3 files changed, 92 insertions, 16 deletions

diff --git a/pw/pw.8 b/pw/pw.8
index 82f010b..4287055 100644
--- a/pw/pw.8
+++ b/pw/pw.8
@@ -155,6 +155,7 @@
 .Op Fl l Ar name
 .Op Fl M Ar members
 .Op Fl m Ar newmembers
+.Op Fl d Ar oldmembers
 .Op Fl h Ar fd | Fl H Ar fd
 .Op Fl N
 .Op Fl P
@@ -779,6 +780,15 @@ of existing users to a group without replacing the existing list of
 members.
 Login names or user ids may be used, and duplicate users are
 silently eliminated.
+.It Fl d Ar oldmembers
+Similar to
+.Fl M ,
+this option allows the
+.Em deletion
+of existing users from a group without replacing the existing list of
+members.
+Login names or user ids may be used, and duplicate users are
+silently eliminated.
 .El
 .Pp
 .Ar groupadd
diff --git a/pw/pw.c b/pw/pw.c
index 3d9573f..e9d9363 100644
--- a/pw/pw.c
+++ b/pw/pw.c
@@ -117,7 +117,7 @@ main(int argc, char *argv[])
 		{ /* grp  */
 			"V:C:qn:g:h:H:M:opNPY",
 			"V:C:qn:g:Y",
-			"V:C:qn:g:l:h:H:FM:m:NPY",
+			"V:C:qn:d:g:l:h:H:FM:m:NPY",
 			"V:C:qn:g:FPa",
 			"V:C:q"
 		 }
@@ -409,6 +409,7 @@ cmdhelp(int mode, int which)
 				"\t-g gid         group id\n"
 				"\t-M usr1,usr2   replaces users as group members\n"
 				"\t-m usr1,usr2   add users as group members\n"
+				"\t-d usr1,usr2   delete users as group members\n"
 				"\t-l name        new group name\n"
 				"\t-Y             update NIS maps\n"
 				"\t-N             no update\n",
diff --git a/pw/pw_group.c b/pw/pw_group.c
index 10e8675..a8f182c 100644
--- a/pw/pw_group.c
+++ b/pw/pw_group.c
@@ -32,12 +32,16 @@ static const char rcsid[] =
 #include <ctype.h>
 #include <err.h>
 #include <termios.h>
+#include <stdbool.h>
 #include <unistd.h>
 
 #include "pw.h"
 #include "bitmap.h"
 
 
+static struct passwd *lookup_pwent(const char *user);
+static void	delete_members(char ***members, int *grmembers, int *i,
+    struct carg *arg, struct group *grp);
 static int      print_group(struct group * grp, int pretty);
 static gid_t    gr_gidpolicy(struct userconf * cnf, struct cargs * args);
 
@@ -207,14 +211,18 @@ pw_group(struct userconf * cnf, int mode, struct cargs * args)
 		}
 	}
 
-	if (((arg = getarg(args, 'M')) != NULL || (arg = getarg(args, 'm')) != NULL) && arg->val) {
+	if (((arg = getarg(args, 'M')) != NULL ||
+	    (arg = getarg(args, 'd')) != NULL ||
+	    (arg = getarg(args, 'm')) != NULL) && arg->val) {
 		int	i = 0;
 		char   *p;
 		struct passwd	*pwd;
 
 		/* Make sure this is not stay NULL with -M "" */
 		extendarray(&members, &grmembers, 200);
-		if (arg->ch == 'm') {
+		if (arg->ch == 'd')
+			delete_members(&members, &grmembers, &i, arg, grp);
+		else if (arg->ch == 'm') {
 			int	k = 0;
 
 			while (grp->gr_mem[k] != NULL) {
@@ -223,20 +231,20 @@ pw_group(struct userconf * cnf, int mode, struct cargs * args)
 				k++;
 			}
 		}
-		for (p = strtok(arg->val, ", \t"); p != NULL; p = strtok(NULL, ", \t")) {
-			int     j;
-			if ((pwd = GETPWNAM(p)) == NULL) {
-				if (!isdigit((unsigned char)*p) || (pwd = getpwuid((uid_t) atoi(p))) == NULL)
-					errx(EX_NOUSER, "user `%s' does not exist", p);
+
+		if (arg->ch != 'd')
+			for (p = strtok(arg->val, ", \t"); p != NULL; p = strtok(NULL, ", \t")) {
+				int	j;
+
+				/*
+				 * Check for duplicates
+				 */
+				pwd = lookup_pwent(p);
+				for (j = 0; j < i && strcmp(members[j], pwd->pw_name) != 0; j++)
+					;
+				if (j == i && extendarray(&members, &grmembers, i + 2) != -1)
+					members[i++] = newstr(pwd->pw_name);
 			}
-			/*
-			 * Check for duplicates
-			 */
-			for (j = 0; j < i && strcmp(members[j], pwd->pw_name)!=0; j++)
-				;
-			if (j == i && extendarray(&members, &grmembers, i + 2) != -1)
-				members[i++] = newstr(pwd->pw_name);
-		}
 		while (i < grmembers)
 			members[i++] = NULL;
 		grp->gr_mem = members;
@@ -271,6 +279,63 @@ pw_group(struct userconf * cnf, int mode, struct cargs * args)
 }
 
 
+/*
+ * Lookup a passwd entry using a name or UID.
+ */
+static struct passwd *
+lookup_pwent(const char *user)
+{
+	struct passwd *pwd;
+
+	if ((pwd = GETPWNAM(user)) == NULL &&
+	    (!isdigit((unsigned char)*user) ||
+	    (pwd = getpwuid((uid_t) atoi(user))) == NULL))
+		errx(EX_NOUSER, "user `%s' does not exist", user);
+
+	return (pwd);
+}
+
+
+/*
+ * Delete requested members from a group.
+ */
+static void
+delete_members(char ***members, int *grmembers, int *i, struct carg *arg,
+    struct group *grp)
+{
+	bool matchFound;
+	char *user;
+	char *valueCopy;
+	char *valuePtr;
+	int k;
+	struct passwd *pwd;
+
+	k = 0;
+	while (grp->gr_mem[k] != NULL) {
+		matchFound = false;
+		if ((valueCopy = strdup(arg->val)) == NULL)
+			errx(EX_UNAVAILABLE, "out of memory");
+		valuePtr = valueCopy;
+		while ((user = strsep(&valuePtr, ", \t")) != NULL) {
+			pwd = lookup_pwent(user);
+			if (strcmp(grp->gr_mem[k], pwd->pw_name) == 0) {
+				matchFound = true;
+				break;
+			}
+		}
+		free(valueCopy);
+
+		if (!matchFound &&
+		    extendarray(members, grmembers, *i + 2) != -1)
+			(*members)[(*i)++] = grp->gr_mem[k];
+
+		k++;
+	}
+
+	return;
+}
+
+
 static          gid_t
 gr_gidpolicy(struct userconf * cnf, struct cargs * args)
 {