adduser.sh revision 116627
1#!/bin/sh 2# 3# Copyright (c) 2002, 2003 Michael Telahun Makonnen. All rights reserved. 4# 5# Redistribution and use in source and binary forms, with or without 6# modification, are permitted provided that the following conditions 7# are met: 8# 1. Redistributions of source code must retain the above copyright 9# notice, this list of conditions and the following disclaimer. 10# 2. Redistributions in binary form must reproduce the above copyright 11# notice, this list of conditions and the following disclaimer in the 12# documentation and/or other materials provided with the distribution. 13# 14# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 15# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 16# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 17# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 18# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 19# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 20# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 21# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 22# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 23# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 24# 25# Email: Mike Makonnen <mtm@FreeBSD.Org> 26# 27# $FreeBSD: head/usr.sbin/adduser/adduser.sh 116627 2003-06-20 19:23:55Z mtm $ 28# 29 30# err msg 31# Display $msg on stderr, unless we're being quiet. 32# 33err() { 34 if [ -z "$quietflag" ]; then 35 echo 1>&2 ${THISCMD}: ERROR: $* 36 fi 37} 38 39# info msg 40# Display $msg on stdout, unless we're being quiet. 41# 42info() { 43 if [ -z "$quietflag" ]; then 44 echo ${THISCMD}: INFO: $* 45 fi 46} 47 48# get_nextuid 49# Output the value of $_uid if it is available for use. If it 50# is not, output the value of the next higher uid that is available. 51# If a uid is not specified, output the first available uid, as indicated 52# by pw(8). 53# 54get_nextuid () { 55 _uid=$1 56 _nextuid= 57 58 if [ -z "$_uid" ]; then 59 _nextuid="`${PWCMD} usernext | cut -f1 -d:`" 60 else 61 while : ; do 62 ${PWCMD} usershow $_uid > /dev/null 2>&1 63 if [ ! "$?" -eq 0 ]; then 64 _nextuid=$_uid 65 break 66 fi 67 _uid=$(($_uid + 1)) 68 done 69 fi 70 echo $_nextuid 71} 72 73# show_usage 74# Display usage information for this utility. 75# 76show_usage() { 77 echo "usage: ${THISCMD} [options]" 78 echo " options may include:" 79 echo " -C save to the configuration file only" 80 echo " -E disable this account after creation" 81 echo " -G additional groups to add accounts to" 82 echo " -L login class of the user" 83 echo " -N do not read configuration file" 84 echo " -d home directory" 85 echo " -f file from which input will be received" 86 echo " -g default login group" 87 echo " -h display this usage message" 88 echo " -k path to skeleton home directory" 89 echo " -m user welcome message file" 90 echo " -q absolute minimal user feedback" 91 echo " -s shell" 92 echo " -u uid to start at" 93 echo " -w password type: no, none, yes or random" 94} 95 96# valid_shells 97# Outputs a list of valid shells from /etc/shells. Only the 98# basename of the shell is output. 99# 100valid_shells() { 101 _prefix= 102 cat ${ETCSHELLS} | 103 while read _path _junk ; do 104 case $_path in 105 \#*|'') 106 ;; 107 *) 108 echo -n "${_prefix}`basename $_path`" 109 _prefix=' ' 110 ;; 111 esac 112 done 113 114 # /sbin/nologin is a special case 115 [ -x "${NOLOGIN_PATH}" ] && echo -n " ${NOLOGIN}" 116} 117 118# fullpath_from_shell shell 119# Given $shell, the basename component of a valid shell, get the 120# full path to the shell from the /etc/shells file. 121# 122fullpath_from_shell() { 123 _shell=$1 124 [ -z "$_shell" ] && return 1 125 126 cat ${ETCSHELLS} | 127 while read _path _junk ; do 128 case "$_path" in 129 \#*|'') 130 ;; 131 *) 132 if [ "`basename $_path`" = "$_shell" ]; then 133 echo $_path 134 return 0 135 fi 136 ;; 137 esac 138 done 139 140 # /sbin/nologin is a special case 141 if [ "$_shell" = "${NOLOGIN}" ]; then 142 echo ${NOLOGIN_PATH} 143 return 0; 144 fi 145 146 return 1 147} 148 149# shell_exists shell 150# If the given shell is listed in ${ETCSHELLS} or it is 151# the nologin shell this function will return 0. 152# Otherwise, it will return 1. If shell is valid but 153# the path is invalid or it is not executable it 154# will emit an informational message saying so. 155# 156shell_exists() 157{ 158 _sh="$1" 159 _shellchk="${GREPCMD} '^$_sh$' ${ETCSHELLS} > /dev/null 2>&1" 160 161 if ! eval $_shellchk; then 162 # The nologin shell is not listed in /etc/shells. 163 if [ "$_sh" != "${NOLOGIN_PATH}" ]; then 164 err "Invalid shell ($_sh) for user $username." 165 return 1 166 fi 167 fi 168 ! [ -x "$_sh" ] && 169 warn "The shell ($_sh) does not exist or is not executable." 170 171 return 0 172} 173 174# save_config 175# Save some variables to a configuration file. 176# Note: not all script variables are saved, only those that 177# it makes sense to save. 178# 179save_config() { 180 echo "# Configuration file for adduser(8)." > ${ADDUSERCONF} 181 echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF} 182 echo "# Last Modified on `${DATECMD}`." >> ${ADDUSERCONF} 183 echo '' >> ${ADDUSERCONF} 184 echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF} 185 echo "defaultclass=$uclass" >> ${ADDUSERCONF} 186 echo "defaultgroups=$ugroups" >> ${ADDUSERCONF} 187 echo "passwdtype=$passwdtype" >> ${ADDUSERCONF} 188 echo "homeprefix=$homeprefix" >> ${ADDUSERCONF} 189 echo "defaultshell=$ushell" >> ${ADDUSERCONF} 190 echo "udotdir=$udotdir" >> ${ADDUSERCONF} 191 echo "msgfile=$msgfile" >> ${ADDUSERCONF} 192 echo "disableflag=$disableflag" >> ${ADDUSERCONF} 193} 194 195# add_user 196# Add a user to the user database. If the user chose to send a welcome 197# message or lock the account, do so. 198# 199add_user() { 200 201 # Is this a configuration run? If so, don't modify user database. 202 # 203 if [ -n "$configflag" ]; then 204 save_config 205 return 206 fi 207 208 _uid= 209 _name= 210 _comment= 211 _gecos= 212 _home= 213 _group= 214 _grouplist= 215 _shell= 216 _class= 217 _dotdir= 218 _expire= 219 _pwexpire= 220 _passwd= 221 _upasswd= 222 _passwdmethod= 223 224 _name="-n '$username'" 225 [ -n "$uuid" ] && _uid='-u "$uuid"' 226 [ -n "$ulogingroup" ] && _group='-g "$ulogingroup"' 227 [ -n "$ugroups" ] && _grouplist='-G "$ugroups"' 228 [ -n "$ushell" ] && _shell='-s "$ushell"' 229 [ -n "$uhome" ] && _home='-m -d "$uhome"' 230 [ -n "$uclass" ] && _class='-L "$uclass"' 231 [ -n "$ugecos" ] && _comment='-c "$ugecos"' 232 [ -n "$udotdir" ] && _dotdir='-k "$udotdir"' 233 [ -n "$uexpire" ] && _expire='-e "$uexpire"' 234 [ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"' 235 case $passwdtype in 236 no) 237 _passwdmethod="-w no" 238 _passwd="-h -" 239 ;; 240 yes) 241 # Note on processing the password: The outer double quotes 242 # make literal everything except ` and \ and $. 243 # The outer single quotes make literal ` and $. 244 # We can ensure the \ isn't treated specially by specifying 245 # the -r switch to the read command used to obtain the input. 246 # 247 _passwdmethod="-w yes" 248 _passwd="-h 0" 249 _upasswd='echo "$upass" |' 250 ;; 251 none) 252 _passwdmethod="-w none" 253 ;; 254 random) 255 _passwdmethod="-w random" 256 ;; 257 esac 258 259 _pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment" 260 _pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd" 261 _pwcmd="$_pwcmd $_expire $_pwexpire" 262 263 if ! _output=`eval $_pwcmd` ; then 264 err "There was an error adding user ($username)." 265 return 1 266 else 267 info "Successfully added ($username) to the user database." 268 if [ "random" = "$passwdtype" ]; then 269 randompass="$_output" 270 info "Password for ($username) is: $randompass" 271 fi 272 fi 273 274 if [ -n "$disableflag" ]; then 275 if ${PWCMD} lock $username ; then 276 info "Account ($username) is locked." 277 else 278 info "Account ($username) could NOT be locked." 279 fi 280 fi 281 282 _line= 283 _owner= 284 _perms= 285 if [ -n "$msgflag" ]; then 286 [ -r "$msgfile" ] && { 287 # We're evaluating the contents of an external file. 288 # Let's not open ourselves up for attack. _perms will 289 # be empty if it's writeable only by the owner. _owner 290 # will *NOT* be empty if the file is owned by root. 291 # 292 _dir="`dirname $msgfile`" 293 _file="`basename $msgfile`" 294 _perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune` 295 _owner=`/usr/bin/find $_dir -name $_file -user 0 -prune` 296 if [ -z "$_owner" -o -n "$_perms" ]; then 297 err "The message file ($msgfile) may be writeable only by root." 298 return 1 299 fi 300 cat "$msgfile" | 301 while read _line ; do 302 eval echo "$_line" 303 done | ${MAILCMD} -s"Welcome" ${username} 304 info "Sent welcome message to ($username)." 305 } 306 fi 307} 308 309# get_user 310# Reads username of the account from standard input or from a global 311# variable containing an account line from a file. The username is 312# required. If this is an interactive session it will prompt in 313# a loop until a username is entered. If it is batch processing from 314# a file it will output an error message and return to the caller. 315# 316get_user() { 317 _input= 318 319 # No need to take down user names if this is a configuration saving run. 320 [ -n "$configflag" ] && return 321 322 while : ; do 323 if [ -z "$fflag" ]; then 324 echo -n "Username: " 325 read _input 326 else 327 _input="`echo "$fileline" | cut -f1 -d:`" 328 fi 329 330 # There *must* be a username. If this is an interactive 331 # session give the user an opportunity to retry. 332 # 333 if [ -z "$_input" ]; then 334 err "You must enter a username!" 335 [ -z "$fflag" ] && continue 336 fi 337 break 338 done 339 username="$_input" 340} 341 342# get_gecos 343# Reads extra information about the user. Can be used both in interactive 344# and batch (from file) mode. 345# 346get_gecos() { 347 _input= 348 349 # No need to take down additional user information for a configuration run. 350 [ -n "$configflag" ] && return 351 352 if [ -z "$fflag" ]; then 353 echo -n "Full name: " 354 read _input 355 else 356 _input="`echo "$fileline" | cut -f7 -d:`" 357 fi 358 ugecos="$_input" 359} 360 361# get_shell 362# Get the account's shell. Works in interactive and batch mode. It 363# accepts only the base name of the shell, NOT the full path. 364# If an invalid shell is entered it will simply use the default shell. 365# 366get_shell() { 367 _input= 368 _fullpath= 369 ushell="$defaultshell" 370 371 # Make sure the current value of the shell is a valid one 372 if ! shell_exists $ushell ; then 373 info "Using default shell ${defaultshell}." 374 ushell="$defaultshell" 375 fi 376 377 if [ -z "$fflag" ]; then 378 echo -n "Shell ($shells) [`basename $ushell`]: " 379 read _input 380 else 381 _input="`echo "$fileline" | cut -f9 -d:`" 382 fi 383 if [ -n "$_input" ]; then 384 _fullpath=`fullpath_from_shell $_input` 385 if [ -n "$_fullpath" ]; then 386 ushell="$_fullpath" 387 else 388 err "Invalid shell ($_input) for user $username." 389 info "Using default shell ${defaultshell}." 390 ushell="$defaultshell" 391 fi 392 fi 393} 394 395# get_homedir 396# Reads the account's home directory. Used both with interactive input 397# and batch input. 398# 399get_homedir() { 400 _input= 401 if [ -z "$fflag" ]; then 402 echo -n "Home directory [${homeprefix}/${username}]: " 403 read _input 404 else 405 _input="`echo "$fileline" | cut -f8 -d:`" 406 fi 407 408 if [ -n "$_input" ]; then 409 uhome="$_input" 410 # if this is a configuration run, then user input is the home 411 # directory prefix. Otherwise it is understood to 412 # be $prefix/$user 413 # 414 [ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome" 415 else 416 uhome="${homeprefix}/${username}" 417 fi 418} 419 420# get_uid 421# Reads a numeric userid in an interactive or batch session. Automatically 422# allocates one if it is not specified. 423# 424get_uid() { 425 uuid=${uidstart} 426 _input= 427 _prompt= 428 429 # No need to take down uids for a configuration saving run. 430 [ -n "$configflag" ] && return 431 432 if [ -n "$uuid" ]; then 433 _prompt="Uid [$uuid]: " 434 else 435 _prompt="Uid (Leave empty for default): " 436 fi 437 if [ -z "$fflag" ]; then 438 echo -n "$_prompt" 439 read _input 440 else 441 _input="`echo "$fileline" | cut -f2 -d:`" 442 fi 443 444 [ -n "$_input" ] && uuid=$_input 445 uuid=`get_nextuid $uuid` 446 uidstart=$uuid 447} 448 449# get_class 450# Reads login class of account. Can be used in interactive or batch mode. 451# 452get_class() { 453 uclass="$defaultclass" 454 _input= 455 _class=${uclass:-"default"} 456 457 if [ -z "$fflag" ]; then 458 echo -n "Login class [$_class]: " 459 read _input 460 else 461 _input="`echo "$fileline" | cut -f4 -d:`" 462 fi 463 464 [ -n "$_input" ] && uclass="$_input" 465} 466 467# get_logingroup 468# Reads user's login group. Can be used in both interactive and batch 469# modes. The specified value can be a group name or its numeric id. 470# This routine leaves the field blank if nothing is provided and 471# a default login group has not been set. The pw(8) command 472# will then provide a login group with the same name as the username. 473# 474get_logingroup() { 475 ulogingroup="$defaultLgroup" 476 _input= 477 478 if [ -z "$fflag" ]; then 479 echo -n "Login group [${ulogingroup:-$username}]: " 480 read _input 481 else 482 _input="`echo "$fileline" | cut -f3 -d:`" 483 fi 484 485 # Pw(8) will use the username as login group if it's left empty 486 [ -n "$_input" ] && ulogingroup="$_input" 487} 488 489# get_groups 490# Read additional groups for the user. It can be used in both interactive 491# and batch modes. 492# 493get_groups() { 494 ugroups="$defaultgroups" 495 _input= 496 _group=${ulogingroup:-"${username}"} 497 498 if [ -z "$configflag" ]; then 499 [ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username" 500 [ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: " 501 else 502 [ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: " 503 fi 504 read _input 505 506 [ -n "$_input" ] && ugroups="$_input" 507} 508 509# get_expire_dates 510# Read expiry information for the account and also for the password. This 511# routine is used only from batch processing mode. 512# 513get_expire_dates() { 514 upwexpire="`echo "$fileline" | cut -f5 -d:`" 515 uexpire="`echo "$fileline" | cut -f6 -d:`" 516} 517 518# get_password 519# Read the password in batch processing mode. The password field matters 520# only when the password type is "yes" or "random". If the field is empty and the 521# password type is "yes", then it assumes the account has an empty passsword 522# and changes the password type accordingly. If the password type is "random" 523# and the password field is NOT empty, then it assumes the account will NOT 524# have a random password and set passwdtype to "yes." 525# 526get_password() { 527 # We may temporarily change a password type. Make sure it's changed 528 # back to whatever it was before we process the next account. 529 # 530 [ -n "$savedpwtype" ] && { 531 passwdtype=$savedpwtype 532 savedpwtype= 533 } 534 535 # There may be a ':' in the password 536 upass=${fileline#*:*:*:*:*:*:*:*:*:} 537 538 if [ -z "$upass" ]; then 539 case $passwdtype in 540 yes) 541 # if it's empty, assume an empty password 542 passwdtype=none 543 savedpwtype=yes 544 ;; 545 esac 546 else 547 case $passwdtype in 548 random) 549 passwdtype=yes 550 savedpwtype=random 551 ;; 552 esac 553 fi 554} 555 556# input_from_file 557# Reads a line of account information from standard input and 558# adds it to the user database. 559# 560input_from_file() { 561 _field= 562 563 while read -r fileline ; do 564 case "$fileline" in 565 \#*|'') 566 return 0 567 ;; 568 esac 569 570 get_user || continue 571 get_gecos 572 get_uid 573 get_logingroup 574 get_class 575 get_shell 576 get_homedir 577 get_password 578 get_expire_dates 579 580 add_user 581 done 582} 583 584# input_interactive 585# Prompts for user information interactively, and commits to 586# the user database. 587# 588input_interactive() { 589 590 _disable= 591 _pass= 592 _passconfirm= 593 _random="no" 594 _emptypass="no" 595 _usepass="yes" 596 _logingroup_ok="no" 597 _groups_ok="no" 598 case $passwdtype in 599 none) 600 _emptypass="yes" 601 _usepass="yes" 602 ;; 603 no) 604 _usepass="no" 605 ;; 606 random) 607 _random="yes" 608 ;; 609 esac 610 611 get_user 612 get_gecos 613 get_uid 614 615 # The case where group = user is handled elsewhere, so 616 # validate any other groups the user is invited to. 617 until [ "$_logingroup_ok" = yes ]; do 618 get_logingroup 619 _logingroup_ok=yes 620 if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then 621 if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then 622 echo "Group $ulogingroup does not exist!" 623 _logingroup_ok=no 624 fi 625 fi 626 done 627 until [ "$_groups_ok" = yes ]; do 628 get_groups 629 _groups_ok=yes 630 for i in $ugroups; do 631 if [ "$username" != "$i" ]; then 632 if ! ${PWCMD} show group $i > /dev/null 2>&1; then 633 echo "Group $i does not exist!" 634 _groups_ok=no 635 fi 636 fi 637 done 638 done 639 640 get_class 641 get_shell 642 get_homedir 643 644 while : ; do 645 echo -n "Use password-based authentication? [$_usepass]: " 646 read _input 647 [ -z "$_input" ] && _input=$_usepass 648 case $_input in 649 [Nn][Oo]|[Nn]) 650 passwdtype="no" 651 ;; 652 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 653 while : ; do 654 echo -n "Use an empty password? (yes/no) [$_emptypass]: " 655 read _input 656 [ -n "$_input" ] && _emptypass=$_input 657 case $_emptypass in 658 [Nn][Oo]|[Nn]) 659 echo -n "Use a random password? (yes/no) [$_random]: " 660 read _input 661 [ -n "$_input" ] && _random="$_input" 662 case $_random in 663 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 664 passwdtype="random" 665 break 666 ;; 667 esac 668 passwdtype="yes" 669 [ -n "$configflag" ] && break 670 trap 'stty echo; exit' 0 1 2 3 15 671 stty -echo 672 echo -n "Enter password: " 673 read -r upass 674 echo'' 675 echo -n "Enter password again: " 676 read -r _passconfirm 677 echo '' 678 stty echo 679 # if user entered a blank password 680 # explicitly ask again. 681 [ -z "$upass" -a -z "$_passconfirm" ] \ 682 && continue 683 ;; 684 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 685 passwdtype="none" 686 break; 687 ;; 688 *) 689 # invalid answer; repeat the loop 690 continue 691 ;; 692 esac 693 if [ "$upass" != "$_passconfirm" ]; then 694 echo "Passwords did not match!" 695 continue 696 fi 697 break 698 done 699 ;; 700 *) 701 # invalid answer; repeat loop 702 continue 703 ;; 704 esac 705 break; 706 done 707 _disable=${disableflag:-"no"} 708 while : ; do 709 echo -n "Lock out the account after creation? [$_disable]: " 710 read _input 711 [ -z "$_input" ] && _input=$_disable 712 case $_input in 713 [Nn][Oo]|[Nn]) 714 disableflag= 715 ;; 716 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 717 disableflag=yes 718 ;; 719 *) 720 # invalid answer; repeat loop 721 continue 722 ;; 723 esac 724 break 725 done 726 727 # Display the information we have so far and prompt to 728 # commit it. 729 # 730 _disable=${disableflag:-"no"} 731 [ -z "$configflag" ] && printf "%-10s : %s\n" Username $username 732 case $passwdtype in 733 yes) 734 _pass='*****' 735 ;; 736 no) 737 _pass='<disabled>' 738 ;; 739 none) 740 _pass='<blank>' 741 ;; 742 random) 743 _pass='<random>' 744 ;; 745 esac 746 [ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass" 747 [ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype" 748 [ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos" 749 [ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid" 750 printf "%-10s : %s\n" "Class" "$uclass" 751 printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups" 752 printf "%-10s : %s\n" "Home" "$uhome" 753 printf "%-10s : %s\n" "Shell" "$ushell" 754 printf "%-10s : %s\n" "Locked" "$_disable" 755 while : ; do 756 echo -n "OK? (yes/no): " 757 read _input 758 case $_input in 759 [Nn][Oo]|[Nn]) 760 return 1 761 ;; 762 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 763 add_user 764 ;; 765 *) 766 continue 767 ;; 768 esac 769 break 770 done 771 return 0 772} 773 774#### END SUBROUTINE DEFENITION #### 775 776THISCMD=`/usr/bin/basename $0` 777DEFAULTSHELL=/bin/sh 778ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}" 779PWCMD="${PWCMD:-/usr/sbin/pw}" 780MAILCMD="${MAILCMD:-mail}" 781ETCSHELLS="${ETCSHELLS:-/etc/shells}" 782NOLOGIN="nologin" 783NOLOGIN_PATH="/sbin/nologin" 784GREPCMD="/usr/bin/grep" 785DATECMD="/bin/date" 786 787# Set default values 788# 789username= 790uuid= 791uidstart= 792ugecos= 793ulogingroup= 794uclass= 795uhome= 796upass= 797ushell= 798udotdir=/usr/share/skel 799ugroups= 800uexpire= 801upwexpire= 802shells="`valid_shells`" 803passwdtype="yes" 804msgfile=/etc/adduser.msg 805msgflag= 806quietflag= 807configflag= 808fflag= 809infile= 810disableflag= 811readconfig="yes" 812homeprefix="/home" 813randompass= 814fileline= 815savedpwtype= 816defaultclass= 817defaultLgroup= 818defaultgoups= 819defaultshell="${DEFAULTSHELL}" 820 821# Make sure the user running this program is root. This isn't a security 822# measure as much as it is a usefull method of reminding the user to 823# 'su -' before he/she wastes time entering data that won't be saved. 824# 825procowner=${procowner:-`/usr/bin/id -u`} 826if [ "$procowner" != "0" ]; then 827 err 'you must be the super-user (uid 0) to use this utility.' 828 exit 1 829fi 830 831# Overide from our conf file 832# Quickly go through the commandline line to see if we should read 833# from our configuration file. The actual parsing of the commandline 834# arguments happens after we read in our configuration file (commandline 835# should override configuration file). 836# 837for _i in $* ; do 838 if [ "$_i" = "-N" ]; then 839 readconfig= 840 break; 841 fi 842done 843if [ -n "$readconfig" ]; then 844 # On a long-lived system, the first time this script is run it 845 # will barf upon reading the configuration file for its perl predecessor. 846 if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then 847 [ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1 848 fi 849fi 850 851# Proccess command-line options 852# 853for _switch ; do 854 case $_switch in 855 -L) 856 defaultclass="$2" 857 shift; shift 858 ;; 859 -C) 860 configflag=yes 861 shift 862 ;; 863 -E) 864 disableflag=yes 865 shift 866 ;; 867 -k) 868 udotdir="$2" 869 shift; shift 870 ;; 871 -f) 872 [ "$2" != "-" ] && infile="$2" 873 fflag=yes 874 shift; shift 875 ;; 876 -g) 877 defaultLgroup="$2" 878 shift; shift 879 ;; 880 -G) 881 defaultgroups="$2" 882 shift; shift 883 ;; 884 -h) 885 show_usage 886 exit 0 887 ;; 888 -d) 889 homeprefix="$2" 890 shift; shift 891 ;; 892 -m) 893 case "$2" in 894 [Nn][Oo]) 895 msgflag= 896 ;; 897 *) 898 msgflag=yes 899 msgfile="$2" 900 ;; 901 esac 902 shift; shift 903 ;; 904 -N) 905 readconfig= 906 shift 907 ;; 908 -w) 909 case "$2" in 910 no|none|random|yes) 911 passwdtype=$2 912 ;; 913 *) 914 show_usage 915 exit 1 916 ;; 917 esac 918 shift; shift 919 ;; 920 -q) 921 quietflag=yes 922 shift 923 ;; 924 -s) 925 defaultshell="`fullpath_from_shell $2`" 926 shift; shift 927 ;; 928 -u) 929 uidstart=$2 930 shift; shift 931 ;; 932 esac 933done 934 935# If the -f switch was used, get input from a file. Otherwise, 936# this is an interactive session. 937# 938if [ -n "$fflag" ]; then 939 if [ -z "$infile" ]; then 940 input_from_file 941 elif [ -n "$infile" ]; then 942 if [ -r "$infile" ]; then 943 input_from_file < $infile 944 else 945 err "File ($infile) is unreadable or does not exist." 946 fi 947 fi 948else 949 input_interactive 950 while : ; do 951 if [ -z "$configflag" ]; then 952 echo -n "Add another user? (yes/no): " 953 else 954 echo -n "Re-edit the default configuration? (yes/no): " 955 fi 956 read _input 957 case $_input in 958 [Yy][Ee][Ss]|[Yy][Ee]|[Yy]) 959 uidstart=`get_nextuid $uidstart` 960 input_interactive 961 continue 962 ;; 963 [Nn][Oo]|[Nn]) 964 echo "Goodbye!" 965 ;; 966 *) 967 continue 968 ;; 969 esac 970 break 971 done 972fi 973