1#!/bin/sh 2# 3# Copyright (c) 2002-2004 Michael Telahun Makonnen. All rights reserved. 4# 5# Redistribution and use in source and binary forms, with or without 6# modification, are permitted provided that the following conditions 7# are met: 8# 1. Redistributions of source code must retain the above copyright 9# notice, this list of conditions and the following disclaimer. 10# 2. Redistributions in binary form must reproduce the above copyright 11# notice, this list of conditions and the following disclaimer in the 12# documentation and/or other materials provided with the distribution. 13# 14# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24# 25# Email: Mike Makonnen <mtm@FreeBSD.Org> 26# 27# $FreeBSD: src/usr.sbin/adduser/adduser.sh,v 1.31 2007/10/20 00:45:31 mtm Exp $ 28# $DragonFly: src/usr.sbin/adduser/adduser.sh,v 1.4 2008/07/21 23:42:02 swildner Exp $ 29# 30 31# err msg 32# Display $msg on stderr, unless we're being quiet. 33# 34err() { 35 if [ -z "$quietflag" ]; then 36 echo 1>&2 ${THISCMD}: ERROR: $* 37 fi 38} 39 40# info msg 41# Display $msg on stdout, unless we're being quiet. 42# 43info() { 44 if [ -z "$quietflag" ]; then 45 echo ${THISCMD}: INFO: $* 46 fi 47} 48 49# get_nextuid 50# Output the value of $_uid if it is available for use. If it 51# is not, output the value of the next higher uid that is available. 52# If a uid is not specified, output the first available uid, as indicated 53# by pw(8). 54# 55get_nextuid () { 56 _uid=$1 57 _nextuid= 58 59 if [ -z "$_uid" ]; then 60 _nextuid="`${PWCMD} usernext | cut -f1 -d:`" 61 else 62 while : ; do 63 ${PWCMD} usershow $_uid > /dev/null 2>&1 64 if [ ! "$?" -eq 0 ]; then 65 _nextuid=$_uid 66 break 67 fi 68 _uid=$(($_uid + 1)) 69 done 70 fi 71 echo $_nextuid 72} 73 74# show_usage 75# Display usage information for this utility. 76# 77show_usage() { 78 echo "usage: ${THISCMD} [options]" 79 echo " options may include:" 80 echo " -C save to the configuration file only" 81 echo " -D do not attempt to create the home directory" 82 echo " -E disable this account after creation" 83 echo " -G additional groups to add accounts to" 84 echo " -L login class of the user" 85 echo " -N do not read configuration file" 86 echo " -S a nonexistent shell is not an error" 87 echo " -d home directory" 88 echo " -f file from which input will be received" 89 echo " -g default login group" 90 echo " -h display this usage message" 91 echo " -k path to skeleton home directory" 92 echo " -m user welcome message file" 93 echo " -q absolute minimal user feedback" 94 echo " -s shell" 95 echo " -u uid to start at" 96 echo " -w password type: no, none, yes or random" 97} 98 99# valid_shells 100# Outputs a list of valid shells from /etc/shells. Only the 101# basename of the shell is output. 102# 103valid_shells() { 104 _prefix= 105 cat ${ETCSHELLS} | 106 while read _path _junk ; do 107 case $_path in 108 \#*|'') 109 ;; 110 *) 111 echo -n "${_prefix}`basename $_path`" 112 _prefix=' ' 113 ;; 114 esac 115 done 116 117 # /sbin/nologin is a special case 118 [ -x "${NOLOGIN_PATH}" ] && echo -n " ${NOLOGIN}" 119} 120 121# fullpath_from_shell shell 122# Given $shell, which is either the full path to a shell or 123# the basename component of a valid shell, get the 124# full path to the shell from the /etc/shells file. 125# 126fullpath_from_shell() { 127 _shell=$1 128 [ -z "$_shell" ] && return 1 129 130 # /sbin/nologin is a special case; it needs to be handled 131 # before the cat | while loop, since a 'return' from within 132 # a subshell will not terminate the function's execution, and 133 # the path to the nologin shell might be printed out twice. 134 # 135 if [ "$_shell" = "${NOLOGIN}" -o \ 136 "$_shell" = "${NOLOGIN_PATH}" ]; then 137 echo ${NOLOGIN_PATH} 138 return 0; 139 fi 140 141 cat ${ETCSHELLS} | 142 while read _path _junk ; do 143 case "$_path" in 144 \#*|'') 145 ;; 146 *) 147 if [ "$_path" = "$_shell" -o \ 148 "`basename $_path`" = "$_shell" ]; then 149 echo $_path 150 return 0 151 fi 152 ;; 153 esac 154 done 155 156 return 1 157} 158 159# shell_exists shell 160# If the given shell is listed in ${ETCSHELLS} or it is 161# the nologin shell this function will return 0. 162# Otherwise, it will return 1. If shell is valid but 163# the path is invalid or it is not executable it 164# will emit an informational message saying so. 165# 166shell_exists() 167{ 168 _sh="$1" 169 _shellchk="${GREPCMD} '^$_sh$' ${ETCSHELLS} > /dev/null 2>&1" 170 171 if ! eval $_shellchk; then 172 # The nologin shell is not listed in /etc/shells. 173 if [ "$_sh" != "${NOLOGIN_PATH}" ]; then 174 err "Invalid shell ($_sh) for user $username." 175 return 1 176 fi 177 fi 178 ! [ -x "$_sh" ] && 179 info "The shell ($_sh) does not exist or is not executable." 180 181 return 0 182} 183 184# save_config 185# Save some variables to a configuration file. 186# Note: not all script variables are saved, only those that 187# it makes sense to save. 188# 189save_config() { 190 echo "# Configuration file for adduser(8)." > ${ADDUSERCONF} 191 echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF} 192 echo "# Last Modified on `${DATECMD}`." >> ${ADDUSERCONF} 193 echo '' >> ${ADDUSERCONF} 194 echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF} 195 echo "defaultclass=$uclass" >> ${ADDUSERCONF} 196 echo "defaultgroups=$ugroups" >> ${ADDUSERCONF} 197 echo "passwdtype=$passwdtype" >> ${ADDUSERCONF} 198 echo "homeprefix=$homeprefix" >> ${ADDUSERCONF} 199 echo "defaultshell=$ushell" >> ${ADDUSERCONF} 200 echo "udotdir=$udotdir" >> ${ADDUSERCONF} 201 echo "msgfile=$msgfile" >> ${ADDUSERCONF} 202 echo "disableflag=$disableflag" >> ${ADDUSERCONF} 203 echo "uidstart=$uidstart" >> ${ADDUSERCONF} 204} 205 206# add_user 207# Add a user to the user database. If the user chose to send a welcome 208# message or lock the account, do so. 209# 210add_user() { 211 212 # Is this a configuration run? If so, don't modify user database. 213 # 214 if [ -n "$configflag" ]; then 215 save_config 216 return 217 fi 218 219 _uid= 220 _name= 221 _comment= 222 _gecos= 223 _home= 224 _group= 225 _grouplist= 226 _shell= 227 _class= 228 _dotdir= 229 _expire= 230 _pwexpire= 231 _passwd= 232 _upasswd= 233 _passwdmethod= 234 235 _name="-n '$username'" 236 [ -n "$uuid" ] && _uid='-u "$uuid"' 237 [ -n "$ulogingroup" ] && _group='-g "$ulogingroup"' 238 [ -n "$ugroups" ] && _grouplist='-G "$ugroups"' 239 [ -n "$ushell" ] && _shell='-s "$ushell"' 240 [ -n "$uclass" ] && _class='-L "$uclass"' 241 [ -n "$ugecos" ] && _comment='-c "$ugecos"' 242 [ -n "$udotdir" ] && _dotdir='-k "$udotdir"' 243 [ -n "$uexpire" ] && _expire='-e "$uexpire"' 244 [ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"' 245 if [ -z "$Dflag" -a -n "$uhome" ]; then 246 # The /nonexistent home directory is special. It 247 # means the user has no home directory. 248 if [ "$uhome" = "$NOHOME" ]; then 249 _home='-d "$uhome"' 250 else 251 _home='-m -d "$uhome"' 252 fi 253 elif [ -n "$Dflag" -a -n "$uhome" ]; then 254 _home='-d "$uhome"' 255 fi 256 case $passwdtype in 257 no) 258 _passwdmethod="-w no" 259 _passwd="-h -" 260 ;; 261 yes) 262 # Note on processing the password: The outer double quotes 263 # make literal everything except ` and \ and $. 264 # The outer single quotes make literal ` and $. 265 # We can ensure the \ isn't treated specially by specifying 266 # the -r switch to the read command used to obtain the input. 267 # 268 _passwdmethod="-w yes" 269 _passwd="-h 0" 270 _upasswd='echo "$upass" |' 271 ;; 272 none) 273 _passwdmethod="-w none" 274 ;; 275 random) 276 _passwdmethod="-w random" 277 ;; 278 esac 279 280 _pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment" 281 _pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd" 282 _pwcmd="$_pwcmd $_expire $_pwexpire" 283 284 if ! _output=`eval $_pwcmd` ; then 285 err "There was an error adding user ($username)." 286 return 1 287 else 288 info "Successfully added ($username) to the user database." 289 if [ "random" = "$passwdtype" ]; then 290 randompass="$_output" 291 info "Password for ($username) is: $randompass" 292 fi 293 fi 294 295 if [ -n "$disableflag" ]; then 296 if ${PWCMD} lock $username ; then 297 info "Account ($username) is locked." 298 else 299 info "Account ($username) could NOT be locked." 300 fi 301 fi 302 303 _line= 304 _owner= 305 _perms= 306 if [ -n "$msgflag" ]; then 307 [ -r "$msgfile" ] && { 308 # We're evaluating the contents of an external file. 309 # Let's not open ourselves up for attack. _perms will 310 # be empty if it's writeable only by the owner. _owner 311 # will *NOT* be empty if the file is owned by root. 312 # 313 _dir="`dirname $msgfile`" 314 _file="`basename $msgfile`" 315 _perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune` 316 _owner=`/usr/bin/find $_dir -name $_file -user 0 -prune` 317 if [ -z "$_owner" -o -n "$_perms" ]; then 318 err "The message file ($msgfile) may be writeable only by root." 319 return 1 320 fi 321 cat "$msgfile" | 322 while read _line ; do 323 eval echo "$_line" 324 done | ${MAILCMD} -s"Welcome" ${username} 325 info "Sent welcome message to ($username)." 326 } 327 fi 328} 329 330# get_user 331# Reads username of the account from standard input or from a global 332# variable containing an account line from a file. The username is 333# required. If this is an interactive session it will prompt in 334# a loop until a username is entered. If it is batch processing from 335# a file it will output an error message and return to the caller. 336# 337get_user() { 338 _input= 339 340 # No need to take down user names if this is a configuration saving run. 341 [ -n "$configflag" ] && return 342 343 while : ; do 344 if [ -z "$fflag" ]; then 345 echo -n "Username: " 346 read _input 347 else 348 _input="`echo "$fileline" | cut -f1 -d:`" 349 fi 350 351 # There *must* be a username, and it must not exist. If 352 # this is an interactive session give the user an 353 # opportunity to retry. 354 # 355 if [ -z "$_input" ]; then 356 err "You must enter a username!" 357 [ -z "$fflag" ] && continue 358 fi 359 ${PWCMD} usershow $_input > /dev/null 2>&1 360 if [ "$?" -eq 0 ]; then 361 err "User exists!" 362 [ -z "$fflag" ] && continue 363 fi 364 break 365 done 366 username="$_input" 367} 368 369# get_gecos 370# Reads extra information about the user. Can be used both in interactive 371# and batch (from file) mode. 372# 373get_gecos() { 374 _input= 375 376 # No need to take down additional user information for a configuration run. 377 [ -n "$configflag" ] && return 378 379 if [ -z "$fflag" ]; then 380 echo -n "Full name: " 381 read _input 382 else 383 _input="`echo "$fileline" | cut -f7 -d:`" 384 fi 385 ugecos="$_input" 386} 387 388# get_shell 389# Get the account's shell. Works in interactive and batch mode. It 390# accepts either the base name of the shell or the full path. 391# If an invalid shell is entered it will simply use the default shell. 392# 393get_shell() { 394 _input= 395 _fullpath= 396 ushell="$defaultshell" 397 398 # Make sure the current value of the shell is a valid one 399 if [ -z "$Sflag" ]; then 400 if ! shell_exists $ushell ; then 401 info "Using default shell ${defaultshell}." 402 ushell="$defaultshell" 403 fi 404 fi 405 406 if [ -z "$fflag" ]; then 407 echo -n "Shell ($shells) [`basename $ushell`]: " 408 read _input 409 else 410 _input="`echo "$fileline" | cut -f9 -d:`" 411 fi 412 if [ -n "$_input" ]; then 413 if [ -n "$Sflag" ]; then 414 ushell="$_input" 415 else 416 _fullpath=`fullpath_from_shell $_input` 417 if [ -n "$_fullpath" ]; then 418 ushell="$_fullpath" 419 else 420 err "Invalid shell ($_input) for user $username." 421 info "Using default shell ${defaultshell}." 422 ushell="$defaultshell" 423 fi 424 fi 425 fi 426} 427 428# get_homedir 429# Reads the account's home directory. Used both with interactive input 430# and batch input. 431# 432get_homedir() { 433 _input= 434 if [ -z "$fflag" ]; then 435 echo -n "Home directory [${homeprefix}/${username}]: " 436 read _input 437 else 438 _input="`echo "$fileline" | cut -f8 -d:`" 439 fi 440 441 if [ -n "$_input" ]; then 442 uhome="$_input" 443 # if this is a configuration run, then user input is the home 444 # directory prefix. Otherwise it is understood to 445 # be $prefix/$user 446 # 447 [ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome" 448 else 449 uhome="${homeprefix}/${username}" 450 fi 451} 452 453# get_uid 454# Reads a numeric userid in an interactive or batch session. Automatically 455# allocates one if it is not specified. 456# 457get_uid() { 458 uuid=${uidstart} 459 _input= 460 _prompt= 461 462 if [ -n "$uuid" ]; then 463 _prompt="Uid [$uuid]: " 464 else 465 _prompt="Uid (Leave empty for default): " 466 fi 467 if [ -z "$fflag" ]; then 468 echo -n "$_prompt" 469 read _input 470 else 471 _input="`echo "$fileline" | cut -f2 -d:`" 472 fi 473 474 [ -n "$_input" ] && uuid=$_input 475 uuid=`get_nextuid $uuid` 476 uidstart=$uuid 477} 478 479# get_class 480# Reads login class of account. Can be used in interactive or batch mode. 481# 482get_class() { 483 uclass="$defaultclass" 484 _input= 485 _class=${uclass:-"default"} 486 487 if [ -z "$fflag" ]; then 488 echo -n "Login class [$_class]: " 489 read _input 490 else 491 _input="`echo "$fileline" | cut -f4 -d:`" 492 fi 493 494 [ -n "$_input" ] && uclass="$_input" 495} 496 497# get_logingroup 498# Reads user's login group. Can be used in both interactive and batch 499# modes. The specified value can be a group name or its numeric id. 500# This routine leaves the field blank if nothing is provided and 501# a default login group has not been set. The pw(8) command 502# will then provide a login group with the same name as the username. 503# 504get_logingroup() { 505 ulogingroup="$defaultLgroup" 506 _input= 507 508 if [ -z "$fflag" ]; then 509 echo -n "Login group [${ulogingroup:-$username}]: " 510 read _input 511 else 512 _input="`echo "$fileline" | cut -f3 -d:`" 513 fi 514 515 # Pw(8) will use the username as login group if it's left empty 516 [ -n "$_input" ] && ulogingroup="$_input" 517} 518 519# get_groups 520# Read additional groups for the user. It can be used in both interactive 521# and batch modes. 522# 523get_groups() { 524 ugroups="$defaultgroups" 525 _input= 526 _group=${ulogingroup:-"${username}"} 527 528 if [ -z "$configflag" ]; then 529 [ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username" 530 [ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: " 531 else 532 [ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: " 533 fi 534 read _input 535 536 [ -n "$_input" ] && ugroups="$_input" 537} 538 539# get_expire_dates 540# Read expiry information for the account and also for the password. This 541# routine is used only from batch processing mode. 542# 543get_expire_dates() { 544 upwexpire="`echo "$fileline" | cut -f5 -d:`" 545 uexpire="`echo "$fileline" | cut -f6 -d:`" 546} 547 548# get_password 549# Read the password in batch processing mode. The password field matters 550# only when the password type is "yes" or "random". If the field is empty and the 551# password type is "yes", then it assumes the account has an empty passsword 552# and changes the password type accordingly. If the password type is "random" 553# and the password field is NOT empty, then it assumes the account will NOT 554# have a random password and set passwdtype to "yes." 555# 556get_password() { 557 # We may temporarily change a password type. Make sure it's changed 558 # back to whatever it was before we process the next account. 559 # 560 [ -n "$savedpwtype" ] && { 561 passwdtype=$savedpwtype 562 savedpwtype= 563 } 564 565 # There may be a ':' in the password 566 upass=${fileline#*:*:*:*:*:*:*:*:*:} 567 568 if [ -z "$upass" ]; then 569 case $passwdtype in 570 yes) 571 # if it's empty, assume an empty password 572 passwdtype=none 573 savedpwtype=yes 574 ;; 575 esac 576 else 577 case $passwdtype in 578 random) 579 passwdtype=yes 580 savedpwtype=random 581 ;; 582 esac 583 fi 584} 585 586# input_from_file 587# Reads a line of account information from standard input and 588# adds it to the user database. 589# 590input_from_file() { 591 _field= 592 593 while read -r fileline ; do 594 case "$fileline" in 595 \#*|'') 596 ;; 597 *) 598 get_user || continue 599 get_gecos 600 get_uid 601 get_logingroup 602 get_class 603 get_shell 604 get_homedir 605 get_password 606 get_expire_dates 607 ugroups="$defaultgroups" 608 609 add_user 610 ;; 611 esac 612 done 613} 614 615# input_interactive 616# Prompts for user information interactively, and commits to 617# the user database. 618# 619input_interactive() { 620 621 _disable= 622 _pass= 623 _passconfirm= 624 _random="no" 625 _emptypass="no" 626 _usepass="yes" 627 _logingroup_ok="no" 628 _groups_ok="no" 629 case $passwdtype in 630 none) 631 _emptypass="yes" 632 _usepass="yes" 633 ;; 634 no) 635 _usepass="no" 636 ;; 637 random) 638 _random="yes" 639 ;; 640 esac 641 642 get_user 643 get_gecos 644 get_uid 645 646 # The case where group = user is handled elsewhere, so 647 # validate any other groups the user is invited to. 648 until [ "$_logingroup_ok" = yes ]; do 649 get_logingroup 650 _logingroup_ok=yes 651 if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then 652 if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then 653 echo "Group $ulogingroup does not exist!" 654 _logingroup_ok=no 655 fi 656 fi 657 done 658 until [ "$_groups_ok" = yes ]; do 659 get_groups 660 _groups_ok=yes 661 for i in $ugroups; do 662 if [ "$username" != "$i" ]; then 663 if ! ${PWCMD} show group $i > /dev/null 2>&1; then 664 echo "Group $i does not exist!" 665 _groups_ok=no 666 fi 667 fi 668 done 669 done 670 671 get_class 672 get_shell 673 get_homedir 674 675 while : ; do 676 echo -n "Use password-based authentication? [$_usepass]: " 677 read _input 678 [ -z "$_input" ] && _input=$_usepass 679 case $_input in 680 [Nn][Oo]|[Nn]) 681 passwdtype="no" 682 ;; 683 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 684 while : ; do 685 echo -n "Use an empty password? (yes/no) [$_emptypass]: " 686 read _input 687 [ -n "$_input" ] && _emptypass=$_input 688 case $_emptypass in 689 [Nn][Oo]|[Nn]) 690 echo -n "Use a random password? (yes/no) [$_random]: " 691 read _input 692 [ -n "$_input" ] && _random="$_input" 693 case $_random in 694 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 695 passwdtype="random" 696 break 697 ;; 698 esac 699 passwdtype="yes" 700 [ -n "$configflag" ] && break 701 trap 'stty echo; exit' 0 1 2 3 15 702 stty -echo 703 echo -n "Enter password: " 704 read -r upass 705 echo'' 706 echo -n "Enter password again: " 707 read -r _passconfirm 708 echo '' 709 stty echo 710 # if user entered a blank password 711 # explicitly ask again. 712 [ -z "$upass" -a -z "$_passconfirm" ] \ 713 && continue 714 ;; 715 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 716 passwdtype="none" 717 break; 718 ;; 719 *) 720 # invalid answer; repeat the loop 721 continue 722 ;; 723 esac 724 if [ "$upass" != "$_passconfirm" ]; then 725 echo "Passwords did not match!" 726 continue 727 fi 728 break 729 done 730 ;; 731 *) 732 # invalid answer; repeat loop 733 continue 734 ;; 735 esac 736 break; 737 done 738 _disable=${disableflag:-"no"} 739 while : ; do 740 echo -n "Lock out the account after creation? [$_disable]: " 741 read _input 742 [ -z "$_input" ] && _input=$_disable 743 case $_input in 744 [Nn][Oo]|[Nn]) 745 disableflag= 746 ;; 747 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 748 disableflag=yes 749 ;; 750 *) 751 # invalid answer; repeat loop 752 continue 753 ;; 754 esac 755 break 756 done 757 758 # Display the information we have so far and prompt to 759 # commit it. 760 # 761 _disable=${disableflag:-"no"} 762 [ -z "$configflag" ] && printf "%-10s : %s\n" Username $username 763 case $passwdtype in 764 yes) 765 _pass='*****' 766 ;; 767 no) 768 _pass='<disabled>' 769 ;; 770 none) 771 _pass='<blank>' 772 ;; 773 random) 774 _pass='<random>' 775 ;; 776 esac 777 [ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass" 778 [ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype" 779 [ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos" 780 [ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid" 781 printf "%-10s : %s\n" "Class" "$uclass" 782 printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups" 783 printf "%-10s : %s\n" "Home" "$uhome" 784 printf "%-10s : %s\n" "Shell" "$ushell" 785 printf "%-10s : %s\n" "Locked" "$_disable" 786 while : ; do 787 echo -n "OK? (yes/no): " 788 read _input 789 case $_input in 790 [Nn][Oo]|[Nn]) 791 return 1 792 ;; 793 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 794 add_user 795 ;; 796 *) 797 continue 798 ;; 799 esac 800 break 801 done 802 return 0 803} 804 805#### END SUBROUTINE DEFINITION #### 806 807THISCMD=`/usr/bin/basename $0` 808DEFAULTSHELL=/bin/sh 809ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}" 810PWCMD="${PWCMD:-/usr/sbin/pw}" 811MAILCMD="${MAILCMD:-mail}" 812ETCSHELLS="${ETCSHELLS:-/etc/shells}" 813NOHOME="/nonexistent" 814NOLOGIN="nologin" 815NOLOGIN_PATH="/sbin/nologin" 816GREPCMD="/usr/bin/grep" 817DATECMD="/bin/date" 818 819# Set default values 820# 821username= 822uuid= 823uidstart= 824ugecos= 825ulogingroup= 826uclass= 827uhome= 828upass= 829ushell= 830udotdir=/usr/share/skel 831ugroups= 832uexpire= 833upwexpire= 834shells="`valid_shells`" 835passwdtype="yes" 836msgfile=/etc/adduser.msg 837msgflag= 838quietflag= 839configflag= 840fflag= 841infile= 842disableflag= 843Dflag= 844Sflag= 845readconfig="yes" 846homeprefix="/home" 847randompass= 848fileline= 849savedpwtype= 850defaultclass= 851defaultLgroup= 852defaultgroups= 853defaultshell="${DEFAULTSHELL}" 854 855# Make sure the user running this program is root. This isn't a security 856# measure as much as it is a useful method of reminding the user to 857# 'su -' before he/she wastes time entering data that won't be saved. 858# 859procowner=${procowner:-`/usr/bin/id -u`} 860if [ "$procowner" != "0" ]; then 861 err 'you must be the super-user (uid 0) to use this utility.' 862 exit 1 863fi 864 865# Overide from our conf file 866# Quickly go through the commandline line to see if we should read 867# from our configuration file. The actual parsing of the commandline 868# arguments happens after we read in our configuration file (commandline 869# should override configuration file). 870# 871for _i in $* ; do 872 if [ "$_i" = "-N" ]; then 873 readconfig= 874 break; 875 fi 876done 877if [ -n "$readconfig" ]; then 878 # On a long-lived system, the first time this script is run it 879 # will barf upon reading the configuration file for its perl predecessor. 880 if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then 881 [ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1 882 fi 883fi 884 885# Process command-line options 886# 887for _switch ; do 888 case $_switch in 889 -L) 890 defaultclass="$2" 891 shift; shift 892 ;; 893 -C) 894 configflag=yes 895 shift 896 ;; 897 -D) 898 Dflag=yes 899 shift 900 ;; 901 -E) 902 disableflag=yes 903 shift 904 ;; 905 -k) 906 udotdir="$2" 907 shift; shift 908 ;; 909 -f) 910 [ "$2" != "-" ] && infile="$2" 911 fflag=yes 912 shift; shift 913 ;; 914 -g) 915 defaultLgroup="$2" 916 shift; shift 917 ;; 918 -G) 919 defaultgroups="$2" 920 shift; shift 921 ;; 922 -h) 923 show_usage 924 exit 0 925 ;; 926 -d) 927 homeprefix="$2" 928 shift; shift 929 ;; 930 -m) 931 case "$2" in 932 [Nn][Oo]) 933 msgflag= 934 ;; 935 *) 936 msgflag=yes 937 msgfile="$2" 938 ;; 939 esac 940 shift; shift 941 ;; 942 -N) 943 readconfig= 944 shift 945 ;; 946 -w) 947 case "$2" in 948 no|none|random|yes) 949 passwdtype=$2 950 ;; 951 *) 952 show_usage 953 exit 1 954 ;; 955 esac 956 shift; shift 957 ;; 958 -q) 959 quietflag=yes 960 shift 961 ;; 962 -s) 963 defaultshell="`fullpath_from_shell $2`" 964 shift; shift 965 ;; 966 -S) 967 Sflag=yes 968 shift 969 ;; 970 -u) 971 uidstart=$2 972 shift; shift 973 ;; 974 esac 975done 976 977# If the -f switch was used, get input from a file. Otherwise, 978# this is an interactive session. 979# 980if [ -n "$fflag" ]; then 981 if [ -z "$infile" ]; then 982 input_from_file 983 elif [ -n "$infile" ]; then 984 if [ -r "$infile" ]; then 985 input_from_file < $infile 986 else 987 err "File ($infile) is unreadable or does not exist." 988 fi 989 fi 990else 991 input_interactive 992 while : ; do 993 if [ -z "$configflag" ]; then 994 echo -n "Add another user? (yes/no): " 995 else 996 echo -n "Re-edit the default configuration? (yes/no): " 997 fi 998 read _input 999 case $_input in 1000 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 1001 uidstart=`get_nextuid $uidstart` 1002 input_interactive 1003 continue 1004 ;; 1005 [Nn][Oo]|[Nn]) 1006 echo "Goodbye!" 1007 ;; 1008 *) 1009 continue 1010 ;; 1011 esac 1012 break 1013 done 1014fi 1015