adduser.sh revision 109775 
1#!/bin/sh
2#
3# Copyright (c) 2002 Michael Telahun Makonnen. All rights reserved.
4#
5# Redistribution and use in source and binary forms, with or without
6# modification, are permitted provided that the following conditions
7# are met:
8# 1. Redistributions of source code must retain the above copyright
9#    notice, this list of conditions and the following disclaimer.
10# 2. Redistributions in binary form must reproduce the above copyright
11#    notice, this list of conditions and the following disclaimer in the
12#    documentation and/or other materials provided with the distribution.
13# 3. The name of the author may not be used to endorse or promote products
14#    derived from this software without specific prior written permission.
15#
16# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26#
27#       Email: Mike Makonnen <mtm@identd.net>
28#
29# $FreeBSD: head/usr.sbin/adduser/adduser.sh 109775 2003-01-24 02:05:51Z fjoe $
30#
31
32# err msg
33#       Display $msg on stderr, unless we're being quiet.
34# 
35err() {
36	if [ -z "$quietflag" ]; then
37        	echo 1>&2 ${THISCMD}: ERROR: $*
38	fi
39}
40
41# info msg
42#       Display $msg on stdout, unless we're being quiet.
43# 
44info() {
45	if [ -z "$quietflag" ]; then
46        	echo ${THISCMD}: INFO: $*
47	fi
48}
49
50# get_nextuid
51#	Output the value of $_uid if it is available for use. If it
52#	is not, output the value of the next higher uid that is available.
53#	If a uid is not specified, output the first available uid, as indicated
54#	by pw(8).
55# 
56get_nextuid () {
57	_uid=$1
58	_nextuid=
59
60	if [ -z "$_uid" ]; then
61		_nextuid="`${PWCMD} usernext | cut -f1 -d:`"
62	else
63		while : ; do
64			${PWCMD} usershow $_uid > /dev/null 2>&1
65			if [ ! "$?" -eq 0 ]; then
66				_nextuid=$_uid
67				break
68			fi
69			_uid=$(($_uid + 1))
70		done
71	fi
72	echo $_nextuid
73}
74
75# show_usage
76#	Display usage information for this utility.
77#
78show_usage() {
79	echo "usage: ${THISCMD} [options]"
80	echo "  options may include:"
81	echo "  -C		save to the configuration file only"
82	echo "  -E		disable this account after creation"
83	echo "  -G		additional groups to add accounts to"
84	echo "  -L		login class of the user"
85	echo "  -N		do not read configuration file"
86	echo "  -d		home directory"
87	echo "  -f		file from which input will be received"
88	echo "  -h		display this usage message"
89	echo "  -k		path to skeleton home directory"
90	echo "  -m		user welcome message file"
91	echo "  -q		absolute minimal user feedback"
92	echo "  -s		shell"
93	echo "  -u		uid to start at"
94	echo "  -w		password type: no, none, yes or random"
95}
96
97# valid_shells
98#	Outputs a list of valid shells from /etc/shells. Only the
99#	basename of the shell is output.
100#
101valid_shells() {
102	_prefix=
103	cat ${ETCSHELLS} |
104	while read _path _junk ; do
105		case $_path in
106		\#*|'')
107			;;
108		*)
109			echo -n "${_prefix}`basename $_path`"
110			_prefix=' '
111			;;
112		esac
113	done
114}
115
116# fullpath_from_shell shell
117#	Given $shell, the basename component of a valid shell, get the
118#	full path to the shell from the /etc/shells file.
119#
120fullpath_from_shell() {
121	_shell=$1
122	[ -z "$_shell" ] && return 1
123
124	cat ${ETCSHELLS} |
125	while read _path _junk ; do
126		case "$_path" in
127		\#*|'')
128			;;
129		*)
130			if [ "`basename $_path`" = "$_shell" ]; then
131				echo $_path
132				return 0
133			fi
134			;;
135		esac
136	done
137	return 1
138}
139
140# save_config
141#	Save some variables to a configuration file.
142#	Note: not all script variables are saved, only those that
143#	      it makes sense to save.
144#
145save_config() {
146	echo "# Configuration file for adduser(8)."     >  ${ADDUSERCONF}
147	echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
148	echo "# Last Modified on `${DATECMD}`."		>> ${ADDUSERCONF}
149	echo ''				>> ${ADDUSERCONF}
150	echo "defaultclass=$uclass"	>> ${ADDUSERCONF}
151	echo "defaultgroups=$ugroups"	>> ${ADDUSERCONF}
152	echo "passwdtype=$passwdtype" 	>> ${ADDUSERCONF}
153	echo "homeprefix=$homeprefix" 	>> ${ADDUSERCONF}
154	echo "defaultshell=$ushell"	>> ${ADDUSERCONF}
155	echo "udotdir=$udotdir"		>> ${ADDUSERCONF}
156	echo "msgfile=$msgfile"		>> ${ADDUSERCONF}
157	echo "disableflag=$disableflag" >> ${ADDUSERCONF}
158}
159
160# add_user
161#	Add a user to the user database. If the user chose to send a welcome
162#	message or lock the account, do so.
163#
164add_user() {
165
166	# Is this a configuration run? If so, don't modify user database.
167	#
168	if [ -n "$configflag" ]; then
169		save_config
170		return
171	fi
172
173	_uid=
174	_name=
175	_comment=
176	_gecos=
177	_home=
178	_group=
179	_grouplist=
180	_shell=
181	_class=
182	_dotdir=
183	_expire=
184	_pwexpire=
185	_passwd=
186	_upasswd=
187	_passwdmethod=
188
189	_name="-n '$username'"
190	[ -n "$uuid" ] && _uid="-u '$uuid'"
191	[ -n "$ulogingroup" ] && _group="-g '$ulogingroup'"
192	[ -n "$ugroups" ] && _grouplist="-G '$ugroups'"
193	[ -n "$ushell" ] && _shell="-s '$ushell'"
194	[ -n "$uhome" ] && _home="-m -d '$uhome'"
195	[ -n "$uclass" ] && _class="-L '$uclass'"
196	[ -n "$ugecos" ] && _comment="-c '$ugecos'"
197	[ -n "$udotdir" ] && _dotdir="-k '$udotdir'"
198	[ -n "$uexpire" ] && _expire="-e '$uexpire'"
199	[ -n "$upwexpire" ] && _pwexpire="-p '$upwexpire'"
200	case $passwdtype in
201	no)
202		_passwdmethod="-w no"
203		_passwd="-h -"
204		;;
205	yes)
206		_passwdmethod="-w yes"
207		_passwd="-h 0"
208		_upasswd="echo '$upass' |"
209		;;
210	none)
211		_passwdmethod="-w none"
212		;;
213	random)
214		_passwdmethod="-w random"
215		;;
216	esac
217
218	_pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
219	_pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
220	_pwcmd="$_pwcmd $_expire $_pwexpire"
221
222	if ! _output=`eval $_pwcmd` ; then
223		err "There was an error adding user ($username)."
224		return 1
225	else
226		info "Successfully added ($username) to the user database."
227		if [ "random" = "$passwdtype" ]; then
228			randompass="$_output"
229			info "Password for ($username) is: $randompass"
230		fi
231	fi
232
233	if [ -n "$disableflag" ]; then
234		if ${PWCMD} lock $username ; then
235			info "Account ($username) is locked."
236		else
237			info "Account ($username) could NOT be locked."
238		fi
239	fi
240
241	_line=
242	_owner=
243	_perms=
244	if [ -n "$msgflag" ]; then
245		[ -r "$msgfile" ] && {
246			# We're evaluating the contents of an external file.
247			# Let's not open ourselves up for attack. _perms will
248			# be empty if it's writeable only by the owner. _owner
249			# will *NOT* be empty if the file is owned by root.
250			#
251			_dir="`dirname $msgfile`"
252			_file="`basename $msgfile`"
253			_perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
254			_owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
255			if [ -z "$_owner" -o -n "$_perms" ]; then
256				err "The message file ($msgfile) may be writeable only by root."
257				return 1
258			fi
259			cat "$msgfile" |
260			while read _line ; do
261				eval echo "$_line"
262			done | ${MAILCMD} -s"Welcome" ${username}
263			info "Sent welcome message to ($username)."
264		}
265	fi
266}
267
268# get_user
269#	Reads username of the account from standard input or from a global
270#	variable containing an account line from a file. The username is
271#	required. If this is an interactive session it will prompt in
272#	a loop until a username is entered. If it is batch processing from
273#	a file it will output an error message and return to the caller.
274#
275get_user() {
276	_input=
277
278	# No need to take down user names if this is a configuration saving run.
279	[ -n "$configflag" ] && return
280
281	while : ; do
282		if [ -z "$fflag" ]; then
283			echo -n "Username: "
284			read _input
285		else
286			_input="`echo "$fileline" | cut -f1 -d:`"
287		fi
288
289		# There *must* be a username. If this is an interactive
290		# session give the user an opportunity to retry.
291		#
292		if [ -z "$_input" ]; then
293			err "You must enter a username!"
294			[ -z "$fflag" ] && continue
295		fi
296		break
297	done
298	username="$_input"
299}
300
301# get_gecos
302#	Reads extra information about the user. Can be used both in interactive
303#	and batch (from file) mode.
304#
305get_gecos() {
306	_input=
307
308	# No need to take down additional user information for a configuration run.
309	[ -n "$configflag" ] && return
310
311	if [ -z "$fflag" ]; then
312		echo -n "Full name: "
313		read _input
314	else
315		_input="`echo "$fileline" | cut -f7 -d:`"
316	fi
317	ugecos="$_input"
318}
319
320# get_shell
321#	Get the account's shell. Works in interactive and batch mode. It
322#	accepts only the base name of the shell, NOT the full path.
323#	If an invalid shell is entered it will simply use the default shell.
324#
325get_shell() {
326	_input=
327	_fullpath=
328	ushell="$defaultshell"
329
330	# Make sure the current value of the shell is a valid one
331	_shellchk="${GREPCMD} '^$ushell$' ${ETCSHELLS} > /dev/null 2>&1"
332	eval $_shellchk || {
333		err "Invalid shell ($ushell). Using default shell ${defaultshell}."
334		ushell="$defaultshell"
335	}
336
337	if [ -z "$fflag" ]; then
338		echo -n "Shell ($shells) [`basename $ushell`]: "
339		read _input
340	else
341		_input="`echo "$fileline" | cut -f9 -d:`"
342	fi
343	if [ -n "$_input" ]; then
344		_fullpath=`fullpath_from_shell $_input`
345		if [ -n "$_fullpath" ]; then
346			ushell="$_fullpath"
347		else
348			err "Invalid shell selection. Using default shell ${defaultshell}."
349			ushell="$defaultshell"
350		fi
351	fi
352}
353
354# get_homedir
355#	Reads the account's home directory. Used both with interactive input
356#	and batch input.
357#
358get_homedir() {
359	_input=
360	if [ -z "$fflag" ]; then
361		echo -n "Home directory [${homeprefix}/${username}]: "
362		read _input
363	else
364		_input="`echo "$fileline" | cut -f8 -d:`"
365	fi
366
367	if [ -n "$_input" ]; then
368		uhome="$_input"
369		# if this is a configuration run, then user input is the home
370		# directory prefix. Otherwise it is understood to
371		# be $prefix/$user
372		#
373		[ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
374	else
375		uhome="${homeprefix}/${username}"
376	fi
377}
378
379# get_uid
380#	Reads a numeric userid in an interactive or batch session. Automatically
381#	allocates one if it is not specified.
382#
383get_uid() {
384	uuid=${uidstart}
385	_input=
386	_prompt=
387
388	# No need to take down uids for a configuration saving run.
389	[ -n "$configflag" ] && return
390
391	if [ -n "$uuid" ]; then
392		_prompt="Uid [$uuid]: "
393	else
394		_prompt="Uid (Leave empty for default): "
395	fi
396	if [ -z "$fflag" ]; then
397		echo -n "$_prompt"
398		read _input
399	else
400		_input="`echo "$fileline" | cut -f2 -d:`"
401	fi
402
403	[ -n "$_input" ] && uuid=$_input
404	uuid=`get_nextuid $uuid`
405	uidstart=$uuid
406}
407
408# get_class
409#	Reads login class of account. Can be used in interactive or batch mode.
410#
411get_class() {
412	uclass="$defaultclass"
413	_input=
414	_class=${uclass:-"default"}
415
416	if [ -z "$fflag" ]; then
417		echo -n "Login class [$_class]: "
418		read _input
419	else
420		_input="`echo "$fileline" | cut -f4 -d:`"
421	fi
422
423	[ -n "$_input" ] && uclass="$_input"
424}
425
426# get_logingroup
427#	Reads user's login group. Can be used in both interactive and batch
428#	modes. The specified value can be a group name or its numeric id.
429#	This routine leaves the field blank if nothing is provided. The pw(8)
430#	command will then provide a login group with the same name as the username.
431#
432get_logingroup() {
433	ulogingroup=
434	_input=
435
436	# No need to take down a login group for a configuration saving run.
437	[ -n "$configflag" ] && return
438
439	if [ -z "$fflag" ]; then
440		echo -n "Login group [$username]: "
441		read _input
442	else
443		_input="`echo "$fileline" | cut -f3 -d:`"
444	fi
445
446	# Pw(8) will use the username as login group if it's left empty
447	[ -n "$_input" ] && ulogingroup="$_input" || ulogingroup=
448}
449
450# get_groups
451#	Read additional groups for the user. It can be used in both interactive
452#	and batch modes.
453#
454get_groups() {
455	ugroups="$defaultgroups"
456	_input=
457	_group=${ulogingroup:-"${username}"}
458
459	if [ -z "$configflag" ]; then
460		[ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
461		[ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
462	else
463		[ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
464	fi
465	read _input
466
467	[ -n "$_input" ] && ugroups="$_input"
468}
469
470# get_expire_dates
471#	Read expiry information for the account and also for the password. This
472#	routine is used only from batch processing mode.
473#
474get_expire_dates() {
475	upwexpire="`echo "$fileline" | cut -f5 -d:`"
476	uexpire="`echo "$fileline" | cut -f6 -d:`"
477}
478
479# get_password
480#	Read the password in batch processing mode. The password field matters
481#	only when the password type is "yes" or "random". If the field is empty and the
482#	password type is "yes", then it assumes the account has an empty passsword
483#	and changes the password type accordingly. If the password type is "random"
484#	and the password field is NOT empty, then it assumes the account will NOT
485#	have a random password and set passwdtype to "yes."
486#
487get_password() {
488	# We may temporarily change a password type. Make sure it's changed
489	# back to whatever it was before we process the next account.
490	#
491	[ -n "$savedpwtype" ] && {
492		passwdtype=$savedpwtype
493		savedpwtype=
494	}
495
496	# There may be a ':' in the password
497	upass=${fileline#*:*:*:*:*:*:*:*:*:}
498
499	if [ -z "$upass" ]; then
500		case $passwdtype in
501		yes)
502			# if it's empty, assume an empty password
503			passwdtype=none
504			savedpwtype=yes
505			;;
506		esac
507	else
508		case $passwdtype in
509		random)
510			passwdtype=yes
511			savedpwtype=random
512			;;
513		esac
514	fi
515}
516
517# input_from_file
518#	Reads a line of account information from standard input and
519#	adds it to the user database.
520#
521input_from_file() {
522	_field=
523
524	while read fileline ; do
525		case "$fileline" in
526		\#*|'')
527			return 0
528			;;
529		esac
530
531		get_user || continue
532		get_gecos
533		get_uid
534		get_logingroup
535		get_class
536		get_shell
537		get_homedir
538		get_password
539		get_expire_dates
540
541		add_user
542	done
543}
544
545# input_interactive
546#	Prompts for user information interactively, and commits to
547#	the user database.
548#
549input_interactive() {
550
551	_disable=
552	_pass=
553	_passconfirm=
554	_random="no"
555	_emptypass="no"
556	_usepass="yes"
557	case $passwdtype in
558	none)
559		_emptypass="yes"
560		_usepass="yes"
561		;;
562	no)
563		_usepass="no"
564		;;
565	random)
566		_random="yes"
567		;;
568	esac
569
570	get_user
571	get_gecos
572	get_uid
573	get_logingroup
574	get_groups
575	get_class
576	get_shell
577	get_homedir
578
579	while : ; do
580		echo -n "Use password-based authentication? [$_usepass]: "
581		read _input
582		[ -z "$_input" ] && _input=$_usepass
583		case $_input in
584		[Nn][Oo]|[Nn])
585			passwdtype="no"
586			;;
587		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
588			while : ; do
589				echo -n "Use an empty password? (yes/no) [$_emptypass]: "
590				read _input
591				[ -n "$_input" ] && _emptypass=$_input
592				case $_emptypass in
593				[Nn][Oo]|[Nn])
594					echo -n "Use a random password? (yes/no) [$_random]: "
595					read _input
596					[ -n "$_input" ] && _random="$_input"
597					case $_random in
598					[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
599						passwdtype="random"
600						break
601						;;
602					esac
603					passwdtype="yes"
604					[ -n "$configrun" ] && break
605					trap 'stty echo; exit' 0 1 2 3 15
606					stty -echo
607					echo -n "Enter password: "
608					read upass
609					echo''
610					echo -n "Enter password again: "
611					read _passconfirm
612					echo ''
613					stty echo
614					# if user entered a blank password
615					# explicitly ask again.
616					[ -z "$upass" -a -z "$_passconfirm" ] \
617					    && continue
618					;;
619				[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
620					passwdtype="none"
621					break;
622					;;
623				*)
624					# invalid answer; repeat the loop
625					continue
626					;;
627				esac
628				if [ "$upass" != "$_passconfirm" ]; then
629					echo "Passwords did not match!"
630					continue
631				fi
632				break
633			done
634			;;
635		*)
636			# invalid answer; repeat loop
637			continue
638			;;
639		esac
640		break;
641	done
642	_disable=${disableflag:-"no"}
643	while : ; do
644		echo -n "Lock out the account after creation? [$_disable]: "
645		read _input
646		[ -z "$_input" ] && _input=$_disable
647		case $_input in
648		[Nn][Oo]|[Nn])
649			disableflag=
650			;;
651		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
652			disableflag=yes
653			;;
654		*)
655			# invalid answer; repeat loop
656			continue
657			;;
658		esac
659		break
660	done
661	
662	# Display the information we have so far and prompt to
663	# commit it.
664	#
665	_disable=${disableflag:-"no"}
666	[ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
667	case $passwdtype in
668	yes)
669		_pass='*****'
670		;;
671	no)
672		_pass='<disabled>'
673		;;
674	none)
675		_pass='<blank>'
676		;;
677	random)
678		_pass='<random>'
679		;;
680	esac
681	[ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
682	[ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
683	[ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
684	[ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
685	printf "%-10s : %s\n" "Class" "$uclass"
686	[ -z "$configflag" ] && printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
687	printf "%-10s : %s\n" "Home" "$uhome"
688	printf "%-10s : %s\n" "Shell" "$ushell"
689	printf "%-10s : %s\n" "Locked" "$_disable"
690	while : ; do
691		echo -n "OK? (yes/no): "
692		read _input
693		case $_input in
694		[Nn][Oo]|[Nn])
695			return 1
696			;;
697		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
698			add_user
699			;;
700		*)
701			continue
702			;;
703		esac
704		break
705	done
706	return 0
707}
708
709#### END SUBROUTINE DEFENITION ####
710
711THISCMD=`/usr/bin/basename $0`
712DEFAULTSHELL=/bin/sh
713ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
714PWCMD="${PWCMD:-/usr/sbin/pw}"
715MAILCMD="${MAILCMD:-mail}"
716ETCSHELLS="${ETCSHELLS:-/etc/shells}"
717GREPCMD="/usr/bin/grep"
718DATECMD="/bin/date"
719
720# Set default values
721#
722username=
723uuid=
724uidstart=
725ugecos=
726ulogingroup=
727uclass=
728uhome=
729upass=
730ushell=
731udotdir=/usr/share/skel
732ugroups=
733uexpire=
734upwexpire=
735shells="`valid_shells`"
736passwdtype="yes"
737msgfile=/etc/adduser.msg
738msgflag=
739quietflag=
740configflag=
741fflag=
742infile=
743disableflag=
744readconfig="yes"
745homeprefix="/home"
746randompass=
747fileline=
748savedpwtype=
749defaultclass=
750defaultgoups=
751defaultshell="${DEFAULTSHELL}"
752
753# Make sure the user running this program is root. This isn't a security
754# measure as much as it is a usefull method of reminding the user to
755# 'su -' before he/she wastes time entering data that won't be saved.
756#
757procowner=${procowner:-`/usr/bin/id -u`}
758if [ "$procowner" != "0" ]; then
759	err 'you must be the super-user (uid 0) to use this utility.'
760	exit 1
761fi
762
763# Overide from our conf file
764# Quickly go through the commandline line to see if we should read
765# from our configuration file. The actual parsing of the commandline
766# arguments happens after we read in our configuration file (commandline
767# should override configuration file).
768#
769for _i in $* ; do
770	if [ "$_i" = "-N" ]; then
771		readconfig=
772		break;
773	fi
774done
775if [ -n "$readconfig" ]; then
776	# On a long-lived system, the first time this script is run it
777	# will barf upon reading the configuration file for its perl predecessor.
778	if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
779		[ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
780	fi
781fi 
782
783# Proccess command-line options
784#
785for _switch ; do
786	case $_switch in
787	-L)
788		defaultclass="$2"
789		shift; shift
790		;;
791	-C)
792		configflag=yes
793		shift
794		;;
795	-E)
796		disableflag=yes
797		shift
798		;;
799	-k)
800		udotdir="$2"
801		shift; shift
802		;;
803	-f)
804		[ "$2" != "-" ] && infile="$2"
805		fflag=yes
806		shift; shift
807		;;
808	-G)
809		defaultgroups="$2"
810		shift; shift
811		;;
812	-h)
813		show_usage
814		exit 0
815		;;
816	-d)
817		homeprefix="$2"
818		shift; shift
819		;;
820	-m)
821		case "$2" in
822		[Nn][Oo])
823			msgflag=
824			;;
825		*)
826			msgflag=yes
827			msgfile="$2"
828			;;
829		esac
830		shift; shift
831		;;
832	-N)
833		readconfig=
834		shift
835		;;
836	-w)
837		case "$2" in
838		no|none|random|yes)
839			passwdtype=$2
840			;;
841		*)
842			show_usage
843			exit 1
844			;;
845		esac
846		shift; shift
847		;;
848	-q)
849		quietflag=yes
850		shift
851		;;
852	-s)
853		defaultshell="`fullpath_from_shell $2`"
854		shift; shift
855		;;
856	-u)
857		uidstart=$2
858		shift; shift
859		;;
860	esac
861done
862
863# If the -f switch was used, get input from a file. Otherwise,
864# this is an interactive session.
865#
866if [ -n "$fflag" ]; then
867	if [ -z "$infile" ]; then
868		input_from_file
869	elif [ -n "$infile" ]; then
870		if [ -r "$infile" ]; then
871			input_from_file < $infile
872		else
873			err "File ($infile) is unreadable or does not exist."
874		fi
875	fi
876else
877	input_interactive
878	while : ; do
879		echo -n "Add another user? (yes/no): "
880		read _input
881		case $_input in
882		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
883			uidstart=`get_nextuid $uidstart`
884			input_interactive
885			continue
886			;;
887		[Nn][Oo]|[Nn])
888			echo "Goodbye!"
889			;;
890		*)
891			continue
892			;;
893		esac
894		break
895	done
896fi
897