Add home directory creation mode to pw.conf(5) and be a bit

more specific about the effect of the current umask on -M.

6 files changed, 38 insertions, 9 deletions

diff --git a/pw/pw.8 b/pw/pw.8
index 20fea9d..ae416e8 100644
--- a/pw/pw.8
+++ b/pw/pw.8
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 27, 2007
+.Dd March 30, 2007
 .Dt PW 8
 .Os
 .Sh NAME
@@ -69,6 +69,7 @@
 .Op Fl g Ar group
 .Op Fl G Ar grouplist
 .Op Fl k Ar dir
+.Op Fl M Ar mode
 .Op Fl u Ar min , Ns Ar max
 .Op Fl i Ar min , Ns Ar max
 .Op Fl w Ar method
@@ -453,7 +454,9 @@ This can be overridden by the
 option on the command line, if desired.
 .It Fl M Ar mode
 Create the user's home directory with the specified
-.Ar mode .
+.Ar mode ,
+modified by the current
+.Xr umask 2 .
 If omitted, it is derived from the parent process'
 .Xr umask 2 .
 This option is only useful in combination with the
diff --git a/pw/pw.c b/pw/pw.c
index f13a94f..c5ebe42 100644
--- a/pw/pw.c
+++ b/pw/pw.c
@@ -328,6 +328,7 @@ cmdhelp(int mode, int which)
 				"\t-G grp1,grp2   additional groups\n"
 				"\t-L class       default user class\n"
 				"\t-k dir         default home skeleton\n"
+				"\t-M mode        home directory permissions\n"
 				"\t-u min,max     set min,max uids\n"
 				"\t-i min,max     set min,max gids\n"
 				"\t-w method      set default password method\n"
diff --git a/pw/pw.conf.5 b/pw/pw.conf.5
index 729d45a..3f023aa 100644
--- a/pw/pw.conf.5
+++ b/pw/pw.conf.5
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 9, 1996
+.Dd March 30, 2007
 .Dt PW.CONF 5
 .Os
 .Sh NAME
@@ -78,6 +78,8 @@ mail to send to new users
 log user/group modifications to this file
 .It home
 root directory for home directories
+.It homemode
+permissions for home directory
 .It shellpath
 paths in which to locate shell programs
 .It shells
@@ -204,6 +206,12 @@ This specifies the location of the directory in which all new user
 home directories are created.
 .Pp
 The
+.Ar homemode
+keyword is optional.
+It specifies the creation mask of the user's home directory and is modified by
+.Xr umask 2 .
+.Pp
+The
 .Ar shellpath
 keyword specifies a list of directories - separated by colons
 .Ql \&:
@@ -303,6 +311,7 @@ as comments.
 .El
 .Sh SEE ALSO
 .Xr passwd 1 ,
+.Xr umask 2 ,
 .Xr group 5 ,
 .Xr login.conf 5 ,
 .Xr passwd 5 ,
diff --git a/pw/pw.h b/pw/pw.h
index a0f97e3..7568c22 100644
--- a/pw/pw.h
+++ b/pw/pw.h
@@ -81,6 +81,7 @@ struct userconf
 	char	*newmail;		/* Mail to send to new accounts */
 	char	*logfile;		/* Where to log changes */
 	char	*home;			/* Where to create home directory */
+	mode_t	homemode;		/* Home directory permissions */
 	char	*shelldir;		/* Where shells are located */
 	char	**shells;		/* List of shells */
 	char	*shell_default;		/* Default shell */
diff --git a/pw/pw_conf.c b/pw/pw_conf.c
index 9377239..51672b9 100644
--- a/pw/pw_conf.c
+++ b/pw/pw_conf.c
@@ -47,6 +47,7 @@ enum {
 	_UC_NEWMAIL,
 	_UC_LOGFILE,
 	_UC_HOMEROOT,
+	_UC_HOMEMODE,
 	_UC_SHELLPATH,
 	_UC_SHELLS,
 	_UC_DEFAULTSHELL,
@@ -90,6 +91,7 @@ static struct userconf config =
 	NULL,			/* Mail to send to new accounts */
 	"/var/log/userlog",	/* Where to log changes */
 	"/home",		/* Where to create home directory */
+	0777,			/* Home directory perms, modified by umask */
 	"/bin",			/* Where shells are located */
 	system_shells,		/* List of shells (first is default) */
 	bourne_shell,		/* Default shell */
@@ -114,6 +116,7 @@ static char const *comments[_UC_FIELDS] =
 	"\n# Mail this file to new user (/etc/newuser.msg or no)\n",
 	"\n# Log add/change/remove information in this file\n",
 	"\n# Root directory in which $HOME directory is created\n",
+	"\n# Mode for the new $HOME directory, will be modified by umask\n",
 	"\n# Colon separated list of directories containing valid shells\n",
 	"\n# Comma separated list of available shells (without paths)\n",
 	"\n# Default shell (without path)\n",
@@ -139,6 +142,7 @@ static char const *kwds[] =
 	"newmail",
 	"logfile",
 	"home",
+	"homemode",
 	"shellpath",
 	"shells",
 	"defaultshell",
@@ -255,6 +259,7 @@ read_userconfig(char const * file)
 				static char const toks[] = " \t\r\n,=";
 				char           *q = strtok(NULL, toks);
 				int             i = 0;
+				mode_t          *modeset;
 
 				while (i < _UC_FIELDS && strcmp(p, kwds[i]) != 0)
 					++i;
@@ -294,6 +299,12 @@ read_userconfig(char const * file)
 					config.home = (q == NULL || !boolean_val(q, 1))
 						? "/home" : newstr(q);
 					break;
+				case _UC_HOMEMODE:
+					modeset = setmode(q);
+					config.homemode = (q == NULL || !boolean_val(q, 1))
+						? 0777 : getmode(modeset, 0777);
+					free(modeset);
+					break;
 				case _UC_SHELLPATH:
 					config.shelldir = (q == NULL || !boolean_val(q, 1))
 						? "/bin" : newstr(q);
@@ -413,6 +424,10 @@ write_userconfig(char const * file)
 				case _UC_HOMEROOT:
 					val = config.home;
 					break;
+				case _UC_HOMEMODE:
+					sprintf(buf, "%04o", config.homemode);
+					quote = 0;
+					break;
 				case _UC_SHELLPATH:
 					val = config.shelldir;
 					break;
diff --git a/pw/pw_user.c b/pw/pw_user.c
index 3a46353..7f13644 100644
--- a/pw/pw_user.c
+++ b/pw/pw_user.c
@@ -166,8 +166,8 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 			    dmode_c);
 		dmode = getmode(set, S_IRWXU | S_IRWXG | S_IRWXO);
 		free(set);
-	} else
-		dmode = S_IRWXU | S_IRWXG | S_IRWXO;
+		cnf->homemode = dmode;
+	}
 
 	/*
 	 * If we'll need to use it or we're updating it,
@@ -194,7 +194,7 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 			if (strchr(cnf->home+1, '/') == NULL) {
 				strcpy(dbuf, "/usr");
 				strncat(dbuf, cnf->home, MAXPATHLEN-5);
-				if (mkdir(dbuf, dmode) != -1 || errno == EEXIST) {
+				if (mkdir(dbuf, cnf->homemode) != -1 || errno == EEXIST) {
 					chown(dbuf, 0, 0);
 					/*
 					 * Skip first "/" and create symlink:
@@ -210,7 +210,7 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 				while ((p = strchr(++p, '/')) != NULL) {
 					*p = '\0';
 					if (stat(dbuf, &st) == -1) {
-						if (mkdir(dbuf, dmode) == -1)
+						if (mkdir(dbuf, cnf->homemode) == -1)
 							goto direrr;
 						chown(dbuf, 0, 0);
 					} else if (!S_ISDIR(st.st_mode))
@@ -219,7 +219,7 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 				}
 			}
 			if (stat(dbuf, &st) == -1) {
-				if (mkdir(dbuf, dmode) == -1) {
+				if (mkdir(dbuf, cnf->homemode) == -1) {
 				direrr:	err(EX_OSFILE, "mkdir '%s'", dbuf);
 				}
 				chown(dbuf, 0, 0);
@@ -776,7 +776,7 @@ pw_user(struct userconf * cnf, int mode, struct cargs * args)
 	 * existing files will *not* be overwritten.
 	 */
 	if (!PWALTDIR() && getarg(args, 'm') != NULL && pwd->pw_dir && *pwd->pw_dir == '/' && pwd->pw_dir[1]) {
-		copymkdir(pwd->pw_dir, cnf->dotdir, dmode, pwd->pw_uid, pwd->pw_gid);
+		copymkdir(pwd->pw_dir, cnf->dotdir, cnf->homemode, pwd->pw_uid, pwd->pw_gid);
 		pw_log(cnf, mode, W_USER, "%s(%ld) home %s made",
 		       pwd->pw_name, (long) pwd->pw_uid, pwd->pw_dir);
 	}