1/* vi: set sw=4 ts=4: */
2/*
3 * adduser - add users to /etc/passwd and /etc/shadow
4 *
5 * Copyright (C) 1999 by Lineo, inc. and John Beppu
6 * Copyright (C) 1999,2000,2001 by John Beppu <beppu@codepoet.org>
7 *
8 * Licensed under the GPL v2 or later, see the file LICENSE in this tarball.
9 */
10
11#include "libbb.h"
12
13#define OPT_DONT_SET_PASS  (1 << 4)
14#define OPT_DONT_MAKE_HOME (1 << 6)
15
16
17/* remix */
18/* EDR recoded such that the uid may be passed in *p */
19static int passwd_study(const char *filename, struct passwd *p)
20{
21	enum { min = 500, max = 65000 };
22	FILE *passwd;
23	/* We are using reentrant fgetpwent_r() in order to avoid
24	 * pulling in static buffers from libc (think static build here) */
25	char buffer[256];
26	struct passwd pw;
27	struct passwd *result;
28
29	passwd = xfopen(filename, "r");
30
31	/* EDR if uid is out of bounds, set to min */
32	if ((p->pw_uid > max) || (p->pw_uid < min))
33		p->pw_uid = min;
34
35	/* stuff to do:
36	 * make sure login isn't taken;
37	 * find free uid and gid;
38	 */
39	while (!fgetpwent_r(passwd, &pw, buffer, sizeof(buffer), &result)) {
40		if (strcmp(pw.pw_name, p->pw_name) == 0) {
41			/* return 0; */
42			return 1;
43		}
44		if ((pw.pw_uid >= p->pw_uid) && (pw.pw_uid < max)
45			&& (pw.pw_uid >= min)) {
46			p->pw_uid = pw.pw_uid + 1;
47		}
48	}
49
50	if (p->pw_gid == 0) {
51		/* EDR check for an already existing gid */
52		while (getgrgid(p->pw_uid) != NULL)
53			p->pw_uid++;
54
55		/* EDR also check for an existing group definition */
56		if (getgrnam(p->pw_name) != NULL)
57			return 3;
58
59		/* EDR create new gid always = uid */
60		p->pw_gid = p->pw_uid;
61	}
62
63	/* EDR bounds check */
64	if ((p->pw_uid > max) || (p->pw_uid < min))
65		return 2;
66
67	/* return 1; */
68	return 0;
69}
70
71static void addgroup_wrapper(struct passwd *p)
72{
73	char *cmd;
74
75	cmd = xasprintf("addgroup -g %d \"%s\"", p->pw_gid, p->pw_name);
76	system(cmd);
77	free(cmd);
78}
79
80static void passwd_wrapper(const char *login) ATTRIBUTE_NORETURN;
81
82static void passwd_wrapper(const char *login)
83{
84	static const char prog[] ALIGN1 = "passwd";
85
86	BB_EXECLP(prog, prog, login, NULL);
87	bb_error_msg_and_die("failed to execute '%s', you must set the password for '%s' manually", prog, login);
88}
89
90/* putpwent(3) remix */
91static int adduser(struct passwd *p)
92{
93	FILE *file;
94	int addgroup = !p->pw_gid;
95
96	/* make sure everything is kosher and setup uid && gid */
97	file = xfopen(bb_path_passwd_file, "a");
98	fseek(file, 0, SEEK_END);
99
100	switch (passwd_study(bb_path_passwd_file, p)) {
101		case 1:
102			bb_error_msg_and_die("%s: login already in use", p->pw_name);
103		case 2:
104			bb_error_msg_and_die("illegal uid or no uids left");
105		case 3:
106			bb_error_msg_and_die("%s: group name already in use", p->pw_name);
107	}
108
109	/* add to passwd */
110	if (putpwent(p, file) == -1) {
111		bb_perror_nomsg_and_die();
112	}
113	/* Do fclose even if !ENABLE_FEATURE_CLEAN_UP.
114	 * We will exec passwd, files must be flushed & closed before that! */
115	fclose(file);
116
117#if ENABLE_FEATURE_SHADOWPASSWDS
118	/* add to shadow if necessary */
119	file = fopen_or_warn(bb_path_shadow_file, "a");
120	if (file) {
121		fseek(file, 0, SEEK_END);
122		fprintf(file, "%s:!:%ld:%d:%d:%d:::\n",
123				p->pw_name,             /* username */
124				time(NULL) / 86400,     /* sp->sp_lstchg */
125				0,                      /* sp->sp_min */
126				99999,                  /* sp->sp_max */
127				7);                     /* sp->sp_warn */
128		fclose(file);
129	}
130#endif
131
132	/* add to group */
133	/* addgroup should be responsible for dealing w/ gshadow */
134	/* if using a pre-existing group, don't create one */
135	if (addgroup) addgroup_wrapper(p);
136
137	/* Clear the umask for this process so it doesn't
138	 * screw up the permissions on the mkdir and chown. */
139	umask(0);
140	if (!(option_mask32 & OPT_DONT_MAKE_HOME)) {
141		/* Set the owner and group so it is owned by the new user,
142		   then fix up the permissions to 2755. Can't do it before
143		   since chown will clear the setgid bit */
144		if (mkdir(p->pw_dir, 0755)
145		|| chown(p->pw_dir, p->pw_uid, p->pw_gid)
146		|| chmod(p->pw_dir, 02755)) {
147			bb_perror_msg("%s", p->pw_dir);
148		}
149	}
150
151	if (!(option_mask32 & OPT_DONT_SET_PASS)) {
152		/* interactively set passwd */
153		passwd_wrapper(p->pw_name);
154	}
155
156	return 0;
157}
158
159/*
160 * adduser will take a login_name as its first parameter.
161 *
162 * home
163 * shell
164 * gecos
165 *
166 * can be customized via command-line parameters.
167 */
168int adduser_main(int argc, char **argv);
169int adduser_main(int argc, char **argv)
170{
171	struct passwd pw;
172	const char *usegroup = NULL;
173
174	/* got root? */
175	if (geteuid()) {
176		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
177	}
178
179	pw.pw_gecos = (char *)"Linux User,,,";
180	pw.pw_shell = (char *)DEFAULT_SHELL;
181	pw.pw_dir = NULL;
182
183	/* exactly one non-option arg */
184	opt_complementary = "=1";
185	getopt32(argv, "h:g:s:G:DSH", &pw.pw_dir, &pw.pw_gecos, &pw.pw_shell, &usegroup);
186	argv += optind;
187
188	/* create a passwd struct */
189	pw.pw_name = argv[0];
190	if (!pw.pw_dir) {
191		/* create string for $HOME if not specified already */
192		pw.pw_dir = xasprintf("/home/%s", argv[0]);
193	}
194	pw.pw_passwd = (char *)"x";
195	pw.pw_uid = 0;
196	pw.pw_gid = usegroup ? xgroup2gid(usegroup) : 0; /* exits on failure */
197
198	/* grand finale */
199	return adduser(&pw);
200}
201