adduser change: telling you when a group isn't there
Adrian Chadd
Hi,
The adduser in -current doesn't check if a specified group exists until
the call to pw right at the end. eep.
My sh foo isn't terribly great, but this did it for me.
Comments/rewrites are welcome. I'll commit the group consensus.
Adrian
diff:
--- /usr/src/usr.sbin/adduser/adduser.sh Fri Jan 24 02:05:51 2003
+++ adduser.sh Fri Feb 7 08:04:15 2003
@@ -47,6 +47,16 @@
fi
}
+# Check whether the given group exists
+check_group() {
+ ${PWCMD} show group $1 1> /dev/null 2> /dev/null
+ if [ "$?" = "0" ]; then
+ echo "1"
+ return
+ fi
+ echo "0"
+}
+
# get_nextuid
# Output the value of $_uid if it is available for use. If it
# is not, output the value of the next higher uid that is available.
@@ -570,8 +580,31 @@
get_user
get_gecos
get_uid
- get_logingroup
- get_groups
+ ok="NO"
+
+ # The code creates a group = $user if one doesn't exist.
+ # We are just going to capture other non-existant groups!
+ while [ "$ok" = "NO" ] ; do
+ ok="YES"
+ get_logingroup
+ if [ "$ulogingroup" != "" -a "$username" != "$ulogingroup" -a "`check_group $ulogingroup`" = "0" ]; then
+ echo "Group $ulogingroup does not exist!"
+ ok="NO"
+ fi
+ done
+
+ ok="NO"
+ while [ "$ok" = "NO" ] ; do
+ ok="YES"
+ get_groups
+ for i in $ugroups; do
+ if [ "$username" != "$i" -a "`check_group $i`" = "0" ]; then
+ echo "Group $i does not exist!"
+ ok="NO"
+ fi
+ done
+ done
+
get_class
get_shell
get_homedir
To Unsubscribe: send mail to majo...@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Giorgos Keramidas
> Hi,
> The adduser in -current doesn't check if a specified group exists
> until the call to pw right at the end. eep.
>
> My sh foo isn't terribly great, but this did it for me.
>
> Comments/rewrites are welcome. I'll commit the group consensus.
Hmmm, looking at it now, I see this part:
get_groups() {
ugroups="$defaultgroups"
_input=
_group=${ulogingroup:-"${username}"}
# ...
read _input
[ -n "$_input" ] && ugroups="$_input"
}
It doesn't need to ( read as "should not" ) check for all the groups
involved, since when the group is the same as the username, it's
obvious that it will probably not exist. But if it already does, is
it an error? I think not, since one might want to create many users
who share the same group.
What do you all think about the following patch then?
---8<--- cut here ---8<--- cut here ---8<--- cut here ---8<--- cut here ---
Index: adduser.sh
===================================================================
RCS file: /home/ncvs/src/usr.sbin/adduser/adduser.sh,v
retrieving revision 1.9
diff -u -r1.9 adduser.sh
--- adduser.sh 24 Jan 2003 02:05:51 -0000 1.9
+++ adduser.sh 8 Feb 2003 05:41:06 -0000
@@ -464,7 +464,12 @@
fi
read _input
- [ -n "$_input" ] && ugroups="$_input"
+ if [ -n "$_input" ] ; then
+ for tmpgroup in ${_input} ;do
+ grep -q "^${tmpgroup}:" /etc/group && \
+ ugroups="$_input"
+ fi
+ fi
}
# get_expire_dates
---8<--- cut here ---8<--- cut here ---8<--- cut here ---8<--- cut here ---
Adrian Chadd
> It doesn't need to ( read as "should not" ) check for all the groups
> involved, since when the group is the same as the username, it's
> obvious that it will probably not exist. But if it already does, is
> it an error? I think not, since one might want to create many users
> who share the same group.
>
> What do you all think about the following patch then?
[snip patch]
I used pw to try and avoid directly hitting up file contents in case
the admin has done something whacky in the nsswitch stakes.
Everything else in adduser.sh uses pw AFAICT.
Adrian