xref: /freebsd/usr.sbin/adduser/adduser.sh (revision 729362425c09cf6b362366aabc6fb547eee8035a) 
1#!/bin/sh
2#
3# Copyright (c) 2002, 2003 Michael Telahun Makonnen. All rights reserved.
4#
5# Redistribution and use in source and binary forms, with or without
6# modification, are permitted provided that the following conditions
7# are met:
8# 1. Redistributions of source code must retain the above copyright
9#    notice, this list of conditions and the following disclaimer.
10# 2. Redistributions in binary form must reproduce the above copyright
11#    notice, this list of conditions and the following disclaimer in the
12#    documentation and/or other materials provided with the distribution.
13#
14# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24#
25#       Email: Mike Makonnen <mtm@identd.net>
26#
27# $FreeBSD$
28#
29
30# err msg
31#       Display $msg on stderr, unless we're being quiet.
32#
33err() {
34	if [ -z "$quietflag" ]; then
35        	echo 1>&2 ${THISCMD}: ERROR: $*
36	fi
37}
38
39# info msg
40#       Display $msg on stdout, unless we're being quiet.
41#
42info() {
43	if [ -z "$quietflag" ]; then
44        	echo ${THISCMD}: INFO: $*
45	fi
46}
47
48# get_nextuid
49#	Output the value of $_uid if it is available for use. If it
50#	is not, output the value of the next higher uid that is available.
51#	If a uid is not specified, output the first available uid, as indicated
52#	by pw(8).
53#
54get_nextuid () {
55	_uid=$1
56	_nextuid=
57
58	if [ -z "$_uid" ]; then
59		_nextuid="`${PWCMD} usernext | cut -f1 -d:`"
60	else
61		while : ; do
62			${PWCMD} usershow $_uid > /dev/null 2>&1
63			if [ ! "$?" -eq 0 ]; then
64				_nextuid=$_uid
65				break
66			fi
67			_uid=$(($_uid + 1))
68		done
69	fi
70	echo $_nextuid
71}
72
73# show_usage
74#	Display usage information for this utility.
75#
76show_usage() {
77	echo "usage: ${THISCMD} [options]"
78	echo "  options may include:"
79	echo "  -C		save to the configuration file only"
80	echo "  -E		disable this account after creation"
81	echo "  -G		additional groups to add accounts to"
82	echo "  -L		login class of the user"
83	echo "  -N		do not read configuration file"
84	echo "  -d		home directory"
85	echo "  -f		file from which input will be received"
86	echo "  -g		default login group"
87	echo "  -h		display this usage message"
88	echo "  -k		path to skeleton home directory"
89	echo "  -m		user welcome message file"
90	echo "  -q		absolute minimal user feedback"
91	echo "  -s		shell"
92	echo "  -u		uid to start at"
93	echo "  -w		password type: no, none, yes or random"
94}
95
96# valid_shells
97#	Outputs a list of valid shells from /etc/shells. Only the
98#	basename of the shell is output.
99#
100valid_shells() {
101	_prefix=
102	cat ${ETCSHELLS} |
103	while read _path _junk ; do
104		case $_path in
105		\#*|'')
106			;;
107		*)
108			echo -n "${_prefix}`basename $_path`"
109			_prefix=' '
110			;;
111		esac
112	done
113}
114
115# fullpath_from_shell shell
116#	Given $shell, the basename component of a valid shell, get the
117#	full path to the shell from the /etc/shells file.
118#
119fullpath_from_shell() {
120	_shell=$1
121	[ -z "$_shell" ] && return 1
122
123	cat ${ETCSHELLS} |
124	while read _path _junk ; do
125		case "$_path" in
126		\#*|'')
127			;;
128		*)
129			if [ "`basename $_path`" = "$_shell" ]; then
130				echo $_path
131				return 0
132			fi
133			;;
134		esac
135	done
136	return 1
137}
138
139# save_config
140#	Save some variables to a configuration file.
141#	Note: not all script variables are saved, only those that
142#	      it makes sense to save.
143#
144save_config() {
145	echo "# Configuration file for adduser(8)."     >  ${ADDUSERCONF}
146	echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
147	echo "# Last Modified on `${DATECMD}`."		>> ${ADDUSERCONF}
148	echo ''				>> ${ADDUSERCONF}
149	echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
150	echo "defaultclass=$uclass"	>> ${ADDUSERCONF}
151	echo "defaultgroups=$ugroups"	>> ${ADDUSERCONF}
152	echo "passwdtype=$passwdtype" 	>> ${ADDUSERCONF}
153	echo "homeprefix=$homeprefix" 	>> ${ADDUSERCONF}
154	echo "defaultshell=$ushell"	>> ${ADDUSERCONF}
155	echo "udotdir=$udotdir"		>> ${ADDUSERCONF}
156	echo "msgfile=$msgfile"		>> ${ADDUSERCONF}
157	echo "disableflag=$disableflag" >> ${ADDUSERCONF}
158}
159
160# add_user
161#	Add a user to the user database. If the user chose to send a welcome
162#	message or lock the account, do so.
163#
164add_user() {
165
166	# Is this a configuration run? If so, don't modify user database.
167	#
168	if [ -n "$configflag" ]; then
169		save_config
170		return
171	fi
172
173	_uid=
174	_name=
175	_comment=
176	_gecos=
177	_home=
178	_group=
179	_grouplist=
180	_shell=
181	_class=
182	_dotdir=
183	_expire=
184	_pwexpire=
185	_passwd=
186	_upasswd=
187	_passwdmethod=
188
189	_name="-n '$username'"
190	[ -n "$uuid" ] && _uid='-u "$uuid"'
191	[ -n "$ulogingroup" ] && _group='-g "$ulogingroup"'
192	[ -n "$ugroups" ] && _grouplist='-G "$ugroups"'
193	[ -n "$ushell" ] && _shell='-s "$ushell"'
194	[ -n "$uhome" ] && _home='-m -d "$uhome"'
195	[ -n "$uclass" ] && _class='-L "$uclass"'
196	[ -n "$ugecos" ] && _comment='-c "$ugecos"'
197	[ -n "$udotdir" ] && _dotdir='-k "$udotdir"'
198	[ -n "$uexpire" ] && _expire='-e "$uexpire"'
199	[ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"'
200	case $passwdtype in
201	no)
202		_passwdmethod="-w no"
203		_passwd="-h -"
204		;;
205	yes)
206		# Note on processing the password: The outer double quotes
207		# make literal everything except ` and \ and $.
208		# The outer single quotes make literal ` and $.
209		# We can ensure the \ isn't treated specially by specifying
210		# the -r switch to the read command used to obtain the input.
211		#
212		_passwdmethod="-w yes"
213		_passwd="-h 0"
214		_upasswd='echo "$upass" |'
215		;;
216	none)
217		_passwdmethod="-w none"
218		;;
219	random)
220		_passwdmethod="-w random"
221		;;
222	esac
223
224	_pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
225	_pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
226	_pwcmd="$_pwcmd $_expire $_pwexpire"
227
228	if ! _output=`eval $_pwcmd` ; then
229		err "There was an error adding user ($username)."
230		return 1
231	else
232		info "Successfully added ($username) to the user database."
233		if [ "random" = "$passwdtype" ]; then
234			randompass="$_output"
235			info "Password for ($username) is: $randompass"
236		fi
237	fi
238
239	if [ -n "$disableflag" ]; then
240		if ${PWCMD} lock $username ; then
241			info "Account ($username) is locked."
242		else
243			info "Account ($username) could NOT be locked."
244		fi
245	fi
246
247	_line=
248	_owner=
249	_perms=
250	if [ -n "$msgflag" ]; then
251		[ -r "$msgfile" ] && {
252			# We're evaluating the contents of an external file.
253			# Let's not open ourselves up for attack. _perms will
254			# be empty if it's writeable only by the owner. _owner
255			# will *NOT* be empty if the file is owned by root.
256			#
257			_dir="`dirname $msgfile`"
258			_file="`basename $msgfile`"
259			_perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
260			_owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
261			if [ -z "$_owner" -o -n "$_perms" ]; then
262				err "The message file ($msgfile) may be writeable only by root."
263				return 1
264			fi
265			cat "$msgfile" |
266			while read _line ; do
267				eval echo "$_line"
268			done | ${MAILCMD} -s"Welcome" ${username}
269			info "Sent welcome message to ($username)."
270		}
271	fi
272}
273
274# get_user
275#	Reads username of the account from standard input or from a global
276#	variable containing an account line from a file. The username is
277#	required. If this is an interactive session it will prompt in
278#	a loop until a username is entered. If it is batch processing from
279#	a file it will output an error message and return to the caller.
280#
281get_user() {
282	_input=
283
284	# No need to take down user names if this is a configuration saving run.
285	[ -n "$configflag" ] && return
286
287	while : ; do
288		if [ -z "$fflag" ]; then
289			echo -n "Username: "
290			read _input
291		else
292			_input="`echo "$fileline" | cut -f1 -d:`"
293		fi
294
295		# There *must* be a username. If this is an interactive
296		# session give the user an opportunity to retry.
297		#
298		if [ -z "$_input" ]; then
299			err "You must enter a username!"
300			[ -z "$fflag" ] && continue
301		fi
302		break
303	done
304	username="$_input"
305}
306
307# get_gecos
308#	Reads extra information about the user. Can be used both in interactive
309#	and batch (from file) mode.
310#
311get_gecos() {
312	_input=
313
314	# No need to take down additional user information for a configuration run.
315	[ -n "$configflag" ] && return
316
317	if [ -z "$fflag" ]; then
318		echo -n "Full name: "
319		read _input
320	else
321		_input="`echo "$fileline" | cut -f7 -d:`"
322	fi
323	ugecos="$_input"
324}
325
326# get_shell
327#	Get the account's shell. Works in interactive and batch mode. It
328#	accepts only the base name of the shell, NOT the full path.
329#	If an invalid shell is entered it will simply use the default shell.
330#
331get_shell() {
332	_input=
333	_fullpath=
334	ushell="$defaultshell"
335
336	# Make sure the current value of the shell is a valid one
337	_shellchk="${GREPCMD} '^$ushell$' ${ETCSHELLS} > /dev/null 2>&1"
338	eval $_shellchk || {
339		err "Invalid shell ($ushell). Using default shell ${defaultshell}."
340		ushell="$defaultshell"
341	}
342
343	if [ -z "$fflag" ]; then
344		echo -n "Shell ($shells) [`basename $ushell`]: "
345		read _input
346	else
347		_input="`echo "$fileline" | cut -f9 -d:`"
348	fi
349	if [ -n "$_input" ]; then
350		_fullpath=`fullpath_from_shell $_input`
351		if [ -n "$_fullpath" ]; then
352			ushell="$_fullpath"
353		else
354			err "Invalid shell selection. Using default shell ${defaultshell}."
355			ushell="$defaultshell"
356		fi
357	fi
358}
359
360# get_homedir
361#	Reads the account's home directory. Used both with interactive input
362#	and batch input.
363#
364get_homedir() {
365	_input=
366	if [ -z "$fflag" ]; then
367		echo -n "Home directory [${homeprefix}/${username}]: "
368		read _input
369	else
370		_input="`echo "$fileline" | cut -f8 -d:`"
371	fi
372
373	if [ -n "$_input" ]; then
374		uhome="$_input"
375		# if this is a configuration run, then user input is the home
376		# directory prefix. Otherwise it is understood to
377		# be $prefix/$user
378		#
379		[ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
380	else
381		uhome="${homeprefix}/${username}"
382	fi
383}
384
385# get_uid
386#	Reads a numeric userid in an interactive or batch session. Automatically
387#	allocates one if it is not specified.
388#
389get_uid() {
390	uuid=${uidstart}
391	_input=
392	_prompt=
393
394	# No need to take down uids for a configuration saving run.
395	[ -n "$configflag" ] && return
396
397	if [ -n "$uuid" ]; then
398		_prompt="Uid [$uuid]: "
399	else
400		_prompt="Uid (Leave empty for default): "
401	fi
402	if [ -z "$fflag" ]; then
403		echo -n "$_prompt"
404		read _input
405	else
406		_input="`echo "$fileline" | cut -f2 -d:`"
407	fi
408
409	[ -n "$_input" ] && uuid=$_input
410	uuid=`get_nextuid $uuid`
411	uidstart=$uuid
412}
413
414# get_class
415#	Reads login class of account. Can be used in interactive or batch mode.
416#
417get_class() {
418	uclass="$defaultclass"
419	_input=
420	_class=${uclass:-"default"}
421
422	if [ -z "$fflag" ]; then
423		echo -n "Login class [$_class]: "
424		read _input
425	else
426		_input="`echo "$fileline" | cut -f4 -d:`"
427	fi
428
429	[ -n "$_input" ] && uclass="$_input"
430}
431
432# get_logingroup
433#	Reads user's login group. Can be used in both interactive and batch
434#	modes. The specified value can be a group name or its numeric id.
435#	This routine leaves the field blank if nothing is provided and
436#	a default login group has not been set. The pw(8) command
437#	will then provide a login group with the same name as the username.
438#
439get_logingroup() {
440	ulogingroup="$defaultLgroup"
441	_input=
442
443	if [ -z "$fflag" ]; then
444		echo -n "Login group [${ulogingroup:-$username}]: "
445		read _input
446	else
447		_input="`echo "$fileline" | cut -f3 -d:`"
448	fi
449
450	# Pw(8) will use the username as login group if it's left empty
451	[ -n "$_input" ] && ulogingroup="$_input"
452}
453
454# get_groups
455#	Read additional groups for the user. It can be used in both interactive
456#	and batch modes.
457#
458get_groups() {
459	ugroups="$defaultgroups"
460	_input=
461	_group=${ulogingroup:-"${username}"}
462
463	if [ -z "$configflag" ]; then
464		[ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
465		[ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
466	else
467		[ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
468	fi
469	read _input
470
471	[ -n "$_input" ] && ugroups="$_input"
472}
473
474# get_expire_dates
475#	Read expiry information for the account and also for the password. This
476#	routine is used only from batch processing mode.
477#
478get_expire_dates() {
479	upwexpire="`echo "$fileline" | cut -f5 -d:`"
480	uexpire="`echo "$fileline" | cut -f6 -d:`"
481}
482
483# get_password
484#	Read the password in batch processing mode. The password field matters
485#	only when the password type is "yes" or "random". If the field is empty and the
486#	password type is "yes", then it assumes the account has an empty passsword
487#	and changes the password type accordingly. If the password type is "random"
488#	and the password field is NOT empty, then it assumes the account will NOT
489#	have a random password and set passwdtype to "yes."
490#
491get_password() {
492	# We may temporarily change a password type. Make sure it's changed
493	# back to whatever it was before we process the next account.
494	#
495	[ -n "$savedpwtype" ] && {
496		passwdtype=$savedpwtype
497		savedpwtype=
498	}
499
500	# There may be a ':' in the password
501	upass=${fileline#*:*:*:*:*:*:*:*:*:}
502
503	if [ -z "$upass" ]; then
504		case $passwdtype in
505		yes)
506			# if it's empty, assume an empty password
507			passwdtype=none
508			savedpwtype=yes
509			;;
510		esac
511	else
512		case $passwdtype in
513		random)
514			passwdtype=yes
515			savedpwtype=random
516			;;
517		esac
518	fi
519}
520
521# input_from_file
522#	Reads a line of account information from standard input and
523#	adds it to the user database.
524#
525input_from_file() {
526	_field=
527
528	while read -r fileline ; do
529		case "$fileline" in
530		\#*|'')
531			return 0
532			;;
533		esac
534
535		get_user || continue
536		get_gecos
537		get_uid
538		get_logingroup
539		get_class
540		get_shell
541		get_homedir
542		get_password
543		get_expire_dates
544
545		add_user
546	done
547}
548
549# input_interactive
550#	Prompts for user information interactively, and commits to
551#	the user database.
552#
553input_interactive() {
554
555	_disable=
556	_pass=
557	_passconfirm=
558	_random="no"
559	_emptypass="no"
560	_usepass="yes"
561	_logingroup_ok="no"
562	_groups_ok="no"
563	case $passwdtype in
564	none)
565		_emptypass="yes"
566		_usepass="yes"
567		;;
568	no)
569		_usepass="no"
570		;;
571	random)
572		_random="yes"
573		;;
574	esac
575
576	get_user
577	get_gecos
578	get_uid
579
580	# The case where group = user is handled elsewhere, so
581	# validate any other groups the user is invited to.
582	until [ "$_logingroup_ok" = yes ]; do
583		get_logingroup
584		_logingroup_ok=yes
585		if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then
586			if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then
587				echo "Group $ulogingroup does not exist!"
588				_logingroup_ok=no
589			fi
590		fi
591	done
592	until [ "$_groups_ok" = yes ]; do
593		get_groups
594		_groups_ok=yes
595		for i in $ugroups; do
596			if [ "$username" != "$i" ]; then
597				if ! ${PWCMD} show group $i > /dev/null 2>&1; then
598					echo "Group $i does not exist!"
599					_groups_ok=no
600				fi
601			fi
602		done
603	done
604
605	get_class
606	get_shell
607	get_homedir
608
609	while : ; do
610		echo -n "Use password-based authentication? [$_usepass]: "
611		read _input
612		[ -z "$_input" ] && _input=$_usepass
613		case $_input in
614		[Nn][Oo]|[Nn])
615			passwdtype="no"
616			;;
617		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
618			while : ; do
619				echo -n "Use an empty password? (yes/no) [$_emptypass]: "
620				read _input
621				[ -n "$_input" ] && _emptypass=$_input
622				case $_emptypass in
623				[Nn][Oo]|[Nn])
624					echo -n "Use a random password? (yes/no) [$_random]: "
625					read _input
626					[ -n "$_input" ] && _random="$_input"
627					case $_random in
628					[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
629						passwdtype="random"
630						break
631						;;
632					esac
633					passwdtype="yes"
634					[ -n "$configflag" ] && break
635					trap 'stty echo; exit' 0 1 2 3 15
636					stty -echo
637					echo -n "Enter password: "
638					read -r upass
639					echo''
640					echo -n "Enter password again: "
641					read _passconfirm
642					echo ''
643					stty echo
644					# if user entered a blank password
645					# explicitly ask again.
646					[ -z "$upass" -a -z "$_passconfirm" ] \
647					    && continue
648					;;
649				[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
650					passwdtype="none"
651					break;
652					;;
653				*)
654					# invalid answer; repeat the loop
655					continue
656					;;
657				esac
658				if [ "$upass" != "$_passconfirm" ]; then
659					echo "Passwords did not match!"
660					continue
661				fi
662				break
663			done
664			;;
665		*)
666			# invalid answer; repeat loop
667			continue
668			;;
669		esac
670		break;
671	done
672	_disable=${disableflag:-"no"}
673	while : ; do
674		echo -n "Lock out the account after creation? [$_disable]: "
675		read _input
676		[ -z "$_input" ] && _input=$_disable
677		case $_input in
678		[Nn][Oo]|[Nn])
679			disableflag=
680			;;
681		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
682			disableflag=yes
683			;;
684		*)
685			# invalid answer; repeat loop
686			continue
687			;;
688		esac
689		break
690	done
691
692	# Display the information we have so far and prompt to
693	# commit it.
694	#
695	_disable=${disableflag:-"no"}
696	[ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
697	case $passwdtype in
698	yes)
699		_pass='*****'
700		;;
701	no)
702		_pass='<disabled>'
703		;;
704	none)
705		_pass='<blank>'
706		;;
707	random)
708		_pass='<random>'
709		;;
710	esac
711	[ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
712	[ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
713	[ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
714	[ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
715	printf "%-10s : %s\n" "Class" "$uclass"
716	printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
717	printf "%-10s : %s\n" "Home" "$uhome"
718	printf "%-10s : %s\n" "Shell" "$ushell"
719	printf "%-10s : %s\n" "Locked" "$_disable"
720	while : ; do
721		echo -n "OK? (yes/no): "
722		read _input
723		case $_input in
724		[Nn][Oo]|[Nn])
725			return 1
726			;;
727		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
728			add_user
729			;;
730		*)
731			continue
732			;;
733		esac
734		break
735	done
736	return 0
737}
738
739#### END SUBROUTINE DEFENITION ####
740
741THISCMD=`/usr/bin/basename $0`
742DEFAULTSHELL=/bin/sh
743ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
744PWCMD="${PWCMD:-/usr/sbin/pw}"
745MAILCMD="${MAILCMD:-mail}"
746ETCSHELLS="${ETCSHELLS:-/etc/shells}"
747GREPCMD="/usr/bin/grep"
748DATECMD="/bin/date"
749
750# Set default values
751#
752username=
753uuid=
754uidstart=
755ugecos=
756ulogingroup=
757uclass=
758uhome=
759upass=
760ushell=
761udotdir=/usr/share/skel
762ugroups=
763uexpire=
764upwexpire=
765shells="`valid_shells`"
766passwdtype="yes"
767msgfile=/etc/adduser.msg
768msgflag=
769quietflag=
770configflag=
771fflag=
772infile=
773disableflag=
774readconfig="yes"
775homeprefix="/home"
776randompass=
777fileline=
778savedpwtype=
779defaultclass=
780defaultLgroup=
781defaultgoups=
782defaultshell="${DEFAULTSHELL}"
783
784# Make sure the user running this program is root. This isn't a security
785# measure as much as it is a usefull method of reminding the user to
786# 'su -' before he/she wastes time entering data that won't be saved.
787#
788procowner=${procowner:-`/usr/bin/id -u`}
789if [ "$procowner" != "0" ]; then
790	err 'you must be the super-user (uid 0) to use this utility.'
791	exit 1
792fi
793
794# Overide from our conf file
795# Quickly go through the commandline line to see if we should read
796# from our configuration file. The actual parsing of the commandline
797# arguments happens after we read in our configuration file (commandline
798# should override configuration file).
799#
800for _i in $* ; do
801	if [ "$_i" = "-N" ]; then
802		readconfig=
803		break;
804	fi
805done
806if [ -n "$readconfig" ]; then
807	# On a long-lived system, the first time this script is run it
808	# will barf upon reading the configuration file for its perl predecessor.
809	if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
810		[ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
811	fi
812fi
813
814# Proccess command-line options
815#
816for _switch ; do
817	case $_switch in
818	-L)
819		defaultclass="$2"
820		shift; shift
821		;;
822	-C)
823		configflag=yes
824		shift
825		;;
826	-E)
827		disableflag=yes
828		shift
829		;;
830	-k)
831		udotdir="$2"
832		shift; shift
833		;;
834	-f)
835		[ "$2" != "-" ] && infile="$2"
836		fflag=yes
837		shift; shift
838		;;
839	-g)
840		defaultLgroup="$2"
841		shift; shift
842		;;
843	-G)
844		defaultgroups="$2"
845		shift; shift
846		;;
847	-h)
848		show_usage
849		exit 0
850		;;
851	-d)
852		homeprefix="$2"
853		shift; shift
854		;;
855	-m)
856		case "$2" in
857		[Nn][Oo])
858			msgflag=
859			;;
860		*)
861			msgflag=yes
862			msgfile="$2"
863			;;
864		esac
865		shift; shift
866		;;
867	-N)
868		readconfig=
869		shift
870		;;
871	-w)
872		case "$2" in
873		no|none|random|yes)
874			passwdtype=$2
875			;;
876		*)
877			show_usage
878			exit 1
879			;;
880		esac
881		shift; shift
882		;;
883	-q)
884		quietflag=yes
885		shift
886		;;
887	-s)
888		defaultshell="`fullpath_from_shell $2`"
889		shift; shift
890		;;
891	-u)
892		uidstart=$2
893		shift; shift
894		;;
895	esac
896done
897
898# If the -f switch was used, get input from a file. Otherwise,
899# this is an interactive session.
900#
901if [ -n "$fflag" ]; then
902	if [ -z "$infile" ]; then
903		input_from_file
904	elif [ -n "$infile" ]; then
905		if [ -r "$infile" ]; then
906			input_from_file < $infile
907		else
908			err "File ($infile) is unreadable or does not exist."
909		fi
910	fi
911else
912	input_interactive
913	while : ; do
914		if [ -z "$configflag" ]; then
915			echo -n "Add another user? (yes/no): "
916		else
917			echo -n "Re-edit the default configuration? (yes/no): "
918		fi
919		read _input
920		case $_input in
921		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
922			uidstart=`get_nextuid $uidstart`
923			input_interactive
924			continue
925			;;
926		[Nn][Oo]|[Nn])
927			echo "Goodbye!"
928			;;
929		*)
930			continue
931			;;
932		esac
933		break
934	done
935fi
936