretty = true;
+ break;
+ case 'a':
+ all = true;
+ break;
+ }
+ }
+
+ if (quiet)
+ freopen(_PATH_DEVNULL, "w", stderr);
+
+ if (all) {
+ SETGRENT();
+ while ((grp = GETGRENT()) != NULL)
+ print_group(grp, pretty);
+ ENDGRENT();
+ return (EXIT_SUCCESS);
+ }
+
+ grp = getgroup(name, id, !force);
+ if (grp == NULL)
+ grp = &fakegroup;
+
+ return (print_group(grp, pretty));
+}
+
+int
+pw_group_del(int argc, char **argv, char *arg1)
+{
+ struct userconf *cnf = NULL;
+ struct group *grp = NULL;
+ char *name;
+ const char *cfg = NULL;
+ intmax_t id = -1;
+ int ch, rc;
+ bool quiet = false;
+ bool nis = false;
+
+ if (arg1 != NULL) {
+ if (arg1[strspn(arg1, "0123456789")] == '\0')
+ id = pw_checkid(arg1, GID_MAX);
+ else
+ name = arg1;
+ }
+
+ while ((ch = getopt(argc, argv, "C:qn:g:Y")) != -1) {
+ switch (ch) {
+ case 'C':
+ cfg = optarg;
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ case 'n':
+ name = optarg;
+ break;
+ case 'g':
+ id = pw_checkid(optarg, GID_MAX);
+ break;
+ case 'Y':
+ nis = true;
+ break;
+ }
+ }
+
+ if (quiet)
+ freopen(_PATH_DEVNULL, "w", stderr);
+ grp = getgroup(name, id, true);
+ cnf = get_userconfig(cfg);
+ rc = delgrent(grp);
+ if (rc == -1)
+ err(EX_IOERR, "group '%s' not available (NIS?)", name);
+ else if (rc != 0)
+ err(EX_IOERR, "group update");
+ pw_log(cnf, M_DELETE, W_GROUP, "%s(%ju) removed", name,
+ (uintmax_t)id);
+
+ if (nis && nis_update() == 0)
+ pw_log(cnf, M_DELETE, W_GROUP, "NIS maps updated");
+
+ return (EXIT_SUCCESS);
+}
+
+static bool
+grp_has_member(struct group *grp, const char *name)
+{
+ int j;
+
+ for (j = 0; grp->gr_mem != NULL && grp->gr_mem[j] != NULL; j++)
+ if (strcmp(grp->gr_mem[j], name) == 0)
+ return (true);
+ return (false);
+}
+
+static void
+grp_add_members(struct group **grp, char *members)
+{
+ struct passwd *pwd;
+ char *p;
+ char tok[] = ", \t";
+
+ if (members == NULL)
+ return;
+ for (p = strtok(members, tok); p != NULL; p = strtok(NULL, tok)) {
+ pwd = lookup_pwent(p);
+ if (grp_has_member(*grp, pwd->pw_name))
+ continue;
+ *grp = gr_add(*grp, pwd->pw_name);
+ }
+}
+
+int
+groupadd(struct userconf *cnf, char *name, gid_t id, char *members, int fd,
+ bool dryrun, bool pretty, bool precrypted)
+{
+ struct group *grp;
+ int rc;
+
+ struct group fakegroup = {
+ "nogroup",
+ "*",
+ -1,
+ NULL
+ };
+
+ grp = &fakegroup;
+ grp->gr_name = pw_checkname(name, 0);
+ grp->gr_passwd = "*";
+ grp->gr_gid = gr_gidpolicy(cnf, id);
+ grp->gr_mem = NULL;
+
+ /*
+ * This allows us to set a group password Group passwords is an
+ * antique idea, rarely used and insecure (no secure database) Should
+ * be discouraged, but it is apparently still supported by some
+ * software.
+ */
+ grp_set_passwd(grp, false, fd, precrypted);
+ grp_add_members(&grp, members);
+ if (dryrun)
+ return (print_group(grp, pretty));
+
+ if ((rc = addgrent(grp)) != 0) {
+ if (rc == -1)
+ errx(EX_IOERR, "group '%s' already exists",
+ grp->gr_name);
+ else
+ err(EX_IOERR, "group update");
+ }
+
+ pw_log(cnf, M_ADD, W_GROUP, "%s(%ju)", grp->gr_name,
+ (uintmax_t)grp->gr_gid);
+
+ return (EXIT_SUCCESS);
+}
+
+int
+pw_group_add(int argc, char **argv, char *arg1)
+{
+ struct userconf *cnf = NULL;
+ char *name = NULL;
+ char *members = NULL;
+ const char *cfg = NULL;
+ intmax_t id = -1;
+ int ch, rc, fd = -1;
+ bool quiet, precrypted, dryrun, pretty, nis;
+
+ quiet = precrypted = dryrun = pretty = nis = false;
+
+ if (arg1 != NULL) {
+ if (arg1[strspn(arg1, "0123456789")] == '\0')
+ id = pw_checkid(arg1, GID_MAX);
+ else
+ name = arg1;
+ }
+
+ while ((ch = getopt(argc, argv, "C:qn:g:h:H:M:oNPY")) != -1) {
+ switch (ch) {
+ case 'C':
+ cfg = optarg;
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ case 'n':
+ name = optarg;
+ break;
+ case 'g':
+ id = pw_checkid(optarg, GID_MAX);
+ break;
+ case 'H':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ precrypted = true;
+ if (fd == '-')
+ errx(EX_USAGE, "-H expects a file descriptor");
+ break;
+ case 'h':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ break;
+ case 'M':
+ members = optarg;
+ break;
+ case 'o':
+ conf.checkduplicate = false;
+ break;
+ case 'N':
+ dryrun = true;
+ break;
+ case 'P':
+ pretty = true;
+ break;
+ case 'Y':
+ nis = true;
+ break;
+ }
+ }
+
+ if (quiet)
+ freopen(_PATH_DEVNULL, "w", stderr);
+ if (name == NULL)
+ errx(EX_DATAERR, "group name required");
+ if (GETGRNAM(name) != NULL)
+ errx(EX_DATAERR, "group name `%s' already exists", name);
+ cnf = get_userconfig(cfg);
+ rc = groupadd(cnf, name, gr_gidpolicy(cnf, id), members, fd, dryrun,
+ pretty, precrypted);
+ if (nis && rc == EXIT_SUCCESS && nis_update() == 0)
+ pw_log(cnf, M_ADD, W_GROUP, "NIS maps updated");
+
+ return (rc);
+}
+
+int
+pw_group_mod(int argc, char **argv, char *arg1)
+{
+ struct userconf *cnf;
+ struct group *grp = NULL;
+ const char *cfg = NULL;
+ char *oldmembers = NULL;
+ char *members = NULL;
+ char *newmembers = NULL;
+ char *newname = NULL;
+ char *name = NULL;
+ intmax_t id = -1;
+ int ch, rc, fd = -1;
+ bool quiet, pretty, dryrun, nis, precrypted;
+
+ quiet = pretty = dryrun = nis = precrypted = false;
+
+ if (arg1 != NULL) {
+ if (arg1[strspn(arg1, "0123456789")] == '\0')
+ id = pw_checkid(arg1, GID_MAX);
+ else
+ name = arg1;
+ }
+
+ while ((ch = getopt(argc, argv, "C:qn:d:g:l:h:H:M:m:NPY")) != -1) {
+ switch (ch) {
+ case 'C':
+ cfg = optarg;
+ break;
+ case 'q':
+ quiet = true;
+ break;
+ case 'n':
+ name = optarg;
+ break;
+ case 'g':
+ id = pw_checkid(optarg, GID_MAX);
+ break;
+ case 'd':
+ oldmembers = optarg;
+ break;
+ case 'l':
+ newname = optarg;
+ break;
+ case 'H':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ precrypted = true;
+ if (fd == '-')
+ errx(EX_USAGE, "-H expects a file descriptor");
+ break;
+ case 'h':
+ if (fd != -1)
+ errx(EX_USAGE, "'-h' and '-H' are mutually "
+ "exclusive options");
+ fd = pw_checkfd(optarg);
+ break;
+ case 'M':
+ members = optarg;
+ break;
+ case 'm':
+ newmembers = optarg;
+ break;
+ case 'N':
+ dryrun = true;
+ break;
+ case 'P':
+ pretty = true;
+ break;
+ case 'Y':
+ nis = true;
+ break;
+ }
git.ckatri.com / pw-darwin.git / blobdiff