xref: /dragonfly/usr.sbin/adduser/adduser.sh (revision e1acdbad) 
1#!/bin/sh
2#
3# Copyright (c) 2002-2004 Michael Telahun Makonnen. All rights reserved.
4#
5# Redistribution and use in source and binary forms, with or without
6# modification, are permitted provided that the following conditions
7# are met:
8# 1. Redistributions of source code must retain the above copyright
9#    notice, this list of conditions and the following disclaimer.
10# 2. Redistributions in binary form must reproduce the above copyright
11#    notice, this list of conditions and the following disclaimer in the
12#    documentation and/or other materials provided with the distribution.
13#
14# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24#
25#       Email: Mike Makonnen <mtm@FreeBSD.Org>
26#
27# $FreeBSD: src/usr.sbin/adduser/adduser.sh,v 1.23 2004/06/06 17:55:55 mtm Exp $
28# $DragonFly: src/usr.sbin/adduser/adduser.sh,v 1.1 2004/06/21 17:47:12 cpressey Exp $
29#
30
31# err msg
32#       Display $msg on stderr, unless we're being quiet.
33#
34err() {
35	if [ -z "$quietflag" ]; then
36        	echo 1>&2 ${THISCMD}: ERROR: $*
37	fi
38}
39
40# info msg
41#       Display $msg on stdout, unless we're being quiet.
42#
43info() {
44	if [ -z "$quietflag" ]; then
45        	echo ${THISCMD}: INFO: $*
46	fi
47}
48
49# get_nextuid
50#	Output the value of $_uid if it is available for use. If it
51#	is not, output the value of the next higher uid that is available.
52#	If a uid is not specified, output the first available uid, as indicated
53#	by pw(8).
54#
55get_nextuid () {
56	_uid=$1
57	_nextuid=
58
59	if [ -z "$_uid" ]; then
60		_nextuid="`${PWCMD} usernext | cut -f1 -d:`"
61	else
62		while : ; do
63			${PWCMD} usershow $_uid > /dev/null 2>&1
64			if [ ! "$?" -eq 0 ]; then
65				_nextuid=$_uid
66				break
67			fi
68			_uid=$(($_uid + 1))
69		done
70	fi
71	echo $_nextuid
72}
73
74# show_usage
75#	Display usage information for this utility.
76#
77show_usage() {
78	echo "usage: ${THISCMD} [options]"
79	echo "  options may include:"
80	echo "  -C		save to the configuration file only"
81	echo "  -D		do not attempt to create the home directory"
82	echo "  -E		disable this account after creation"
83	echo "  -G		additional groups to add accounts to"
84	echo "  -L		login class of the user"
85	echo "  -N		do not read configuration file"
86	echo "  -S		a nonexistent shell is not an error"
87	echo "  -d		home directory"
88	echo "  -f		file from which input will be received"
89	echo "  -g		default login group"
90	echo "  -h		display this usage message"
91	echo "  -k		path to skeleton home directory"
92	echo "  -m		user welcome message file"
93	echo "  -q		absolute minimal user feedback"
94	echo "  -s		shell"
95	echo "  -u		uid to start at"
96	echo "  -w		password type: no, none, yes or random"
97}
98
99# valid_shells
100#	Outputs a list of valid shells from /etc/shells. Only the
101#	basename of the shell is output.
102#
103valid_shells() {
104	_prefix=
105	cat ${ETCSHELLS} |
106	while read _path _junk ; do
107		case $_path in
108		\#*|'')
109			;;
110		*)
111			echo -n "${_prefix}`basename $_path`"
112			_prefix=' '
113			;;
114		esac
115	done
116
117	# /usr/sbin/nologin is a special case
118	[ -x "${NOLOGIN_PATH}" ] && echo -n " ${NOLOGIN}"
119}
120
121# fullpath_from_shell shell
122#	Given $shell, which is either the full path to a shell or
123#	the basename component of a valid shell, get the
124#	full path to the shell from the /etc/shells file.
125#
126fullpath_from_shell() {
127	_shell=$1
128	[ -z "$_shell" ] && return 1
129
130	cat ${ETCSHELLS} |
131	while read _path _junk ; do
132		case "$_path" in
133		\#*|'')
134			;;
135		*)
136			if [ "$_path" = "$_shell" -o \
137			    "`basename $_path`" = "$_shell" ]; then
138				echo $_path
139				return 0
140			fi
141			;;
142		esac
143	done
144
145	# /usr/sbin/nologin is a special case
146	if [ "$_shell" = "${NOLOGIN}" ]; then
147		echo ${NOLOGIN_PATH}
148		return 0;
149	fi
150
151	return 1
152}
153
154# shell_exists shell
155#	If the given shell is listed in ${ETCSHELLS} or it is
156#	the nologin shell this function will return 0.
157#	Otherwise, it will return 1. If shell is valid but
158#	the path is invalid or it is not executable it
159#	will emit an informational message saying so.
160#
161shell_exists()
162{
163	_sh="$1"
164	_shellchk="${GREPCMD} '^$_sh$' ${ETCSHELLS} > /dev/null 2>&1"
165
166	if ! eval $_shellchk; then
167		# The nologin shell is not listed in /etc/shells.
168		if [ "$_sh" != "${NOLOGIN_PATH}" ]; then
169			err "Invalid shell ($_sh) for user $username."
170			return 1
171		fi
172	fi
173	! [ -x "$_sh" ] &&
174	    info "The shell ($_sh) does not exist or is not executable."
175
176	return 0
177}
178
179# save_config
180#	Save some variables to a configuration file.
181#	Note: not all script variables are saved, only those that
182#	      it makes sense to save.
183#
184save_config() {
185	echo "# Configuration file for adduser(8)."     >  ${ADDUSERCONF}
186	echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
187	echo "# Last Modified on `${DATECMD}`."		>> ${ADDUSERCONF}
188	echo ''				>> ${ADDUSERCONF}
189	echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
190	echo "defaultclass=$uclass"	>> ${ADDUSERCONF}
191	echo "defaultgroups=$ugroups"	>> ${ADDUSERCONF}
192	echo "passwdtype=$passwdtype" 	>> ${ADDUSERCONF}
193	echo "homeprefix=$homeprefix" 	>> ${ADDUSERCONF}
194	echo "defaultshell=$ushell"	>> ${ADDUSERCONF}
195	echo "udotdir=$udotdir"		>> ${ADDUSERCONF}
196	echo "msgfile=$msgfile"		>> ${ADDUSERCONF}
197	echo "disableflag=$disableflag" >> ${ADDUSERCONF}
198}
199
200# add_user
201#	Add a user to the user database. If the user chose to send a welcome
202#	message or lock the account, do so.
203#
204add_user() {
205
206	# Is this a configuration run? If so, don't modify user database.
207	#
208	if [ -n "$configflag" ]; then
209		save_config
210		return
211	fi
212
213	_uid=
214	_name=
215	_comment=
216	_gecos=
217	_home=
218	_group=
219	_grouplist=
220	_shell=
221	_class=
222	_dotdir=
223	_expire=
224	_pwexpire=
225	_passwd=
226	_upasswd=
227	_passwdmethod=
228
229	_name="-n '$username'"
230	[ -n "$uuid" ] && _uid='-u "$uuid"'
231	[ -n "$ulogingroup" ] && _group='-g "$ulogingroup"'
232	[ -n "$ugroups" ] && _grouplist='-G "$ugroups"'
233	[ -n "$ushell" ] && _shell='-s "$ushell"'
234	[ -n "$uclass" ] && _class='-L "$uclass"'
235	[ -n "$ugecos" ] && _comment='-c "$ugecos"'
236	[ -n "$udotdir" ] && _dotdir='-k "$udotdir"'
237	[ -n "$uexpire" ] && _expire='-e "$uexpire"'
238	[ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"'
239	if [ -z "$Dflag" -a -n "$uhome" ]; then
240		# The /nonexistent home directory is special. It
241		# means the user has no home directory.
242		if [ "$uhome" = "$NOHOME" ]; then
243			_home='-d "$uhome"'
244		else
245			_home='-m -d "$uhome"'
246		fi
247	elif [ -n "$Dflag" -a -n "$uhome" ]; then
248		_home='-d "$uhome"'
249	fi
250	case $passwdtype in
251	no)
252		_passwdmethod="-w no"
253		_passwd="-h -"
254		;;
255	yes)
256		# Note on processing the password: The outer double quotes
257		# make literal everything except ` and \ and $.
258		# The outer single quotes make literal ` and $.
259		# We can ensure the \ isn't treated specially by specifying
260		# the -r switch to the read command used to obtain the input.
261		#
262		_passwdmethod="-w yes"
263		_passwd="-h 0"
264		_upasswd='echo "$upass" |'
265		;;
266	none)
267		_passwdmethod="-w none"
268		;;
269	random)
270		_passwdmethod="-w random"
271		;;
272	esac
273
274	_pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
275	_pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
276	_pwcmd="$_pwcmd $_expire $_pwexpire"
277
278	if ! _output=`eval $_pwcmd` ; then
279		err "There was an error adding user ($username)."
280		return 1
281	else
282		info "Successfully added ($username) to the user database."
283		if [ "random" = "$passwdtype" ]; then
284			randompass="$_output"
285			info "Password for ($username) is: $randompass"
286		fi
287	fi
288
289	if [ -n "$disableflag" ]; then
290		if ${PWCMD} lock $username ; then
291			info "Account ($username) is locked."
292		else
293			info "Account ($username) could NOT be locked."
294		fi
295	fi
296
297	_line=
298	_owner=
299	_perms=
300	if [ -n "$msgflag" ]; then
301		[ -r "$msgfile" ] && {
302			# We're evaluating the contents of an external file.
303			# Let's not open ourselves up for attack. _perms will
304			# be empty if it's writeable only by the owner. _owner
305			# will *NOT* be empty if the file is owned by root.
306			#
307			_dir="`dirname $msgfile`"
308			_file="`basename $msgfile`"
309			_perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
310			_owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
311			if [ -z "$_owner" -o -n "$_perms" ]; then
312				err "The message file ($msgfile) may be writeable only by root."
313				return 1
314			fi
315			cat "$msgfile" |
316			while read _line ; do
317				eval echo "$_line"
318			done | ${MAILCMD} -s"Welcome" ${username}
319			info "Sent welcome message to ($username)."
320		}
321	fi
322}
323
324# get_user
325#	Reads username of the account from standard input or from a global
326#	variable containing an account line from a file. The username is
327#	required. If this is an interactive session it will prompt in
328#	a loop until a username is entered. If it is batch processing from
329#	a file it will output an error message and return to the caller.
330#
331get_user() {
332	_input=
333
334	# No need to take down user names if this is a configuration saving run.
335	[ -n "$configflag" ] && return
336
337	while : ; do
338		if [ -z "$fflag" ]; then
339			echo -n "Username: "
340			read _input
341		else
342			_input="`echo "$fileline" | cut -f1 -d:`"
343		fi
344
345		# There *must* be a username. If this is an interactive
346		# session give the user an opportunity to retry.
347		#
348		if [ -z "$_input" ]; then
349			err "You must enter a username!"
350			[ -z "$fflag" ] && continue
351		fi
352		break
353	done
354	username="$_input"
355}
356
357# get_gecos
358#	Reads extra information about the user. Can be used both in interactive
359#	and batch (from file) mode.
360#
361get_gecos() {
362	_input=
363
364	# No need to take down additional user information for a configuration run.
365	[ -n "$configflag" ] && return
366
367	if [ -z "$fflag" ]; then
368		echo -n "Full name: "
369		read _input
370	else
371		_input="`echo "$fileline" | cut -f7 -d:`"
372	fi
373	ugecos="$_input"
374}
375
376# get_shell
377#	Get the account's shell. Works in interactive and batch mode. It
378#	accepts either the base name of the shell or the full path.
379#	If an invalid shell is entered it will simply use the default shell.
380#
381get_shell() {
382	_input=
383	_fullpath=
384	ushell="$defaultshell"
385
386	# Make sure the current value of the shell is a valid one
387	if [ -z "$Sflag" ]; then
388		if ! shell_exists $ushell ; then
389			info "Using default shell ${defaultshell}."
390			ushell="$defaultshell"
391		fi
392	fi
393
394	if [ -z "$fflag" ]; then
395		echo -n "Shell ($shells) [`basename $ushell`]: "
396		read _input
397	else
398		_input="`echo "$fileline" | cut -f9 -d:`"
399	fi
400	if [ -n "$_input" ]; then
401		if [ -n "$Sflag" ]; then
402			ushell="$_input"
403		else
404			_fullpath=`fullpath_from_shell $_input`
405			if [ -n "$_fullpath" ]; then
406				ushell="$_fullpath"
407			else
408				err "Invalid shell ($_input) for user $username."
409				info "Using default shell ${defaultshell}."
410				ushell="$defaultshell"
411			fi
412		fi
413	fi
414}
415
416# get_homedir
417#	Reads the account's home directory. Used both with interactive input
418#	and batch input.
419#
420get_homedir() {
421	_input=
422	if [ -z "$fflag" ]; then
423		echo -n "Home directory [${homeprefix}/${username}]: "
424		read _input
425	else
426		_input="`echo "$fileline" | cut -f8 -d:`"
427	fi
428
429	if [ -n "$_input" ]; then
430		uhome="$_input"
431		# if this is a configuration run, then user input is the home
432		# directory prefix. Otherwise it is understood to
433		# be $prefix/$user
434		#
435		[ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
436	else
437		uhome="${homeprefix}/${username}"
438	fi
439}
440
441# get_uid
442#	Reads a numeric userid in an interactive or batch session. Automatically
443#	allocates one if it is not specified.
444#
445get_uid() {
446	uuid=${uidstart}
447	_input=
448	_prompt=
449
450	# No need to take down uids for a configuration saving run.
451	[ -n "$configflag" ] && return
452
453	if [ -n "$uuid" ]; then
454		_prompt="Uid [$uuid]: "
455	else
456		_prompt="Uid (Leave empty for default): "
457	fi
458	if [ -z "$fflag" ]; then
459		echo -n "$_prompt"
460		read _input
461	else
462		_input="`echo "$fileline" | cut -f2 -d:`"
463	fi
464
465	[ -n "$_input" ] && uuid=$_input
466	uuid=`get_nextuid $uuid`
467	uidstart=$uuid
468}
469
470# get_class
471#	Reads login class of account. Can be used in interactive or batch mode.
472#
473get_class() {
474	uclass="$defaultclass"
475	_input=
476	_class=${uclass:-"default"}
477
478	if [ -z "$fflag" ]; then
479		echo -n "Login class [$_class]: "
480		read _input
481	else
482		_input="`echo "$fileline" | cut -f4 -d:`"
483	fi
484
485	[ -n "$_input" ] && uclass="$_input"
486}
487
488# get_logingroup
489#	Reads user's login group. Can be used in both interactive and batch
490#	modes. The specified value can be a group name or its numeric id.
491#	This routine leaves the field blank if nothing is provided and
492#	a default login group has not been set. The pw(8) command
493#	will then provide a login group with the same name as the username.
494#
495get_logingroup() {
496	ulogingroup="$defaultLgroup"
497	_input=
498
499	if [ -z "$fflag" ]; then
500		echo -n "Login group [${ulogingroup:-$username}]: "
501		read _input
502	else
503		_input="`echo "$fileline" | cut -f3 -d:`"
504	fi
505
506	# Pw(8) will use the username as login group if it's left empty
507	[ -n "$_input" ] && ulogingroup="$_input"
508}
509
510# get_groups
511#	Read additional groups for the user. It can be used in both interactive
512#	and batch modes.
513#
514get_groups() {
515	ugroups="$defaultgroups"
516	_input=
517	_group=${ulogingroup:-"${username}"}
518
519	if [ -z "$configflag" ]; then
520		[ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
521		[ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
522	else
523		[ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
524	fi
525	read _input
526
527	[ -n "$_input" ] && ugroups="$_input"
528}
529
530# get_expire_dates
531#	Read expiry information for the account and also for the password. This
532#	routine is used only from batch processing mode.
533#
534get_expire_dates() {
535	upwexpire="`echo "$fileline" | cut -f5 -d:`"
536	uexpire="`echo "$fileline" | cut -f6 -d:`"
537}
538
539# get_password
540#	Read the password in batch processing mode. The password field matters
541#	only when the password type is "yes" or "random". If the field is empty and the
542#	password type is "yes", then it assumes the account has an empty passsword
543#	and changes the password type accordingly. If the password type is "random"
544#	and the password field is NOT empty, then it assumes the account will NOT
545#	have a random password and set passwdtype to "yes."
546#
547get_password() {
548	# We may temporarily change a password type. Make sure it's changed
549	# back to whatever it was before we process the next account.
550	#
551	[ -n "$savedpwtype" ] && {
552		passwdtype=$savedpwtype
553		savedpwtype=
554	}
555
556	# There may be a ':' in the password
557	upass=${fileline#*:*:*:*:*:*:*:*:*:}
558
559	if [ -z "$upass" ]; then
560		case $passwdtype in
561		yes)
562			# if it's empty, assume an empty password
563			passwdtype=none
564			savedpwtype=yes
565			;;
566		esac
567	else
568		case $passwdtype in
569		random)
570			passwdtype=yes
571			savedpwtype=random
572			;;
573		esac
574	fi
575}
576
577# input_from_file
578#	Reads a line of account information from standard input and
579#	adds it to the user database.
580#
581input_from_file() {
582	_field=
583
584	while read -r fileline ; do
585		case "$fileline" in
586		\#*|'')
587			return 0
588			;;
589		esac
590
591		get_user || continue
592		get_gecos
593		get_uid
594		get_logingroup
595		get_class
596		get_shell
597		get_homedir
598		get_password
599		get_expire_dates
600
601		add_user
602	done
603}
604
605# input_interactive
606#	Prompts for user information interactively, and commits to
607#	the user database.
608#
609input_interactive() {
610
611	_disable=
612	_pass=
613	_passconfirm=
614	_random="no"
615	_emptypass="no"
616	_usepass="yes"
617	_logingroup_ok="no"
618	_groups_ok="no"
619	case $passwdtype in
620	none)
621		_emptypass="yes"
622		_usepass="yes"
623		;;
624	no)
625		_usepass="no"
626		;;
627	random)
628		_random="yes"
629		;;
630	esac
631
632	get_user
633	get_gecos
634	get_uid
635
636	# The case where group = user is handled elsewhere, so
637	# validate any other groups the user is invited to.
638	until [ "$_logingroup_ok" = yes ]; do
639		get_logingroup
640		_logingroup_ok=yes
641		if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then
642			if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then
643				echo "Group $ulogingroup does not exist!"
644				_logingroup_ok=no
645			fi
646		fi
647	done
648	until [ "$_groups_ok" = yes ]; do
649		get_groups
650		_groups_ok=yes
651		for i in $ugroups; do
652			if [ "$username" != "$i" ]; then
653				if ! ${PWCMD} show group $i > /dev/null 2>&1; then
654					echo "Group $i does not exist!"
655					_groups_ok=no
656				fi
657			fi
658		done
659	done
660
661	get_class
662	get_shell
663	get_homedir
664
665	while : ; do
666		echo -n "Use password-based authentication? [$_usepass]: "
667		read _input
668		[ -z "$_input" ] && _input=$_usepass
669		case $_input in
670		[Nn][Oo]|[Nn])
671			passwdtype="no"
672			;;
673		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
674			while : ; do
675				echo -n "Use an empty password? (yes/no) [$_emptypass]: "
676				read _input
677				[ -n "$_input" ] && _emptypass=$_input
678				case $_emptypass in
679				[Nn][Oo]|[Nn])
680					echo -n "Use a random password? (yes/no) [$_random]: "
681					read _input
682					[ -n "$_input" ] && _random="$_input"
683					case $_random in
684					[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
685						passwdtype="random"
686						break
687						;;
688					esac
689					passwdtype="yes"
690					[ -n "$configflag" ] && break
691					trap 'stty echo; exit' 0 1 2 3 15
692					stty -echo
693					echo -n "Enter password: "
694					read -r upass
695					echo''
696					echo -n "Enter password again: "
697					read -r _passconfirm
698					echo ''
699					stty echo
700					# if user entered a blank password
701					# explicitly ask again.
702					[ -z "$upass" -a -z "$_passconfirm" ] \
703					    && continue
704					;;
705				[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
706					passwdtype="none"
707					break;
708					;;
709				*)
710					# invalid answer; repeat the loop
711					continue
712					;;
713				esac
714				if [ "$upass" != "$_passconfirm" ]; then
715					echo "Passwords did not match!"
716					continue
717				fi
718				break
719			done
720			;;
721		*)
722			# invalid answer; repeat loop
723			continue
724			;;
725		esac
726		break;
727	done
728	_disable=${disableflag:-"no"}
729	while : ; do
730		echo -n "Lock out the account after creation? [$_disable]: "
731		read _input
732		[ -z "$_input" ] && _input=$_disable
733		case $_input in
734		[Nn][Oo]|[Nn])
735			disableflag=
736			;;
737		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
738			disableflag=yes
739			;;
740		*)
741			# invalid answer; repeat loop
742			continue
743			;;
744		esac
745		break
746	done
747
748	# Display the information we have so far and prompt to
749	# commit it.
750	#
751	_disable=${disableflag:-"no"}
752	[ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
753	case $passwdtype in
754	yes)
755		_pass='*****'
756		;;
757	no)
758		_pass='<disabled>'
759		;;
760	none)
761		_pass='<blank>'
762		;;
763	random)
764		_pass='<random>'
765		;;
766	esac
767	[ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
768	[ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
769	[ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
770	[ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
771	printf "%-10s : %s\n" "Class" "$uclass"
772	printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
773	printf "%-10s : %s\n" "Home" "$uhome"
774	printf "%-10s : %s\n" "Shell" "$ushell"
775	printf "%-10s : %s\n" "Locked" "$_disable"
776	while : ; do
777		echo -n "OK? (yes/no): "
778		read _input
779		case $_input in
780		[Nn][Oo]|[Nn])
781			return 1
782			;;
783		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
784			add_user
785			;;
786		*)
787			continue
788			;;
789		esac
790		break
791	done
792	return 0
793}
794
795#### END SUBROUTINE DEFENITION ####
796
797THISCMD=`/usr/bin/basename $0`
798DEFAULTSHELL=/bin/sh
799ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
800PWCMD="${PWCMD:-/usr/sbin/pw}"
801MAILCMD="${MAILCMD:-mail}"
802ETCSHELLS="${ETCSHELLS:-/etc/shells}"
803NOHOME="/nonexistent"
804NOLOGIN="nologin"
805NOLOGIN_PATH="/usr/sbin/nologin"
806GREPCMD="/usr/bin/grep"
807DATECMD="/bin/date"
808
809# Set default values
810#
811username=
812uuid=
813uidstart=
814ugecos=
815ulogingroup=
816uclass=
817uhome=
818upass=
819ushell=
820udotdir=/usr/share/skel
821ugroups=
822uexpire=
823upwexpire=
824shells="`valid_shells`"
825passwdtype="yes"
826msgfile=/etc/adduser.msg
827msgflag=
828quietflag=
829configflag=
830fflag=
831infile=
832disableflag=
833Dflag=
834Sflag=
835readconfig="yes"
836homeprefix="/home"
837randompass=
838fileline=
839savedpwtype=
840defaultclass=
841defaultLgroup=
842defaultgroups=
843defaultshell="${DEFAULTSHELL}"
844
845# Make sure the user running this program is root. This isn't a security
846# measure as much as it is a usefull method of reminding the user to
847# 'su -' before he/she wastes time entering data that won't be saved.
848#
849procowner=${procowner:-`/usr/bin/id -u`}
850if [ "$procowner" != "0" ]; then
851	err 'you must be the super-user (uid 0) to use this utility.'
852	exit 1
853fi
854
855# Overide from our conf file
856# Quickly go through the commandline line to see if we should read
857# from our configuration file. The actual parsing of the commandline
858# arguments happens after we read in our configuration file (commandline
859# should override configuration file).
860#
861for _i in $* ; do
862	if [ "$_i" = "-N" ]; then
863		readconfig=
864		break;
865	fi
866done
867if [ -n "$readconfig" ]; then
868	# On a long-lived system, the first time this script is run it
869	# will barf upon reading the configuration file for its perl predecessor.
870	if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
871		[ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
872	fi
873fi
874
875# Proccess command-line options
876#
877for _switch ; do
878	case $_switch in
879	-L)
880		defaultclass="$2"
881		shift; shift
882		;;
883	-C)
884		configflag=yes
885		shift
886		;;
887	-D)
888		Dflag=yes
889		shift
890		;;
891	-E)
892		disableflag=yes
893		shift
894		;;
895	-k)
896		udotdir="$2"
897		shift; shift
898		;;
899	-f)
900		[ "$2" != "-" ] && infile="$2"
901		fflag=yes
902		shift; shift
903		;;
904	-g)
905		defaultLgroup="$2"
906		shift; shift
907		;;
908	-G)
909		defaultgroups="$2"
910		shift; shift
911		;;
912	-h)
913		show_usage
914		exit 0
915		;;
916	-d)
917		homeprefix="$2"
918		shift; shift
919		;;
920	-m)
921		case "$2" in
922		[Nn][Oo])
923			msgflag=
924			;;
925		*)
926			msgflag=yes
927			msgfile="$2"
928			;;
929		esac
930		shift; shift
931		;;
932	-N)
933		readconfig=
934		shift
935		;;
936	-w)
937		case "$2" in
938		no|none|random|yes)
939			passwdtype=$2
940			;;
941		*)
942			show_usage
943			exit 1
944			;;
945		esac
946		shift; shift
947		;;
948	-q)
949		quietflag=yes
950		shift
951		;;
952	-s)
953		defaultshell="`fullpath_from_shell $2`"
954		shift; shift
955		;;
956	-S)
957		Sflag=yes
958		shift
959		;;
960	-u)
961		uidstart=$2
962		shift; shift
963		;;
964	esac
965done
966
967# If the -f switch was used, get input from a file. Otherwise,
968# this is an interactive session.
969#
970if [ -n "$fflag" ]; then
971	if [ -z "$infile" ]; then
972		input_from_file
973	elif [ -n "$infile" ]; then
974		if [ -r "$infile" ]; then
975			input_from_file < $infile
976		else
977			err "File ($infile) is unreadable or does not exist."
978		fi
979	fi
980else
981	input_interactive
982	while : ; do
983		if [ -z "$configflag" ]; then
984			echo -n "Add another user? (yes/no): "
985		else
986			echo -n "Re-edit the default configuration? (yes/no): "
987		fi
988		read _input
989		case $_input in
990		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
991			uidstart=`get_nextuid $uidstart`
992			input_interactive
993			continue
994			;;
995		[Nn][Oo]|[Nn])
996			echo "Goodbye!"
997			;;
998		*)
999			continue
1000			;;
1001		esac
1002		break
1003	done
1004fi
1005