Re: new adduser - please test

To: debian-devel@pixar.com
Subject: Re: new adduser - please test
From: iwj10@cus.cam.ac.uk (Ian Jackson)
Date: Sun, 27 Mar 94 14:51 PST
Message-id: <[🔎] m0pl3dX-0009kvC@mongo.pixar.com>
Reply-to: iwj10@cus.cam.ac.uk
Ian Murdock writes:
> Appended are the files /usr/sbin/adduser and /etc/default/adduser from
> Debian 0.92.  I have just updated adduser in several ways, including
> support for the project group idea.  I have not had much time to test
> it (I'm working the 11-8 weekend shift now... :/).  I need to know how
> well it works, so please test it thoroughly and let me know how it can
> be improved.  Feel free to improve it yourself and mail me your
> changes.

I've tested it and it appears to work.  However, I think a few changes
in order.  Enclosed below is a unidiff to adduser and a new
adduser.conf file.

Ian.


Changes:

* I've renamed the METHOD variable, with values "project" and
"default", to a USERGROUPS variable, with values "yes" and "no".

* I've made user private groups the default.  See my earlier message
for why this is a Good Thing.  Please can this be the default, it's
just going to cause problems for people if it isn't, especially now
that we have a `staff'-writeable /usr/local (people will be added to
the staff group but won't have a group created for them and their
umask changed, or worse have their umask changed without getting their
own group ...).

* According to the latest FSSTND practice, /etc/default is a Bad
Thing.  I've therefore changed things to use /etc/adduser.conf
instead.

* I've added `set -e' to the top of adduser.

* There is no need to create the user's mailbox - the mail transport
software does that.  In fact, some mailreaders (Emacs, for example)
delete empty mailboxes when they have taken the mail out of them.

* I've fixed the code that massages the dotfiles for the umask change
to work with other umasks than 022.  Any umask 0nn will be changed to
00n; anything else will be left unchanged.  I've also changed it to
use a loop instead of three copies of the same code.  I'm not sure why
bashrc is mentioned there - it shouldn't be necessary, but I've left
it in anyway.

* The /etc/adduser.conf file's comments are more informative.


Remaining bugs/misfeatures:

* My Debian 0.91 system doesn't appear to have chfn.

* The passwd program is too fascist for some people's tastes, I'm
sure, and is impossible to interrupt !

* The /etc/passwd file locking has a race condition.  Unfortunately
this requires the link command to fix properly, and Linux doesn't
appear to have link.


====== patch to adduser:

--- adduser.orig	Sun Mar 27 20:28:53 1994
+++ adduser	Sun Mar 27 21:12:25 1994
@@ -19,6 +19,8 @@
 #    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
 #
 
+set -e
+
 # Everything happens too fast, so don't let the user interrupt.  We
 # certainly don't want a half-done job.
 trap "" 1 2 3 15
@@ -37,16 +39,16 @@
 				# Is there a ``standard'' method of locking the
 				# group file?
 
-DEFAULTS="/etc/default/adduser"
+DEFAULTS="/etc/adduser.conf"
 
-# This is a bit tricky.  If method is "default" and there are no users in the
+# This is a bit tricky.  If USERGROUPS is "yes" and there are no users in the
 # default group, then add the user to the group in $GROUP without a leading
 # comma.  If there are, then add the user to the group in $GROUP preceded by
 # a comma.  If method is "project", then simply create the new group and add
 # the user to it.
 add_to_group()
 {
-	if [ $METHOD = "default" ]; then
+	if [ $USERGROUPS = "no" ]; then
 	 # First of all, determine the name of the group.
 	 GROUP_NUM=$1
 	 GROUP_NAME=`grep "::$GROUP_NUM:" $GROUP | cut -f 1 -d ":"`
@@ -75,8 +77,7 @@
 	DSHELL="/bin/bash"
 	DHOME="/home"
 	SKEL="/etc/skel"
-	SPOOL="/var/spool/mail"
-	METHOD="default"
+	USERGROUPS="yes"
 	FIRST_UID=1000
 	USERS_GID=1000
 }
@@ -101,6 +102,8 @@
 
 # Okay, we can.
 cp $PASSWD $PLOCK
+# Damn! We don't have link(1) (or is it link(8)?), so we'll
+# have to live with the race condition - iwj
 
 # And now the program begins.
 if [ -f $DEFAULTS ]; then
@@ -115,15 +118,13 @@
 if [ $NUID -lt $FIRST_UID ]; then
 	NUID=$FIRST_UID
 fi
-if [ $METHOD = "default" ]; then
+if [ $USERGROUPS = "no" ]; then
 	NGID=$USERS_GID
+elif [ $USERGROUPS = "yes" ]; then
+	NGID=$NUID
 else
-	if [ $METHOD = "project" ]; then
-		NGID=$NUID
-	else
-		echo -e "\n$0: unknown method \`$METHOD'."
-		rm -f $PLOCK ; exit 1
-	fi
+	echo -e "\n$0: USERGROUPS should be \`yes' or \`no'; \`$METHOD' is unknown."
+	rm -f $PLOCK ; exit 1
 fi
 echo "done.  Using UID $NUID and GID $NGID."
 
@@ -150,20 +151,22 @@
 	echo -e "\n*** $DHOME/$LOGIN already exists!  Not copying files from $SKEL. ***"
 else
 	mkdir $DHOME/$LOGIN
-	if [ $METHOD = "project" ]; then
-		chmod 775 $DHOME/$LOGIN ; chown $NUID.$NGID $DHOME/$LOGIN
+	if [ "$USERGROUPS" = "yes" ]; then
+		chmod 2775 $DHOME/$LOGIN ; chown $NUID.$NGID $DHOME/$LOGIN
 	fi
-	cp -i $SKEL/.[a-z]* $SKEL/* $DHOME/$LOGIN >/dev/null 2>&1
-	if [ $METHOD = "project" ]; then
-		test -f $DHOME/$LOGIN/.bashrc && \
-		 ( sed "s/umask 022/umask 002/" $DHOME/$LOGIN/.bashrc > \
-		   /tmp/.bashrc ; mv /tmp/.bashrc $DHOME/$LOGIN/.bashrc )
-		test -f $DHOME/$LOGIN/.profile && \
-		 ( sed "s/umask 022/umask 002/" $DHOME/$LOGIN/.profile > \
-		   /tmp/.profile ; mv /tmp/.profile $DHOME/$LOGIN/.profile )
-		test -f $DHOME/$LOGIN/.login && \
-		 ( sed "s/umask 022/umask 002/" $DHOME/$LOGIN/.login > \
-		   /tmp/.login ; mv /tmp/.login $DHOME/$LOGIN/.login )
+	cp -i $SKEL/.[a-z]* $SKEL/* $DHOME/$LOGIN >/dev/null 2>&1 || true
+	if [ "$USERGROUPS" = "yes" ]; then
+		for dotfile in .bashrc .profile .login
+		do
+			if [ -f $DHOME/$LOGIN/$dotfile ]
+			then
+				sed 's/umask 0\([267]\)\1/umask 00\1/' \
+					$DHOME/$LOGIN/$dotfile \
+					> $DHOME/$LOGIN/$dotfile.new
+				mv $DHOME/$LOGIN/$dotfile.new \
+				   $DHOME/$LOGIN/$dotfile
+			fi
+		done
 	fi
 	# Probably will never happen, but just in case... we don't want all
 	# files on the system to be `chown'ed to $NUID.$NGID!
@@ -173,10 +176,6 @@
 	echo "done."
 fi
 
-echo -n "Creating mailbox: $SPOOL/$LOGIN..."
-touch $SPOOL/$LOGIN ; chmod 660 $SPOOL/$LOGIN ; chown $NUID.mail $SPOOL/$LOGIN
-echo "done."
-
 passwd $LOGIN
 chfn $LOGIN
 

===== new /etc/adduser.conf

# The DSHELL variable specifies the default login shell on your system.
DSHELL="/bin/bash"

# The DHOME variable specifies the directory containing users' home
# directories.
DHOME="/home"

# The SKEL variable specifies the directory containing `skeletal' user
# files; in other words, files such as a sample .profile that will be
# copied to the new user's home directory when it is created.
SKEL="/etc/skel"

# FIRST_UID should be the first UID for users on your system.  UIDs
# (and GIDs) below FIRST_UID are reserved for administrative and
# system accounts.
FIRST_UID=1000

# The USERGROUPS variable can be either "yes" or "no".
# If "yes" each created user will be given their own group to use as a
# default, and their setup will arrange to have them create files
# group-writeable by default, thus allowing them to effectively use
# group-writeable filespace areas (such as /usr/local).
# If "no" each created user will be placed in the group whose gid is
# USERS_GID (see below), and they will create files not world writeable
# by default.
USERGROUPS="yes"

# If USERGROUPS is "no", then USERS_GID should be the GID of the group
# `users' (or the equivilant group) on your system.
USERS_GID=100

===== the end - iwj
Reply to:
Prev by Date: Stephen White's proposal involving a `private' group
Next by Date: Documentation of the private groups proposal
Previous by thread: new adduser - please test
Next by thread: The X11 package for Debian (long)
Index(es):
- Date
- Thread