Re: new adduser - please test
Ian Murdock writes:
> Appended are the files /usr/sbin/adduser and /etc/default/adduser from
> Debian 0.92. I have just updated adduser in several ways, including
> support for the project group idea. I have not had much time to test
> it (I'm working the 11-8 weekend shift now... :/). I need to know how
> well it works, so please test it thoroughly and let me know how it can
> be improved. Feel free to improve it yourself and mail me your
> changes.
I've tested it and it appears to work. However, I think a few changes
in order. Enclosed below is a unidiff to adduser and a new
adduser.conf file.
Ian.
Changes:
* I've renamed the METHOD variable, with values "project" and
"default", to a USERGROUPS variable, with values "yes" and "no".
* I've made user private groups the default. See my earlier message
for why this is a Good Thing. Please can this be the default, it's
just going to cause problems for people if it isn't, especially now
that we have a `staff'-writeable /usr/local (people will be added to
the staff group but won't have a group created for them and their
umask changed, or worse have their umask changed without getting their
own group ...).
* According to the latest FSSTND practice, /etc/default is a Bad
Thing. I've therefore changed things to use /etc/adduser.conf
instead.
* I've added `set -e' to the top of adduser.
* There is no need to create the user's mailbox - the mail transport
software does that. In fact, some mailreaders (Emacs, for example)
delete empty mailboxes when they have taken the mail out of them.
* I've fixed the code that massages the dotfiles for the umask change
to work with other umasks than 022. Any umask 0nn will be changed to
00n; anything else will be left unchanged. I've also changed it to
use a loop instead of three copies of the same code. I'm not sure why
bashrc is mentioned there - it shouldn't be necessary, but I've left
it in anyway.
* The /etc/adduser.conf file's comments are more informative.
Remaining bugs/misfeatures:
* My Debian 0.91 system doesn't appear to have chfn.
* The passwd program is too fascist for some people's tastes, I'm
sure, and is impossible to interrupt !
* The /etc/passwd file locking has a race condition. Unfortunately
this requires the link command to fix properly, and Linux doesn't
appear to have link.
====== patch to adduser:
--- adduser.orig Sun Mar 27 20:28:53 1994
+++ adduser Sun Mar 27 21:12:25 1994
@@ -19,6 +19,8 @@
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
#
+set -e
+
# Everything happens too fast, so don't let the user interrupt. We
# certainly don't want a half-done job.
trap "" 1 2 3 15
@@ -37,16 +39,16 @@
# Is there a ``standard'' method of locking the
# group file?
-DEFAULTS="/etc/default/adduser"
+DEFAULTS="/etc/adduser.conf"
-# This is a bit tricky. If method is "default" and there are no users in the
+# This is a bit tricky. If USERGROUPS is "yes" and there are no users in the
# default group, then add the user to the group in $GROUP without a leading
# comma. If there are, then add the user to the group in $GROUP preceded by
# a comma. If method is "project", then simply create the new group and add
# the user to it.
add_to_group()
{
- if [ $METHOD = "default" ]; then
+ if [ $USERGROUPS = "no" ]; then
# First of all, determine the name of the group.
GROUP_NUM=$1
GROUP_NAME=`grep "::$GROUP_NUM:" $GROUP | cut -f 1 -d ":"`
@@ -75,8 +77,7 @@
DSHELL="/bin/bash"
DHOME="/home"
SKEL="/etc/skel"
- SPOOL="/var/spool/mail"
- METHOD="default"
+ USERGROUPS="yes"
FIRST_UID=1000
USERS_GID=1000
}
@@ -101,6 +102,8 @@
# Okay, we can.
cp $PASSWD $PLOCK
+# Damn! We don't have link(1) (or is it link(8)?), so we'll
+# have to live with the race condition - iwj
# And now the program begins.
if [ -f $DEFAULTS ]; then
@@ -115,15 +118,13 @@
if [ $NUID -lt $FIRST_UID ]; then
NUID=$FIRST_UID
fi
-if [ $METHOD = "default" ]; then
+if [ $USERGROUPS = "no" ]; then
NGID=$USERS_GID
+elif [ $USERGROUPS = "yes" ]; then
+ NGID=$NUID
else
- if [ $METHOD = "project" ]; then
- NGID=$NUID
- else
- echo -e "\n$0: unknown method \`$METHOD'."
- rm -f $PLOCK ; exit 1
- fi
+ echo -e "\n$0: USERGROUPS should be \`yes' or \`no'; \`$METHOD' is unknown."
+ rm -f $PLOCK ; exit 1
fi
echo "done. Using UID $NUID and GID $NGID."
@@ -150,20 +151,22 @@
echo -e "\n*** $DHOME/$LOGIN already exists! Not copying files from $SKEL. ***"
else
mkdir $DHOME/$LOGIN
- if [ $METHOD = "project" ]; then
- chmod 775 $DHOME/$LOGIN ; chown $NUID.$NGID $DHOME/$LOGIN
+ if [ "$USERGROUPS" = "yes" ]; then
+ chmod 2775 $DHOME/$LOGIN ; chown $NUID.$NGID $DHOME/$LOGIN
fi
- cp -i $SKEL/.[a-z]* $SKEL/* $DHOME/$LOGIN >/dev/null 2>&1
- if [ $METHOD = "project" ]; then
- test -f $DHOME/$LOGIN/.bashrc && \
- ( sed "s/umask 022/umask 002/" $DHOME/$LOGIN/.bashrc > \
- /tmp/.bashrc ; mv /tmp/.bashrc $DHOME/$LOGIN/.bashrc )
- test -f $DHOME/$LOGIN/.profile && \
- ( sed "s/umask 022/umask 002/" $DHOME/$LOGIN/.profile > \
- /tmp/.profile ; mv /tmp/.profile $DHOME/$LOGIN/.profile )
- test -f $DHOME/$LOGIN/.login && \
- ( sed "s/umask 022/umask 002/" $DHOME/$LOGIN/.login > \
- /tmp/.login ; mv /tmp/.login $DHOME/$LOGIN/.login )
+ cp -i $SKEL/.[a-z]* $SKEL/* $DHOME/$LOGIN >/dev/null 2>&1 || true
+ if [ "$USERGROUPS" = "yes" ]; then
+ for dotfile in .bashrc .profile .login
+ do
+ if [ -f $DHOME/$LOGIN/$dotfile ]
+ then
+ sed 's/umask 0\([267]\)\1/umask 00\1/' \
+ $DHOME/$LOGIN/$dotfile \
+ > $DHOME/$LOGIN/$dotfile.new
+ mv $DHOME/$LOGIN/$dotfile.new \
+ $DHOME/$LOGIN/$dotfile
+ fi
+ done
fi
# Probably will never happen, but just in case... we don't want all
# files on the system to be `chown'ed to $NUID.$NGID!
@@ -173,10 +176,6 @@
echo "done."
fi
-echo -n "Creating mailbox: $SPOOL/$LOGIN..."
-touch $SPOOL/$LOGIN ; chmod 660 $SPOOL/$LOGIN ; chown $NUID.mail $SPOOL/$LOGIN
-echo "done."
-
passwd $LOGIN
chfn $LOGIN
===== new /etc/adduser.conf
# The DSHELL variable specifies the default login shell on your system.
DSHELL="/bin/bash"
# The DHOME variable specifies the directory containing users' home
# directories.
DHOME="/home"
# The SKEL variable specifies the directory containing `skeletal' user
# files; in other words, files such as a sample .profile that will be
# copied to the new user's home directory when it is created.
SKEL="/etc/skel"
# FIRST_UID should be the first UID for users on your system. UIDs
# (and GIDs) below FIRST_UID are reserved for administrative and
# system accounts.
FIRST_UID=1000
# The USERGROUPS variable can be either "yes" or "no".
# If "yes" each created user will be given their own group to use as a
# default, and their setup will arrange to have them create files
# group-writeable by default, thus allowing them to effectively use
# group-writeable filespace areas (such as /usr/local).
# If "no" each created user will be placed in the group whose gid is
# USERS_GID (see below), and they will create files not world writeable
# by default.
USERGROUPS="yes"
# If USERGROUPS is "no", then USERS_GID should be the GID of the group
# `users' (or the equivilant group) on your system.
USERS_GID=100
===== the end - iwj
Reply to: