xref: /freebsd/usr.sbin/adduser/adduser.sh (revision f9218d3d4fd34f082473b3a021c6d4d109fb47cf) 
1#!/bin/sh
2#
3# Copyright (c) 2002, 2003 Michael Telahun Makonnen. All rights reserved.
4#
5# Redistribution and use in source and binary forms, with or without
6# modification, are permitted provided that the following conditions
7# are met:
8# 1. Redistributions of source code must retain the above copyright
9#    notice, this list of conditions and the following disclaimer.
10# 2. Redistributions in binary form must reproduce the above copyright
11#    notice, this list of conditions and the following disclaimer in the
12#    documentation and/or other materials provided with the distribution.
13#
14# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
15# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
16# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
17# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
18# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
19# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
20# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
21# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
23# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24#
25#       Email: Mike Makonnen <mtm@identd.net>
26#
27# $FreeBSD$
28#
29
30# err msg
31#       Display $msg on stderr, unless we're being quiet.
32#
33err() {
34	if [ -z "$quietflag" ]; then
35        	echo 1>&2 ${THISCMD}: ERROR: $*
36	fi
37}
38
39# info msg
40#       Display $msg on stdout, unless we're being quiet.
41#
42info() {
43	if [ -z "$quietflag" ]; then
44        	echo ${THISCMD}: INFO: $*
45	fi
46}
47
48# get_nextuid
49#	Output the value of $_uid if it is available for use. If it
50#	is not, output the value of the next higher uid that is available.
51#	If a uid is not specified, output the first available uid, as indicated
52#	by pw(8).
53#
54get_nextuid () {
55	_uid=$1
56	_nextuid=
57
58	if [ -z "$_uid" ]; then
59		_nextuid="`${PWCMD} usernext | cut -f1 -d:`"
60	else
61		while : ; do
62			${PWCMD} usershow $_uid > /dev/null 2>&1
63			if [ ! "$?" -eq 0 ]; then
64				_nextuid=$_uid
65				break
66			fi
67			_uid=$(($_uid + 1))
68		done
69	fi
70	echo $_nextuid
71}
72
73# show_usage
74#	Display usage information for this utility.
75#
76show_usage() {
77	echo "usage: ${THISCMD} [options]"
78	echo "  options may include:"
79	echo "  -C		save to the configuration file only"
80	echo "  -E		disable this account after creation"
81	echo "  -G		additional groups to add accounts to"
82	echo "  -L		login class of the user"
83	echo "  -N		do not read configuration file"
84	echo "  -d		home directory"
85	echo "  -f		file from which input will be received"
86	echo "  -h		display this usage message"
87	echo "  -k		path to skeleton home directory"
88	echo "  -m		user welcome message file"
89	echo "  -q		absolute minimal user feedback"
90	echo "  -s		shell"
91	echo "  -u		uid to start at"
92	echo "  -w		password type: no, none, yes or random"
93}
94
95# valid_shells
96#	Outputs a list of valid shells from /etc/shells. Only the
97#	basename of the shell is output.
98#
99valid_shells() {
100	_prefix=
101	cat ${ETCSHELLS} |
102	while read _path _junk ; do
103		case $_path in
104		\#*|'')
105			;;
106		*)
107			echo -n "${_prefix}`basename $_path`"
108			_prefix=' '
109			;;
110		esac
111	done
112}
113
114# fullpath_from_shell shell
115#	Given $shell, the basename component of a valid shell, get the
116#	full path to the shell from the /etc/shells file.
117#
118fullpath_from_shell() {
119	_shell=$1
120	[ -z "$_shell" ] && return 1
121
122	cat ${ETCSHELLS} |
123	while read _path _junk ; do
124		case "$_path" in
125		\#*|'')
126			;;
127		*)
128			if [ "`basename $_path`" = "$_shell" ]; then
129				echo $_path
130				return 0
131			fi
132			;;
133		esac
134	done
135	return 1
136}
137
138# save_config
139#	Save some variables to a configuration file.
140#	Note: not all script variables are saved, only those that
141#	      it makes sense to save.
142#
143save_config() {
144	echo "# Configuration file for adduser(8)."     >  ${ADDUSERCONF}
145	echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
146	echo "# Last Modified on `${DATECMD}`."		>> ${ADDUSERCONF}
147	echo ''				>> ${ADDUSERCONF}
148	echo "defaultclass=$uclass"	>> ${ADDUSERCONF}
149	echo "defaultgroups=$ugroups"	>> ${ADDUSERCONF}
150	echo "passwdtype=$passwdtype" 	>> ${ADDUSERCONF}
151	echo "homeprefix=$homeprefix" 	>> ${ADDUSERCONF}
152	echo "defaultshell=$ushell"	>> ${ADDUSERCONF}
153	echo "udotdir=$udotdir"		>> ${ADDUSERCONF}
154	echo "msgfile=$msgfile"		>> ${ADDUSERCONF}
155	echo "disableflag=$disableflag" >> ${ADDUSERCONF}
156}
157
158# add_user
159#	Add a user to the user database. If the user chose to send a welcome
160#	message or lock the account, do so.
161#
162add_user() {
163
164	# Is this a configuration run? If so, don't modify user database.
165	#
166	if [ -n "$configflag" ]; then
167		save_config
168		return
169	fi
170
171	_uid=
172	_name=
173	_comment=
174	_gecos=
175	_home=
176	_group=
177	_grouplist=
178	_shell=
179	_class=
180	_dotdir=
181	_expire=
182	_pwexpire=
183	_passwd=
184	_upasswd=
185	_passwdmethod=
186
187	_name="-n '$username'"
188	[ -n "$uuid" ] && _uid='-u "$uuid"'
189	[ -n "$ulogingroup" ] && _group='-g "$ulogingroup"'
190	[ -n "$ugroups" ] && _grouplist='-G "$ugroups"'
191	[ -n "$ushell" ] && _shell='-s "$ushell"'
192	[ -n "$uhome" ] && _home='-m -d "$uhome"'
193	[ -n "$uclass" ] && _class='-L "$uclass"'
194	[ -n "$ugecos" ] && _comment='-c "$ugecos"'
195	[ -n "$udotdir" ] && _dotdir='-k "$udotdir"'
196	[ -n "$uexpire" ] && _expire='-e "$uexpire"'
197	[ -n "$upwexpire" ] && _pwexpire='-p "$upwexpire"'
198	case $passwdtype in
199	no)
200		_passwdmethod="-w no"
201		_passwd="-h -"
202		;;
203	yes)
204		# Note on processing the password: The outer double quotes
205		# make literal everything except ` and \ and $.
206		# The outer single quotes make literal ` and $.
207		# We can ensure the \ isn't treated specially by specifying
208		# the -r switch to the read command used to obtain the input.
209		#
210		_passwdmethod="-w yes"
211		_passwd="-h 0"
212		_upasswd='echo "$upass" |'
213		;;
214	none)
215		_passwdmethod="-w none"
216		;;
217	random)
218		_passwdmethod="-w random"
219		;;
220	esac
221
222	_pwcmd="$_upasswd ${PWCMD} useradd $_uid $_name $_group $_grouplist $_comment"
223	_pwcmd="$_pwcmd $_shell $_class $_home $_dotdir $_passwdmethod $_passwd"
224	_pwcmd="$_pwcmd $_expire $_pwexpire"
225
226	if ! _output=`eval $_pwcmd` ; then
227		err "There was an error adding user ($username)."
228		return 1
229	else
230		info "Successfully added ($username) to the user database."
231		if [ "random" = "$passwdtype" ]; then
232			randompass="$_output"
233			info "Password for ($username) is: $randompass"
234		fi
235	fi
236
237	if [ -n "$disableflag" ]; then
238		if ${PWCMD} lock $username ; then
239			info "Account ($username) is locked."
240		else
241			info "Account ($username) could NOT be locked."
242		fi
243	fi
244
245	_line=
246	_owner=
247	_perms=
248	if [ -n "$msgflag" ]; then
249		[ -r "$msgfile" ] && {
250			# We're evaluating the contents of an external file.
251			# Let's not open ourselves up for attack. _perms will
252			# be empty if it's writeable only by the owner. _owner
253			# will *NOT* be empty if the file is owned by root.
254			#
255			_dir="`dirname $msgfile`"
256			_file="`basename $msgfile`"
257			_perms=`/usr/bin/find $_dir -name $_file -perm +07022 -prune`
258			_owner=`/usr/bin/find $_dir -name $_file -user 0 -prune`
259			if [ -z "$_owner" -o -n "$_perms" ]; then
260				err "The message file ($msgfile) may be writeable only by root."
261				return 1
262			fi
263			cat "$msgfile" |
264			while read _line ; do
265				eval echo "$_line"
266			done | ${MAILCMD} -s"Welcome" ${username}
267			info "Sent welcome message to ($username)."
268		}
269	fi
270}
271
272# get_user
273#	Reads username of the account from standard input or from a global
274#	variable containing an account line from a file. The username is
275#	required. If this is an interactive session it will prompt in
276#	a loop until a username is entered. If it is batch processing from
277#	a file it will output an error message and return to the caller.
278#
279get_user() {
280	_input=
281
282	# No need to take down user names if this is a configuration saving run.
283	[ -n "$configflag" ] && return
284
285	while : ; do
286		if [ -z "$fflag" ]; then
287			echo -n "Username: "
288			read _input
289		else
290			_input="`echo "$fileline" | cut -f1 -d:`"
291		fi
292
293		# There *must* be a username. If this is an interactive
294		# session give the user an opportunity to retry.
295		#
296		if [ -z "$_input" ]; then
297			err "You must enter a username!"
298			[ -z "$fflag" ] && continue
299		fi
300		break
301	done
302	username="$_input"
303}
304
305# get_gecos
306#	Reads extra information about the user. Can be used both in interactive
307#	and batch (from file) mode.
308#
309get_gecos() {
310	_input=
311
312	# No need to take down additional user information for a configuration run.
313	[ -n "$configflag" ] && return
314
315	if [ -z "$fflag" ]; then
316		echo -n "Full name: "
317		read _input
318	else
319		_input="`echo "$fileline" | cut -f7 -d:`"
320	fi
321	ugecos="$_input"
322}
323
324# get_shell
325#	Get the account's shell. Works in interactive and batch mode. It
326#	accepts only the base name of the shell, NOT the full path.
327#	If an invalid shell is entered it will simply use the default shell.
328#
329get_shell() {
330	_input=
331	_fullpath=
332	ushell="$defaultshell"
333
334	# Make sure the current value of the shell is a valid one
335	_shellchk="${GREPCMD} '^$ushell$' ${ETCSHELLS} > /dev/null 2>&1"
336	eval $_shellchk || {
337		err "Invalid shell ($ushell). Using default shell ${defaultshell}."
338		ushell="$defaultshell"
339	}
340
341	if [ -z "$fflag" ]; then
342		echo -n "Shell ($shells) [`basename $ushell`]: "
343		read _input
344	else
345		_input="`echo "$fileline" | cut -f9 -d:`"
346	fi
347	if [ -n "$_input" ]; then
348		_fullpath=`fullpath_from_shell $_input`
349		if [ -n "$_fullpath" ]; then
350			ushell="$_fullpath"
351		else
352			err "Invalid shell selection. Using default shell ${defaultshell}."
353			ushell="$defaultshell"
354		fi
355	fi
356}
357
358# get_homedir
359#	Reads the account's home directory. Used both with interactive input
360#	and batch input.
361#
362get_homedir() {
363	_input=
364	if [ -z "$fflag" ]; then
365		echo -n "Home directory [${homeprefix}/${username}]: "
366		read _input
367	else
368		_input="`echo "$fileline" | cut -f8 -d:`"
369	fi
370
371	if [ -n "$_input" ]; then
372		uhome="$_input"
373		# if this is a configuration run, then user input is the home
374		# directory prefix. Otherwise it is understood to
375		# be $prefix/$user
376		#
377		[ -z "$configflag" ] && homeprefix="`dirname $uhome`" || homeprefix="$uhome"
378	else
379		uhome="${homeprefix}/${username}"
380	fi
381}
382
383# get_uid
384#	Reads a numeric userid in an interactive or batch session. Automatically
385#	allocates one if it is not specified.
386#
387get_uid() {
388	uuid=${uidstart}
389	_input=
390	_prompt=
391
392	# No need to take down uids for a configuration saving run.
393	[ -n "$configflag" ] && return
394
395	if [ -n "$uuid" ]; then
396		_prompt="Uid [$uuid]: "
397	else
398		_prompt="Uid (Leave empty for default): "
399	fi
400	if [ -z "$fflag" ]; then
401		echo -n "$_prompt"
402		read _input
403	else
404		_input="`echo "$fileline" | cut -f2 -d:`"
405	fi
406
407	[ -n "$_input" ] && uuid=$_input
408	uuid=`get_nextuid $uuid`
409	uidstart=$uuid
410}
411
412# get_class
413#	Reads login class of account. Can be used in interactive or batch mode.
414#
415get_class() {
416	uclass="$defaultclass"
417	_input=
418	_class=${uclass:-"default"}
419
420	if [ -z "$fflag" ]; then
421		echo -n "Login class [$_class]: "
422		read _input
423	else
424		_input="`echo "$fileline" | cut -f4 -d:`"
425	fi
426
427	[ -n "$_input" ] && uclass="$_input"
428}
429
430# get_logingroup
431#	Reads user's login group. Can be used in both interactive and batch
432#	modes. The specified value can be a group name or its numeric id.
433#	This routine leaves the field blank if nothing is provided. The pw(8)
434#	command will then provide a login group with the same name as the username.
435#
436get_logingroup() {
437	ulogingroup=
438	_input=
439
440	# No need to take down a login group for a configuration saving run.
441	[ -n "$configflag" ] && return
442
443	if [ -z "$fflag" ]; then
444		echo -n "Login group [$username]: "
445		read _input
446	else
447		_input="`echo "$fileline" | cut -f3 -d:`"
448	fi
449
450	# Pw(8) will use the username as login group if it's left empty
451	[ -n "$_input" ] && ulogingroup="$_input" || ulogingroup=
452}
453
454# get_groups
455#	Read additional groups for the user. It can be used in both interactive
456#	and batch modes.
457#
458get_groups() {
459	ugroups="$defaultgroups"
460	_input=
461	_group=${ulogingroup:-"${username}"}
462
463	if [ -z "$configflag" ]; then
464		[ -z "$fflag" ] && echo -n "Login group is $_group. Invite $username"
465		[ -z "$fflag" ] && echo -n " into other groups? [$ugroups]: "
466	else
467		[ -z "$fflag" ] && echo -n "Enter additional groups [$ugroups]: "
468	fi
469	read _input
470
471	[ -n "$_input" ] && ugroups="$_input"
472}
473
474# get_expire_dates
475#	Read expiry information for the account and also for the password. This
476#	routine is used only from batch processing mode.
477#
478get_expire_dates() {
479	upwexpire="`echo "$fileline" | cut -f5 -d:`"
480	uexpire="`echo "$fileline" | cut -f6 -d:`"
481}
482
483# get_password
484#	Read the password in batch processing mode. The password field matters
485#	only when the password type is "yes" or "random". If the field is empty and the
486#	password type is "yes", then it assumes the account has an empty passsword
487#	and changes the password type accordingly. If the password type is "random"
488#	and the password field is NOT empty, then it assumes the account will NOT
489#	have a random password and set passwdtype to "yes."
490#
491get_password() {
492	# We may temporarily change a password type. Make sure it's changed
493	# back to whatever it was before we process the next account.
494	#
495	[ -n "$savedpwtype" ] && {
496		passwdtype=$savedpwtype
497		savedpwtype=
498	}
499
500	# There may be a ':' in the password
501	upass=${fileline#*:*:*:*:*:*:*:*:*:}
502
503	if [ -z "$upass" ]; then
504		case $passwdtype in
505		yes)
506			# if it's empty, assume an empty password
507			passwdtype=none
508			savedpwtype=yes
509			;;
510		esac
511	else
512		case $passwdtype in
513		random)
514			passwdtype=yes
515			savedpwtype=random
516			;;
517		esac
518	fi
519}
520
521# input_from_file
522#	Reads a line of account information from standard input and
523#	adds it to the user database.
524#
525input_from_file() {
526	_field=
527
528	while read -r fileline ; do
529		case "$fileline" in
530		\#*|'')
531			return 0
532			;;
533		esac
534
535		get_user || continue
536		get_gecos
537		get_uid
538		get_logingroup
539		get_class
540		get_shell
541		get_homedir
542		get_password
543		get_expire_dates
544
545		add_user
546	done
547}
548
549# input_interactive
550#	Prompts for user information interactively, and commits to
551#	the user database.
552#
553input_interactive() {
554
555	_disable=
556	_pass=
557	_passconfirm=
558	_random="no"
559	_emptypass="no"
560	_usepass="yes"
561	case $passwdtype in
562	none)
563		_emptypass="yes"
564		_usepass="yes"
565		;;
566	no)
567		_usepass="no"
568		;;
569	random)
570		_random="yes"
571		;;
572	esac
573
574	get_user
575	get_gecos
576	get_uid
577
578	# The case where group = user is handled elsewhere, so
579	# validate any other groups the user is invited to.
580	until [ "$_logingroup_ok" = yes ]; do
581		get_logingroup
582		_logingroup_ok=yes
583		if [ -n "$ulogingroup" -a "$username" != "$ulogingroup" ]; then
584			if ! ${PWCMD} show group $ulogingroup > /dev/null 2>&1; then
585				echo "Group $ulogingroup does not exist!"
586				_logingroup_ok=no
587			fi
588		fi
589	done
590	until [ "$_groups_ok" = yes ]; do
591		get_groups
592		_groups_ok=yes
593		for i in $ugroups; do
594			if [ "$username" != "$i" ]; then
595				if ! ${PWCMD} show group $i > /dev/null 2>&1; then
596					echo "Group $i does not exist!"
597					_groups_ok=no
598				fi
599			fi
600		done
601	done
602
603	get_class
604	get_shell
605	get_homedir
606
607	while : ; do
608		echo -n "Use password-based authentication? [$_usepass]: "
609		read _input
610		[ -z "$_input" ] && _input=$_usepass
611		case $_input in
612		[Nn][Oo]|[Nn])
613			passwdtype="no"
614			;;
615		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
616			while : ; do
617				echo -n "Use an empty password? (yes/no) [$_emptypass]: "
618				read _input
619				[ -n "$_input" ] && _emptypass=$_input
620				case $_emptypass in
621				[Nn][Oo]|[Nn])
622					echo -n "Use a random password? (yes/no) [$_random]: "
623					read _input
624					[ -n "$_input" ] && _random="$_input"
625					case $_random in
626					[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
627						passwdtype="random"
628						break
629						;;
630					esac
631					passwdtype="yes"
632					[ -n "$configrun" ] && break
633					trap 'stty echo; exit' 0 1 2 3 15
634					stty -echo
635					echo -n "Enter password: "
636					read -r upass
637					echo''
638					echo -n "Enter password again: "
639					read _passconfirm
640					echo ''
641					stty echo
642					# if user entered a blank password
643					# explicitly ask again.
644					[ -z "$upass" -a -z "$_passconfirm" ] \
645					    && continue
646					;;
647				[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
648					passwdtype="none"
649					break;
650					;;
651				*)
652					# invalid answer; repeat the loop
653					continue
654					;;
655				esac
656				if [ "$upass" != "$_passconfirm" ]; then
657					echo "Passwords did not match!"
658					continue
659				fi
660				break
661			done
662			;;
663		*)
664			# invalid answer; repeat loop
665			continue
666			;;
667		esac
668		break;
669	done
670	_disable=${disableflag:-"no"}
671	while : ; do
672		echo -n "Lock out the account after creation? [$_disable]: "
673		read _input
674		[ -z "$_input" ] && _input=$_disable
675		case $_input in
676		[Nn][Oo]|[Nn])
677			disableflag=
678			;;
679		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
680			disableflag=yes
681			;;
682		*)
683			# invalid answer; repeat loop
684			continue
685			;;
686		esac
687		break
688	done
689
690	# Display the information we have so far and prompt to
691	# commit it.
692	#
693	_disable=${disableflag:-"no"}
694	[ -z "$configflag" ] && printf "%-10s : %s\n" Username $username
695	case $passwdtype in
696	yes)
697		_pass='*****'
698		;;
699	no)
700		_pass='<disabled>'
701		;;
702	none)
703		_pass='<blank>'
704		;;
705	random)
706		_pass='<random>'
707		;;
708	esac
709	[ -z "$configflag" ] && printf "%-10s : %s\n" "Password" "$_pass"
710	[ -n "$configflag" ] && printf "%-10s : %s\n" "Pass Type" "$passwdtype"
711	[ -z "$configflag" ] && printf "%-10s : %s\n" "Full Name" "$ugecos"
712	[ -z "$configflag" ] && printf "%-10s : %s\n" "Uid" "$uuid"
713	printf "%-10s : %s\n" "Class" "$uclass"
714	[ -z "$configflag" ] && printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
715	printf "%-10s : %s\n" "Home" "$uhome"
716	printf "%-10s : %s\n" "Shell" "$ushell"
717	printf "%-10s : %s\n" "Locked" "$_disable"
718	while : ; do
719		echo -n "OK? (yes/no): "
720		read _input
721		case $_input in
722		[Nn][Oo]|[Nn])
723			return 1
724			;;
725		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
726			add_user
727			;;
728		*)
729			continue
730			;;
731		esac
732		break
733	done
734	return 0
735}
736
737#### END SUBROUTINE DEFENITION ####
738
739THISCMD=`/usr/bin/basename $0`
740DEFAULTSHELL=/bin/sh
741ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
742PWCMD="${PWCMD:-/usr/sbin/pw}"
743MAILCMD="${MAILCMD:-mail}"
744ETCSHELLS="${ETCSHELLS:-/etc/shells}"
745GREPCMD="/usr/bin/grep"
746DATECMD="/bin/date"
747
748# Set default values
749#
750username=
751uuid=
752uidstart=
753ugecos=
754ulogingroup=
755uclass=
756uhome=
757upass=
758ushell=
759udotdir=/usr/share/skel
760ugroups=
761uexpire=
762upwexpire=
763shells="`valid_shells`"
764passwdtype="yes"
765msgfile=/etc/adduser.msg
766msgflag=
767quietflag=
768configflag=
769fflag=
770infile=
771disableflag=
772readconfig="yes"
773homeprefix="/home"
774randompass=
775fileline=
776savedpwtype=
777defaultclass=
778defaultgoups=
779defaultshell="${DEFAULTSHELL}"
780
781# Make sure the user running this program is root. This isn't a security
782# measure as much as it is a usefull method of reminding the user to
783# 'su -' before he/she wastes time entering data that won't be saved.
784#
785procowner=${procowner:-`/usr/bin/id -u`}
786if [ "$procowner" != "0" ]; then
787	err 'you must be the super-user (uid 0) to use this utility.'
788	exit 1
789fi
790
791# Overide from our conf file
792# Quickly go through the commandline line to see if we should read
793# from our configuration file. The actual parsing of the commandline
794# arguments happens after we read in our configuration file (commandline
795# should override configuration file).
796#
797for _i in $* ; do
798	if [ "$_i" = "-N" ]; then
799		readconfig=
800		break;
801	fi
802done
803if [ -n "$readconfig" ]; then
804	# On a long-lived system, the first time this script is run it
805	# will barf upon reading the configuration file for its perl predecessor.
806	if ( . ${ADDUSERCONF} > /dev/null 2>&1 ); then
807		[ -r ${ADDUSERCONF} ] && . ${ADDUSERCONF} > /dev/null 2>&1
808	fi
809fi
810
811# Proccess command-line options
812#
813for _switch ; do
814	case $_switch in
815	-L)
816		defaultclass="$2"
817		shift; shift
818		;;
819	-C)
820		configflag=yes
821		shift
822		;;
823	-E)
824		disableflag=yes
825		shift
826		;;
827	-k)
828		udotdir="$2"
829		shift; shift
830		;;
831	-f)
832		[ "$2" != "-" ] && infile="$2"
833		fflag=yes
834		shift; shift
835		;;
836	-G)
837		defaultgroups="$2"
838		shift; shift
839		;;
840	-h)
841		show_usage
842		exit 0
843		;;
844	-d)
845		homeprefix="$2"
846		shift; shift
847		;;
848	-m)
849		case "$2" in
850		[Nn][Oo])
851			msgflag=
852			;;
853		*)
854			msgflag=yes
855			msgfile="$2"
856			;;
857		esac
858		shift; shift
859		;;
860	-N)
861		readconfig=
862		shift
863		;;
864	-w)
865		case "$2" in
866		no|none|random|yes)
867			passwdtype=$2
868			;;
869		*)
870			show_usage
871			exit 1
872			;;
873		esac
874		shift; shift
875		;;
876	-q)
877		quietflag=yes
878		shift
879		;;
880	-s)
881		defaultshell="`fullpath_from_shell $2`"
882		shift; shift
883		;;
884	-u)
885		uidstart=$2
886		shift; shift
887		;;
888	esac
889done
890
891# If the -f switch was used, get input from a file. Otherwise,
892# this is an interactive session.
893#
894if [ -n "$fflag" ]; then
895	if [ -z "$infile" ]; then
896		input_from_file
897	elif [ -n "$infile" ]; then
898		if [ -r "$infile" ]; then
899			input_from_file < $infile
900		else
901			err "File ($infile) is unreadable or does not exist."
902		fi
903	fi
904else
905	input_interactive
906	while : ; do
907		echo -n "Add another user? (yes/no): "
908		read _input
909		case $_input in
910		[Yy][Ee][Ss]|[Yy][Ee]|[Yy])
911			uidstart=`get_nextuid $uidstart`
912			input_interactive
913			continue
914			;;
915		[Nn][Oo]|[Nn])
916			echo "Goodbye!"
917			;;
918		*)
919			continue
920			;;
921		esac
922		break
923	done
924fi
925