adduser.sh revision 109720 
1#!/bin/sh
2#
3# Copyright (c) 2002 Michael Telahun Makonnen. All rights reserved.
4#
5# Redistribution and use in source and binary forms, with or without
6# modification, are permitted provided that the following conditions
7# are met:
8# 1. Redistributions of source code must retain the above copyright
9#    notice, this list of conditions and the following disclaimer.
10# 2. Redistributions in binary form must reproduce the above copyright
11#    notice, this list of conditions and the following disclaimer in the
12#    documentation and/or other materials provided with the distribution.
13# 3. The name of the author may not be used to endorse or promote products
14#    derived from this software without specific prior written permission.
15#
16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26#
27#       Email: Mike Makonnen <mtm@identd.net>
28#
29# $FreeBSD: head/usr.sbin/adduser/adduser.sh 109720 2003-01-23 01:57:30Z mtm $
30#
31
32# err msg
33#       Display $msg on stderr, unless we're being quiet.
34# 
35err() {
36	if [ -z "$quietflag" ]; then
37        	echo 1>&2 ${THISCMD}: ERROR: $*
38	fi
39}
40
41# info msg
42#       Display $msg on stdout, unless we're being quiet.
43# 
44info() {
45	if [ -z "$quietflag" ]; then
46        	echo ${THISCMD}: INFO: $*
47	fi
48}
49
50# get_nextuid
51#	Output the value of $_uid if it is available for use. If it
52#	is not, output the value of the next higher uid that is available.
53#	If a uid is not specified, output the first available uid, as indicated
54#	by pw(8).
55# 
56get_nextuid () {
57	_uid=$1
58	_nextuid=
59
60	if [ -z "$_uid" ]; then
61		_nextuid="`${PWCMD} usernext | cut -f1 -d:`"
62	else
63		while : ; do
64			${PWCMD} usershow $_uid > /dev/null 2>&1
65			if [ ! "$?" -eq 0 ]; then
66				_nextuid=$_uid
67				break
68			fi
69			_uid=$(($_uid + 1))
70		done
71	fi
72	echo $_nextuid
73}
74
75# show_usage
76#	Display usage information for this utility.
77#
78show_usage() {
79	echo "usage: ${THISCMD} [options]"
80	echo "  options may include:"
81	echo "  -C		save to the configuration file only"
82	echo "  -E		disable this account after creation"
83	echo "  -G		additional groups to add accounts to"
84	echo "  -L		login class of the user"
85	echo "  -N		do not read configuration file"
86	echo "  -d		home directory"
87	echo "  -f		file from which input will be received"
88	echo "  -h		display this usage message"
89	echo "  -k		path to skeleton home directory"
90	echo "  -m		user welcome message file"
91	echo "  -q		absolute minimal user feedback"
92	echo "  -s		shell"
93	echo "  -u		uid to start at"
94	echo "  -w		password type: no, none, yes or random"
95}
96
97# valid_shells
98#	Outputs a list of valid shells from /etc/shells. Only the
99#	basename of the shell is output.
100#
101valid_shells() {
102	_prefix=
103	cat ${ETCSHELLS} |
104	while read _path _junk ; do
105		case $_path in
106		\#*|'')
107			;;
108		*)
109			echo -n "${_prefix}`basename $_path`"
110			_prefix=' '
111			;;
112		esac
113	done
114}
115
116# fullpath_from_shell shell
117#	Given $shell, the basename component of a valid shell, get the
118#	full path to the shell from the /etc/shells file.
119#
120fullpath_from_shell() {
121	_shell=$1
122	[ -z "$_shell" ] && return 1
123
124	cat ${ETCSHELLS} |
125	while read _path _junk ; do
126		case "$_path" in
127		\#*|'')
128			;;
129		*)
130			if [ "`basename $_path`" = "$_shell" ]; then
131				echo $_path
132				return 0
133			fi
134			;;
135		esac
136	done
137	return 1
138}
139
140# save_config
141#	Save some variables to a configuration file.
142#	Note: not all script variables are saved, only those that
143#	      it makes sense to save.
144#
145save_config() {
146	echo "# Configuration file for adduser(8)."     >  ${ADDUSERCONF}
147	echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
148	echo "# Last Modified on `date`."		      >> ${ADDUSERCONF}
149	echo ''				>> ${ADDUSERCONF}
150	echo "defaultclass=$uclass"	>> ${ADDUSERCONF}
151	echo "defaultgroups=$ugroups"	>> ${ADDUSERCONF}
152	echo "passwdtype=$passwdtype" 	>> ${ADDUSERCONF}
153	echo "homeprefix=$homeprefix" 	>> ${ADDUSERCONF}
154	echo "defaultshell=$ushell"	>> ${ADDUSERCONF}
155	echo "udotdir=$udotdir"		>> ${ADDUSERCONF}
156	echo "msgfile=$msgfile"		>> ${ADDUSERCONF}
157	echo "disableflag=$disableflag" >> ${ADDUSERCONF}
158}
159
160# add_user
161#	Add a user to the user database. If the user chose to send a welcome
162#	message or lock the account, do so.
163#
164add_user() {
165
166	# Is this a configuration run? If so, don't modify user database.
167	#
168	if [ -n "$configflag" ]; then
169		save_config
170		return
171	fi
172
173	_uid=
174	_name=
175	_comment=
176	_gecos=
177	_home=
178	_group=
179	_grouplist=
180	_shell=
181	_class=
182	_dotdir=
183	_expire=
184	_pwexpire=
185	_passwd=
186	_upasswd=
187	_passwdmethod=
188
189	_name="-n '$username'"
190	[ -n "$uuid" ] && _uid="-u '$uuid'"
191	[ -n "$ulogingroup" ] && _group="-g '$ulogingroup'"
192	[ -n "$ugroups" ] && _grouplist="-G '$ugroups'"
193	[ -n "$ushell" ] && _shell="-s '$ushell'"
194	[ -n "$uhome" ] && _home="-m -d '$uhome'"
195	[ -n "$uclass" ] && _class="-L '$uclass'"
196	[ -n "$ugecos" ] && _comment="-c '$ugecos'"
197	[ -n "$udotdir" ] && _dotdir="-k '$udotdir'"
198	[ -n "$uexpire" ] && _expire="-e '$uexpire'"
199	[ -n "$upwexpire" ] && _pwexpire="-p '$upwexpire'"
200	case $passwdtype in
201	no)
202		_passwdmethod="-w no"
203		_passwd="-h -"
204		;;
205	yes)
206		_passwdmethod="-w yes"
207		_passwd="-h 0"
208		_upasswd="echo '$upass' |"
209		;;
210	none)
211		_passwdmethod="-w none"
212		;;
213	random)
214		_passwdmethod="-w random"
215		;;
216	esac
217
218	_pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
219	_pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
220	_pwcmd="$_pwcmd $_expire $_pwexpire"
221
222	if ! _output=`eval $_pwcmd` ; then
223		err "There was an error adding user ($username)."
224		return 1
225	else
226		info "Successfully added ($username) to the user database."
227		if [ "random" = "$passwdtype" ]; then
228			randompass="$_output"
229			info "Password for ($username) is: $randompass"
230		fi
231	fi
232
233	if [ -n "$disableflag" ]; then
234		if ${PWCMD} lock $username ; then
235			info "Account ($username) is locked."
236		else
237			info "Account ($username) could NOT be locked."
238		fi
239	fi
240
241	_line=
242	_owner=
243	_perms=
244	if [ -n "$msgflag" ]; then
245		[ -r "$msgfile" ] && {
246			# We're evaluating the contents of an external file.
247			# Let's not open ourselves up for attack. _perms will
248			# be empty if it's writeable only by the owner. _owner
249			# will *NOT* be empty if the file is owned by root.
250			#
251			_dir="`dirname $msgfile`"
252			_file="`basename $msgfile`"
253			_perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
254			_owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
255			if [ -z "$_owner" -o -n "$_perms" ]; then
256				err "The message file ($msgfile) may be writeable only by root."
257				return 1
258			fi
259			cat "$msgfile" |
260			while read _line ; do
261				eval echo "$_line"
262			done | ${MAILCMD} -s"Welcome" ${username}
263			info "Sent welcome message to ($username)."
264		}
265	fi
266}
267
268# get_user
269#	Reads username of the account from standard input or from a global
270#	variable containing an account line from a file. The username is
271#	required. If this is an interactive session it will prompt in
272#	a loop until a username is entered. If it is batch processing from
273#	a file it will output an error message and return to the caller.
274#
275get_user() {
276	_input=
277
278	# No need to take down user names if this is a configuration saving run.
279	[ -n "$configflag" ] && return
280
281	while : ; do
282		if [ -z "$fflag" ]; then
283			echo -n "Username: "
284			read _input
285		else
286			_input="`echo "$fileline" | cut -f1 -d:`"
287		fi
288
289		# There *must* be a username. If this is an interactive
290		# session give the user an opportunity to retry.
291		#
292		if [ -z "$_input" ]; then
293			err "You must enter a username!"
294			[ -z "$fflag" ] && continue
295		fi
296		break
297	done
298	username="$_input"
299}
300
301# get_gecos
302#	Reads extra information about the user. Can be used both in interactive
303#	and batch (from file) mode.
304#
305get_gecos() {
306	_input=
307
308	# No need to take down additional user information for a configuration run.
309	[ -n "$configflag" ] && return
310
311	if [ -z "$fflag" ]; then
312		echo -n "Full name: "
313		read _input
314	else
315		_input="`echo "$fileline" | cut -f7 -d:`"
316	fi
317	ugecos="$_input"
318}
319
320# get_shell
321#	Get the account's shell. Works in interactive and batch mode. It
322#	accepts only the base name of the shell, NOT the full path.
323#	If an invalid shell is entered it will simply use the default shell.
324#
325get_shell() {
326	_input=
327	_fullpath=
328	ushell="$defaultshell"
329
330	# Make sure the current value of the shell is a valid one
331	_shellchk="grep '^$ushell$' ${ETCSHELLS} > /dev/null 2>&1"
332	eval $_shellchk || {
333		err "Invalid shell ($ushell). Using default shell ${defaultshell}."
334		ushell="$defaultshell"
335	}
336
337	if [ -z "$fflag" ]; then
338		echo -n "Shell ($shells) [`basename $ushell`]: "
339		read _input
340	else
341		_input="`echo "$fileline" | cut -f9 -d:`"
342	fi
343	if [ -n "$_input" ]; then
344		_fullpath=`fullpath_from_shell $_input`
345		if [ -n "$_fullpath" ]; then
346			ushell="$_fullpath"
347		else
348			err "Invalid shell selection. Using default shell ${defaultshell}."
349			ushell="$defaultshell"
350		fi
351	fi
352}
353
354# get_homedir
355#	Reads the account's home directory. Used both with interactive input
356#	and batch input.
357#
358get_homedir() {
359	_input=
360	if [ -z "$fflag" ]; then
361		echo -n "Home directory [${homeprefix}/${username}]: "
362		read _input
363	else
364		_input="`echo "$fileline" | cut -f8 -d:`"
365	fi
366
367	if [ -n "$_input" ]; then
368		uhome="$_input"
369		# if this is a configuration run, then user input is the home
370		# directory prefix. Otherwise it is understood to
371		# be $prefix/$user
372		#
373		[ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
374	else
375		uhome="${homeprefix}/${username}"
376	fi
377}
378
379# get_uid
380#	Reads a numeric userid in an interactive or batch session. Automatically
381#	allocates one if it is not specified.
382#
383get_uid() {
384	uuid=${uidstart}
385	_input=
386	_prompt=
387
388	# No need to take down uids for a configuration saving run.
389	[ -n "$configflag" ] && return
390
391	if [ -n "$uuid" ]; then
392		_prompt="Uid [$uuid]: "
393	else
394		_prompt="Uid (Leave empty for default): "
395	fi
396	if [ -z "$fflag" ]; then
397		echo -n "$_prompt"
398		read _input
399	else
400		_input="`echo "$fileline" | cut -f2 -d:`"
401	fi
402
403	[ -n "$_input" ] && uuid=$_input
404	uuid=`get_nextuid $uuid`
405	uidstart=$uuid
406}
407
408# get_class
409#	Reads login class of account. Can be used in interactive or batch mode.
410#
411get_class() {
412	uclass="$defaultclass"
413	_input=
414	_class=${uclass:-"default"}
415
416	if [ -z "$fflag" ]; then
417		echo -n "Login class [$_class]: "
418		read _input
419	else
420		_input="`echo "$fileline" | cut -f4 -d:`"
421	fi
422
423	[ -n "$_input" ] && uclass="$_input"
424}
425
426# get_logingroup
427#	Reads user's login group. Can be used in both interactive and batch
428#	modes. The specified value can be a group name or its numeric id.
429#	This routine leaves the field blank if nothing is provided. The pw(8)
430#	command will then provide a login group with the same name as the username.
431#
432get_logingroup() {
433	ulogingroup=
434	_input=
435
436	# No need to take down a login group for a configuration saving run.
437	[ -n "$configflag" ] && return
438
439	if [ -z "$fflag" ]; then
440		echo -n "Login group [$username]: "
441		read _input
442	else
443		_input="`echo "$fileline" | cut -f3 -d:`"
444	fi
445
446	# Pw(8) will use the username as login group if it's left empty
447	[ -n "$_input" ] && ulogingroup="$_input" || ulogingroup=
448}
449
450# get_groups
451#	Read additional groups for the user. It can be used in both interactive
452#	and batch modes.
453#
454get_groups() {
455	ugroups="$defaultgroups"
456	_input=
457	_group=${ulogingroup:-"${username}"}
458
459	if [ -z "$configflag" ]; then
460		[ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
461		[ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
462	else
463		[ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
464	fi
465	read _input
466
467	[ -n "$_input" ] && ugroups="$_input"
468}
469
470# get_expire_dates
471#	Read expiry information for the account and also for the password. This
472#	routine is used only from batch processing mode.
473#
474get_expire_dates() {
475	upwexpire="`echo "$fileline" | cut -f5 -d:`"
476	uexpire="`echo "$fileline" | cut -f6 -d:`"
477}
478
479# get_password
480#	Read the password in batch processing mode. The password field matters
481#	only when the password type is "yes" or "random". If the field is empty and the
482#	password type is "yes", then it assumes the account has an empty passsword
483#	and changes the password type accordingly. If the password type is "random"
484#	and the password field is NOT empty, then it assumes the account will NOT
485#	have a random password and set passwdtype to "yes."
486#
487get_password() {
488	# We may temporarily change a password type. Make sure it's changed
489	# back to whatever it was before we process the next account.
490	#
491	[ -n "$savedpwtype" ] && {
492		passwdtype=$savedpwtype
493		savedpwtype=
494	}
495
496	# There may be a ':' in the password
497	upass=${fileline#*:*:*:*:*:*:*:*:*:}
498
499	if [ -z "$upass" ]; then
500		case $passwdtype in
501		yes)
502			# if it's empty, assume an empty password
503			passwdtype=none
504			savedpwtype=yes
505			;;
506		esac
507	else
508		case $passwdtype in
509		random)
510			passwdtype=yes
511			savedpwtype=random
512			;;
513		esac
514	fi
515}
516
517# input_from_file
518#	Reads a line of account information from standard input and
519#	adds it to the user database.
520#
521input_from_file() {
522	_field=
523
524	while read fileline ; do
525		case "$fileline" in
526		\#*|'')
527			return 0
528			;;
529		esac
530
531		get_user || continue
532		get_gecos
533		get_uid
534		get_logingroup
535		get_class
536		get_shell
537		get_homedir
538		get_password
539		get_expire_dates
540
541		add_user
542	done
543}
544
545# input_interactive
546#	Prompts for user information interactively, and commits to
547#	the user database.
548#
549input_interactive() {
550
551	_disable=
552	_pass=
553	_passconfirm=
554	_random="no"
555	_emptypass="no"
556	_usepass="yes"
557	case $passwdtype in
558	none)
559		_emptypass="yes"
560		_usepass="yes"
561		;;
562	no)
563		_usepass="no"
564		;;
565	random)
566		_random="yes"
567		;;
568	esac
569
570	get_user
571	get_gecos
572	get_uid
573	get_logingroup
574	get_groups
575	get_class
576	get_shell
577	get_homedir
578
579	while : ; do
580		echo -n "Use password-based authentication? [$_usepass]: "
581		read _input
582		[ -z "$_input" ] && _input=$_usepass
583		case $_input in
584		[Nn][Oo]|[Nn])
585			passwdtype="no"
586			;;
587		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
588			while : ; do
589				echo -n "Use an empty password? (yes/no) [$_emptypass]: "
590				read _input
591				[ -n "$_input" ] && _emptypass=$_input
592				case $_emptypass in
593				[Nn][Oo]|[Nn])
594					echo -n "Use a random password? (yes/no) [$_random]: "
595					read _input
596					[ -n "$_input" ] && _random="$_input"
597					case $_random in
598					[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
599						passwdtype="random"
600						break
601						;;
602					esac
603					passwdtype="yes"
604					trap 'stty echo; exit' 0 1 2 3 15
605					stty -echo
606					echo -n "Enter password: "
607					read upass
608					echo''
609					echo -n "Enter password again: "
610					read _passconfirm
611					echo ''
612					stty echo
613					# if user entered a blank password
614					# explicitly ask again.
615					[ -z "$upass" -a -z "$_passconfirm" ] \
616					    && continue
617					;;
618				[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
619					passwdtype="none"
620					break;
621					;;
622				*)
623					# invalid answer; repeat the loop
624					continue
625					;;
626				esac
627				if [ "$upass" != "$_passconfirm" ]; then
628					echo "Passwords did not match!"
629					continue
630				fi
631				break
632			done
633			;;
634		*)
635			# invalid answer; repeat loop
636			continue
637			;;
638		esac
639		break;
640	done
641	_disable=${disableflag:-"no"}
642	while : ; do
643		echo -n "Lock out the account after creation? [$_disable]: "
644		read _input
645		[ -z "$_input" ] && _input=$_disable
646		case $_input in
647		[Nn][Oo]|[Nn])
648			disableflag=
649			;;
650		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
651			disableflag=yes
652			;;
653		*)
654			# invalid answer; repeat loop
655			continue
656			;;
657		esac
658		break
659	done
660	
661	# Display the information we have so far and prompt to
662	# commit it.
663	#
664	_disable=${disableflag:-"no"}
665	[ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
666	case $passwdtype in
667	yes)
668		_pass='*****'
669		;;
670	no)
671		_pass='<disabled>'
672		;;
673	none)
674		_pass='<blank>'
675		;;
676	random)
677		_pass='<random>'
678		;;
679	esac
680	printf "%-10s : %s\n" "Password" "$_pass"
681	[ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
682	[ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
683	printf "%-10s : %s\n" "Class" "$uclass"
684	[ -z "$configflag" ] && printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
685	printf "%-10s : %s\n" "Home" "$uhome"
686	printf "%-10s : %s\n" "Shell" "$ushell"
687	printf "%-10s : %s\n" "Locked" "$_disable"
688	while : ; do
689		echo -n "OK? (yes/no): "
690		read _input
691		case $_input in
692		[Nn][Oo]|[Nn])
693			return 1
694			;;
695		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
696			add_user
697			;;
698		*)
699			continue
700			;;
701		esac
702		break
703	done
704	return 0
705}
706
707#### END SUBROUTINE DEFENITION ####
708
709THISCMD=`/usr/bin/basename $0`
710DEFAULTSHELL=/bin/sh
711ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
712PWCMD="${PWCMD:-/usr/sbin/pw}"
713MAILCMD="${MAILCMD:-mail}"
714ETCSHELLS="${ETCSHELLS:-/etc/shells}"
715
716# Set default values
717#
718username=
719uuid=
720uidstart=
721ugecos=
722ulogingroup=
723uclass=
724uhome=
725upass=
726ushell=
727udotdir=/usr/share/skel
728ugroups=
729uexpire=
730upwexpire=
731shells="`valid_shells`"
732passwdtype="yes"
733msgfile=/etc/adduser.msg
734msgflag=
735quietflag=
736configflag=
737fflag=
738infile=
739disableflag=
740readconfig="yes"
741homeprefix="/home"
742randompass=
743fileline=
744savedpwtype=
745defaultclass=
746defaultgoups=
747defaultshell="${DEFAULTSHELL}"
748
749# Make sure the user running this program is root. This isn't a security
750# measure as much as it is a usefull method of reminding the user to
751# 'su -' before he/she wastes time entering data that won't be saved.
752#
753procowner=${procowner:-`/usr/bin/id -u`}
754if [ "$procowner" != "0" ]; then
755	err 'you must be the super-user (uid 0) to use this utility.'
756	exit 1
757fi
758
759# Overide from our conf file
760# Quickly go through the commandline line to see if we should read
761# from our configuration file. The actual parsing of the commandline
762# arguments happens after we read in our configuration file (commandline
763# should override configuration file).
764#
765for _i in $* ; do
766	if [ "$_i" = "-N" ]; then
767		readconfig=
768		break;
769	fi
770done
771if [ -n "$readconfig" ]; then
772	# On a long-lived system, the first time this script is run it
773	# will barf upon reading the configuration file for its perl predecessor.
774	if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
775		[ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
776	fi
777fi 
778
779# Proccess command-line options
780#
781for _switch ; do
782	case $_switch in
783	-L)
784		defaultclass="$2"
785		shift; shift
786		;;
787	-C)
788		configflag=yes
789		shift
790		;;
791	-E)
792		disableflag=yes
793		shift
794		;;
795	-k)
796		udotdir="$2"
797		shift; shift
798		;;
799	-f)
800		[ "$2" != "-" ] && infile="$2"
801		fflag=yes
802		shift; shift
803		;;
804	-G)
805		defaultgroups="$2"
806		shift; shift
807		;;
808	-h)
809		show_usage
810		exit 0
811		;;
812	-d)
813		homeprefix="$2"
814		shift; shift
815		;;
816	-m)
817		case "$2" in
818		[Nn][Oo])
819			msgflag=
820			;;
821		*)
822			msgflag=yes
823			msgfile="$2"
824			;;
825		esac
826		shift; shift
827		;;
828	-N)
829		readconfig=
830		shift
831		;;
832	-w)
833		case "$2" in
834		no|none|random|yes)
835			passwdtype=$2
836			;;
837		*)
838			show_usage
839			exit 1
840			;;
841		esac
842		shift; shift
843		;;
844	-q)
845		quietflag=yes
846		shift
847		;;
848	-s)
849		defaultshell="`fullpath_from_shell $2`"
850		shift; shift
851		;;
852	-u)
853		uidstart=$2
854		shift; shift
855		;;
856	esac
857done
858
859# If the -f switch was used, get input from a file. Otherwise,
860# this is an interactive session.
861#
862if [ -n "$fflag" ]; then
863	if [ -z "$infile" ]; then
864		input_from_file
865	elif [ -n "$infile" ]; then
866		if [ -r "$infile" ]; then
867			input_from_file < $infile
868		else
869			err "File ($infile) is unreadable or does not exist."
870		fi
871	fi
872else
873	input_interactive
874fi
875