1/* vi: set sw=4 ts=4: */ 2/* 3 * addgroup - add groups to /etc/group and /etc/gshadow 4 * 5 * Copyright (C) 1999 by Lineo, inc. and John Beppu 6 * Copyright (C) 1999,2000,2001 by John Beppu <beppu@codepoet.org> 7 * Copyright (C) 2007 by Tito Ragusa <farmatito@tiscali.it> 8 * 9 * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. 10 * 11 */ 12#include "libbb.h" 13 14#if CONFIG_LAST_SYSTEM_ID < CONFIG_FIRST_SYSTEM_ID 15#error Bad LAST_SYSTEM_ID or FIRST_SYSTEM_ID in .config 16#endif 17 18#define OPT_GID (1 << 0) 19#define OPT_SYSTEM_ACCOUNT (1 << 1) 20 21/* We assume GID_T_MAX == INT_MAX */ 22static void xgroup_study(struct group *g) 23{ 24 unsigned max = INT_MAX; 25 26 /* Make sure gr_name is unused */ 27 if (getgrnam(g->gr_name)) { 28 bb_error_msg_and_die("%s '%s' in use", "group", g->gr_name); 29 /* these format strings are reused in adduser and addgroup */ 30 } 31 32 /* if a specific gid is requested, the --system switch and */ 33 /* min and max values are overridden, and the range of valid */ 34 /* gid values is set to [0, INT_MAX] */ 35 if (!(option_mask32 & OPT_GID)) { 36 if (option_mask32 & OPT_SYSTEM_ACCOUNT) { 37 g->gr_gid = CONFIG_FIRST_SYSTEM_ID; 38 max = CONFIG_LAST_SYSTEM_ID; 39 } else { 40 g->gr_gid = CONFIG_LAST_SYSTEM_ID + 1; 41 max = 64999; 42 } 43 } 44 /* Check if the desired gid is free 45 * or find the first free one */ 46 while (1) { 47 if (!getgrgid(g->gr_gid)) { 48 return; /* found free group: return */ 49 } 50 if (option_mask32 & OPT_GID) { 51 /* -g N, cannot pick gid other than N: error */ 52 bb_error_msg_and_die("%s '%s' in use", "gid", itoa(g->gr_gid)); 53 /* this format strings is reused in adduser and addgroup */ 54 } 55 if (g->gr_gid == max) { 56 /* overflowed: error */ 57 bb_error_msg_and_die("no %cids left", 'g'); 58 /* this format string is reused in adduser and addgroup */ 59 } 60 g->gr_gid++; 61 } 62} 63 64/* append a new user to the passwd file */ 65static void new_group(char *group, gid_t gid) 66{ 67 struct group gr; 68 char *p; 69 70 /* make sure gid and group haven't already been allocated */ 71 gr.gr_gid = gid; 72 gr.gr_name = group; 73 xgroup_study(&gr); 74 75 /* add entry to group */ 76 p = xasprintf("x:%u:", (unsigned) gr.gr_gid); 77 if (update_passwd(bb_path_group_file, group, p, NULL) < 0) 78 exit(EXIT_FAILURE); 79 if (ENABLE_FEATURE_CLEAN_UP) 80 free(p); 81#if ENABLE_FEATURE_SHADOWPASSWDS 82 /* /etc/gshadow fields: 83 * 1. Group name. 84 * 2. Encrypted password. 85 * If set, non-members of the group can join the group 86 * by typing the password for that group using the newgrp command. 87 * If the value is of this field ! then no user is allowed 88 * to access the group using the newgrp command. A value of !! 89 * is treated the same as a value of ! only it indicates 90 * that a password has never been set before. If the value is null, 91 * only group members can log into the group. 92 * 3. Group administrators (comma delimited list). 93 * Group members listed here can add or remove group members 94 * using the gpasswd command. 95 * 4. Group members (comma delimited list). 96 */ 97 /* Ignore errors: if file is missing we assume admin doesn't want it */ 98 update_passwd(bb_path_gshadow_file, group, "!::", NULL); 99#endif 100} 101 102#if ENABLE_FEATURE_ADDGROUP_LONG_OPTIONS 103static const char addgroup_longopts[] ALIGN1 = 104 "gid\0" Required_argument "g" 105 "system\0" No_argument "S" 106 ; 107#endif 108 109/* 110 * addgroup will take a login_name as its first parameter. 111 * 112 * gid can be customized via command-line parameters. 113 * If called with two non-option arguments, addgroup 114 * will add an existing user to an existing group. 115 */ 116int addgroup_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; 117int addgroup_main(int argc UNUSED_PARAM, char **argv) 118{ 119 unsigned opts; 120 unsigned gid = 0; 121 122 /* need to be root */ 123 if (geteuid()) { 124 bb_error_msg_and_die(bb_msg_perm_denied_are_you_root); 125 } 126#if ENABLE_FEATURE_ADDGROUP_LONG_OPTIONS 127 applet_long_options = addgroup_longopts; 128#endif 129 /* Syntax: 130 * addgroup group 131 * addgroup -g num group 132 * addgroup user group 133 * Check for min, max and missing args */ 134 opt_complementary = "-1:?2:g+"; 135 opts = getopt32(argv, "g:S", &gid); 136 /* move past the commandline options */ 137 argv += optind; 138 //argc -= optind; 139 140#if ENABLE_FEATURE_ADDUSER_TO_GROUP 141 if (argv[1]) { 142 struct group *gr; 143 144 if (opts & OPT_GID) { 145 /* -g was there, but "addgroup -g num user group" 146 * is a no-no */ 147 bb_show_usage(); 148 } 149 150 /* check if group and user exist */ 151 xuname2uid(argv[0]); /* unknown user: exit */ 152 gr = xgetgrnam(argv[1]); /* unknown group: exit */ 153 /* check if user is already in this group */ 154 for (; *(gr->gr_mem) != NULL; (gr->gr_mem)++) { 155 if (!strcmp(argv[0], *(gr->gr_mem))) { 156 /* user is already in group: do nothing */ 157 return EXIT_SUCCESS; 158 } 159 } 160 if (update_passwd(bb_path_group_file, argv[1], NULL, argv[0]) < 0) { 161 return EXIT_FAILURE; 162 } 163# if ENABLE_FEATURE_SHADOWPASSWDS 164 update_passwd(bb_path_gshadow_file, argv[1], NULL, argv[0]); 165# endif 166 } else 167#endif /* ENABLE_FEATURE_ADDUSER_TO_GROUP */ 168 { 169 die_if_bad_username(argv[0]); 170 new_group(argv[0], gid); 171 172 } 173 /* Reached only on success */ 174 return EXIT_SUCCESS; 175} 176