d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rewrite parsing subcommands arguments of pw(8)

Browse Source 
Now each subcommands checks its arguments in a dedicated functions.

This helps improving input validation, code readability/maintainability
While here:
- Add a -y option to pw userdel/usermod so it can maintain NIS servers if
  nispasswd is not defined in pw.conf(5)
- Allow pw -r <rootdir> to remove directory with userdel -r
- Fix bug when renaming a user which was not renaming the user name it groups
  it is a member of.
- Only parse pw.conf(5) when needed.
This commit is contained in:
Baptiste Daroussin 2015-08-02 12:47:50 +00:00
parent 51a01baf23
commit d2d022b9fd
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=286196
14 changed files with 2023 additions and 1502 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
usr.sbin/pw/Makefile
View File

@ -3,7 +3,8 @@
PROG= pw
MAN= pw.conf.5 pw.8
SRCS= pw.c pw_conf.c pw_user.c pw_group.c pw_log.c pw_nis.c pw_vpw.c \
grupd.c pwupd.c psdate.c bitmap.c cpdir.c rm_r.c strtounum.c
grupd.c pwupd.c psdate.c bitmap.c cpdir.c rm_r.c strtounum.c \
pw_utils.c
WARNS?= 3

296
usr.sbin/pw/pw.c
View File

@ -37,9 +37,6 @@ static const char rcsid[] =
#include <sys/wait.h>
#include "pw.h"
#if !defined(_PATH_YP)
#define _PATH_YP "/var/yp/"
#endif
const char *Modes[] = {
"add", "del", "mod", "show", "next",
NULL};
@ -85,55 +82,39 @@ struct pwf VPWF =
vgetgrnam,
};
static int (*cmdfunc[W_NUM][M_NUM])(int argc, char **argv, char *_name) = {
{ /* user */
pw_user_add,
pw_user_del,
pw_user_mod,
pw_user_show,
pw_user_next,
pw_user_lock,
pw_user_unlock,
},
{ /* group */
pw_group_add,
pw_group_del,
pw_group_mod,
pw_group_show,
pw_group_next,
}
};
struct pwconf conf;
static struct cargs arglist;
static int getindex(const char *words[], const char *word);
static void cmdhelp(int mode, int which);
static int getindex(const char *words[], const char *word);
static void cmdhelp(int mode, int which);
int
main(int argc, char *argv[])
{
int ch;
int mode = -1;
int which = -1;
long id = -1;
char *config = NULL;
int mode = -1, which = -1, tmp;
struct stat st;
const char *errstr;
char arg, *name;
char arg, *arg1;
bool relocated, nis;
static const char *opts[W_NUM][M_NUM] =
{
{ /* user */
"R:V:C:qn:u:c:d:e:p:g:G:mM:k:s:oL:i:w:h:H:Db:NPy:Y",
"R:V:C:qn:u:rY",
"R:V:C:qn:u:c:d:e:p:g:G:mM:l:k:s:w:L:h:H:FNPY",
"R:V:C:qn:u:FPa7",
"R:V:C:q",
"R:V:C:q",
"R:V:C:q"
},
{ /* grp */
"R:V:C:qn:g:h:H:M:opNPY",
"R:V:C:qn:g:Y",
"R:V:C:qn:d:g:l:h:H:FM:m:NPY",
"R:V:C:qn:g:FPa",
"R:V:C:q"
}
};
static int (*funcs[W_NUM]) (int _mode, char *_name, long _id,
struct cargs * _args) =
{ /* Request handlers */
pw_user,
pw_group
};
name = NULL;
arg1 = NULL;
relocated = nis = false;
memset(&conf, 0, sizeof(conf));
strlcpy(conf.rootdir, "/", sizeof(conf.rootdir));
@ -141,17 +122,13 @@ main(int argc, char *argv[])
conf.fd = -1;
conf.checkduplicate = true;
LIST_INIT(&arglist);
(void)setlocale(LC_ALL, "");
setlocale(LC_ALL, "");
/*
* Break off the first couple of words to determine what exactly
* we're being asked to do
*/
while (argc > 1) {
int tmp;
if (*argv[1] == '-') {
/*
* Special case, allow pw -V<dir> <operation> [args] for scripts etc.
@ -197,15 +174,9 @@ main(int argc, char *argv[])
mode = tmp % M_NUM;
} else if (strcmp(argv[1], "help") == 0 && argv[2] == NULL)
cmdhelp(mode, which);
else if (which != -1 && mode != -1) {
if (strspn(argv[1], "0123456789") == strlen(argv[1])) {
id = strtounum(argv[1], 0, UID_MAX, &errstr);
if (errstr != NULL)
errx(EX_USAGE, "Bad id '%s': %s",
argv[1], errstr);
} else
name = argv[1];
} else
else if (which != -1 && mode != -1)
arg1 = argv[1];
else
errx(EX_USAGE, "unknown keyword `%s'", argv[1]);
++argv;
--argc;
@ -220,193 +191,22 @@ main(int argc, char *argv[])
conf.rootfd = open(conf.rootdir, O_DIRECTORY|O_CLOEXEC);
if (conf.rootfd == -1)
errx(EXIT_FAILURE, "Unable to open '%s'", conf.rootdir);
conf.which = which;
/*
* We know which mode we're in and what we're about to do, so now
* let's dispatch the remaining command line args in a genric way.
*/
optarg = NULL;
while ((ch = getopt(argc, argv, opts[which][mode])) != -1) {
switch (ch) {
case '?':
errx(EX_USAGE, "unknown switch");
break;
case '7':
conf.v7 = true;
break;
case 'C':
conf.config = optarg;
config = conf.config;
break;
case 'F':
conf.force = true;
break;
case 'N':
conf.dryrun = true;
break;
case 'l':
if (strlen(optarg) >= MAXLOGNAME)
errx(EX_USAGE, "new name too long: %s", optarg);
conf.newname = optarg;
break;
case 'P':
conf.pretty = true;
break;
case 'Y':
nis = true;
break;
case 'a':
conf.all = true;
break;
case 'c':
conf.gecos = pw_checkname(optarg, 1);
break;
case 'g':
if (which == 0) { /* for user* */
addarg(&arglist, 'g', optarg);
break;
}
if (strspn(optarg, "0123456789") != strlen(optarg))
errx(EX_USAGE, "-g expects a number");
id = strtounum(optarg, 0, GID_MAX, &errstr);
if (errstr != NULL)
errx(EX_USAGE, "Bad id '%s': %s", optarg,
errstr);
break;
case 'u':
if (strspn(optarg, "0123456789,") != strlen(optarg))
errx(EX_USAGE, "-u expects a number");
if (strchr(optarg, ',') != NULL) {
addarg(&arglist, 'u', optarg);
break;
}
id = strtounum(optarg, 0, UID_MAX, &errstr);
if (errstr != NULL)
errx(EX_USAGE, "Bad id '%s': %s", optarg,
errstr);
break;
case 'n':
name = optarg;
break;
case 'H':
if (conf.fd != -1)
errx(EX_USAGE, "'-h' and '-H' are mutually "
"exclusive options");
conf.precrypted = true;
if (strspn(optarg, "0123456789") != strlen(optarg))
errx(EX_USAGE, "'-H' expects a file descriptor");
conf.fd = strtonum(optarg, 0, INT_MAX, &errstr);
if (errstr != NULL)
errx(EX_USAGE, "Bad file descriptor '%s': %s",
optarg, errstr);
break;
case 'h':
if (conf.fd != -1)
errx(EX_USAGE, "'-h' and '-H' are mutually "
"exclusive options");
if (strcmp(optarg, "-") == 0)
conf.fd = '-';
else if (strspn(optarg, "0123456789") == strlen(optarg)) {
conf.fd = strtonum(optarg, 0, INT_MAX, &errstr);
if (errstr != NULL)
errx(EX_USAGE, "'-h' expects a "
"file descriptor or '-'");
} else
errx(EX_USAGE, "'-h' expects a file "
"descriptor or '-'");
break;
case 'o':
conf.checkduplicate = false;
break;
case 'q':
conf.quiet = true;
break;
case 'r':
conf.deletehome = true;
break;
default:
addarg(&arglist, ch, optarg);
break;
}
optarg = NULL;
}
if (name != NULL && strlen(name) >= MAXLOGNAME)
errx(EX_USAGE, "name too long: %s", name);
/*
* Must be root to attempt an update
*/
if (geteuid() != 0 && mode != M_PRINT && mode != M_NEXT && !conf.dryrun)
errx(EX_NOPERM, "you must be root to run this program");
/*
* We should immediately look for the -q 'quiet' switch so that we
* don't bother with extraneous errors
*/
if (conf.quiet)
freopen(_PATH_DEVNULL, "w", stderr);
/*
* Set our base working path if not overridden
*/
if (config == NULL) { /* Only override config location if -C not specified */
asprintf(&config, "%s/pw.conf", conf.etcpath);
if (config == NULL)
errx(EX_OSERR, "out of memory");
}
/*
* Now, let's do the common initialisation
*/
conf.userconf = read_userconfig(config);
ch = funcs[which] (mode, name, id, &arglist);
/*
* If everything went ok, and we've been asked to update
* the NIS maps, then do it now
*/
if (ch == EXIT_SUCCESS && nis) {
pid_t pid;
fflush(NULL);
if (chdir(_PATH_YP) == -1)
warn("chdir(" _PATH_YP ")");
else if ((pid = fork()) == -1)
warn("fork()");
else if (pid == 0) {
/* Is make anywhere else? */
execlp("/usr/bin/make", "make", (char *)NULL);
_exit(1);
} else {
int i;
waitpid(pid, &i, 0);
if ((i = WEXITSTATUS(i)) != 0)
errx(ch, "make exited with status %d", i);
else
pw_log(conf.userconf, mode, which, "NIS maps updated");
}
}
return ch;
return (cmdfunc[which][mode](argc, argv, arg1));
}
static int
getindex(const char *words[], const char *word)
{
int i = 0;
int i = 0;
while (words[i]) {
if (strcmp(words[i], word) == 0)
return i;
return (i);
i++;
}
return -1;
return (-1);
}
@ -456,7 +256,7 @@ cmdhelp(int mode, int which)
" Setting defaults:\n"
"\t-V etcdir alternate /etc location\n"
"\t-R rootir alternate root directory\n"
"\t-D set user defaults\n"
"\t-D set user defaults\n"
"\t-b dir default home root dir\n"
"\t-e period default expiry period\n"
"\t-p period default password change period\n"
@ -476,6 +276,7 @@ cmdhelp(int mode, int which)
"\t-n name login name\n"
"\t-u uid user id\n"
"\t-Y update NIS maps\n"
"\t-y path set NIS passwd file path\n"
"\t-r remove home & contents\n",
"usage: pw usermod [uid|name] [switches]\n"
"\t-V etcdir alternate /etc location\n"
@ -500,6 +301,7 @@ cmdhelp(int mode, int which)
"\t-h fd read password on fd\n"
"\t-H fd read encrypted password on fd\n"
"\t-Y update NIS maps\n"
"\t-y path set NIS passwd file path\n"
"\t-N no update\n",
"usage: pw usershow [uid|name] [switches]\n"
"\t-V etcdir alternate /etc location\n"
@ -576,31 +378,3 @@ cmdhelp(int mode, int which)
}
exit(EXIT_FAILURE);
}
struct carg *
getarg(struct cargs * _args, int ch)
{
struct carg *c;
if (_args == NULL)
return (NULL);
c = LIST_FIRST(_args);
while (c != NULL && c->ch != ch)
c = LIST_NEXT(c, list);
return c;
}
struct carg *
addarg(struct cargs * _args, int ch, char *argstr)
{
struct carg *ca = malloc(sizeof(struct carg));
if (ca == NULL)
errx(EX_OSERR, "out of memory");
ca->ch = ch;
ca->val = argstr;
LIST_INSERT_HEAD(_args, ca, list);
return ca;
}

28
usr.sbin/pw/pw.h
View File

@ -78,21 +78,41 @@ LIST_HEAD(cargs, carg);
#define _UC_MAXLINE 1024
#define _UC_MAXSHELLS 32
struct userconf *get_userconfig(const char *cfg);
struct userconf *read_userconfig(char const * file);
int write_userconfig(char const * file);
int write_userconfig(struct userconf *cnf, char const * file);
struct carg *addarg(struct cargs * _args, int ch, char *argstr);
struct carg *getarg(struct cargs * _args, int ch);
int pw_user(int mode, char *name, long id, struct cargs * _args);
int pw_usernext(struct userconf *cnf, bool quiet);
int pw_group(int mode, char *name, long id, struct cargs * _args);
int pw_group_add(int argc, char **argv, char *name);
int pw_group_del(int argc, char **argv, char *name);
int pw_group_mod(int argc, char **argv, char *name);
int pw_group_next(int argc, char **argv, char *name);
int pw_group_show(int argc, char **argv, char *name);
int pw_user_add(int argc, char **argv, char *name);
int pw_user_add(int argc, char **argv, char *name);
int pw_user_add(int argc, char **argv, char *name);
int pw_user_add(int argc, char **argv, char *name);
int pw_user_del(int argc, char **argv, char *name);
int pw_user_lock(int argc, char **argv, char *name);
int pw_user_mod(int argc, char **argv, char *name);
int pw_user_next(int argc, char **argv, char *name);
int pw_user_show(int argc, char **argv, char *name);
int pw_user_unlock(int argc, char **argv, char *name);
int pw_groupnext(struct userconf *cnf, bool quiet);
char *pw_checkname(char *name, int gecos);
uintmax_t pw_checkid(char *nptr, uintmax_t maxval);
int pw_checkfd(char *nptr);
int addnispwent(const char *path, struct passwd *pwd);
int delnispwent(const char *path, const char *login);
int chgnispwent(const char *path, const char *login, struct passwd *pwd);
int groupadd(struct userconf *, char *name, gid_t id, char *members, int fd,
bool dryrun, bool pretty, bool precrypted);
int nis_update(void);
int boolean_val(char const * str, int dflt);
char const *boolean_str(int val);
char *newstr(char const * p);

61
usr.sbin/pw/pw_conf.c
View File

@ -235,9 +235,6 @@ read_userconfig(char const * file)
buf = NULL;
linecap = 0;
config.groups = sl_init();
if (config.groups == NULL)
err(1, "sl_init()");
if (file == NULL)
file = _PATH_PW_CONF;
@ -316,8 +313,11 @@ read_userconfig(char const * file)
? NULL : newstr(q);
break;
case _UC_EXTRAGROUPS:
for (i = 0; q != NULL; q = strtok(NULL, toks))
for (i = 0; q != NULL; q = strtok(NULL, toks)) {
if (config.groups == NULL)
config.groups = sl_init();
sl_add(config.groups, newstr(q));
}
break;
case _UC_DEFAULTCLASS:
config.default_class = (q == NULL || !boolean_val(q, 1))
@ -391,7 +391,7 @@ read_userconfig(char const * file)
int
write_userconfig(char const * file)
write_userconfig(struct userconf *cnf, const char *file)
{
int fd;
int i, j;
@ -416,40 +416,39 @@ write_userconfig(char const * file)
sbuf_clear(buf);
switch (i) {
case _UC_DEFAULTPWD:
sbuf_cat(buf, boolean_str(config.default_password));
sbuf_cat(buf, boolean_str(cnf->default_password));
break;
case _UC_REUSEUID:
sbuf_cat(buf, boolean_str(config.reuse_uids));
sbuf_cat(buf, boolean_str(cnf->reuse_uids));
break;
case _UC_REUSEGID:
sbuf_cat(buf, boolean_str(config.reuse_gids));
sbuf_cat(buf, boolean_str(cnf->reuse_gids));
break;
case _UC_NISPASSWD:
sbuf_cat(buf, config.nispasswd ? config.nispasswd :
"");
sbuf_cat(buf, cnf->nispasswd ? cnf->nispasswd : "");
quote = 0;
break;
case _UC_DOTDIR:
sbuf_cat(buf, config.dotdir ? config.dotdir :
sbuf_cat(buf, cnf->dotdir ? cnf->dotdir :
boolean_str(0));
break;
case _UC_NEWMAIL:
sbuf_cat(buf, config.newmail ? config.newmail :
sbuf_cat(buf, cnf->newmail ? cnf->newmail :
boolean_str(0));
break;
case _UC_LOGFILE:
sbuf_cat(buf, config.logfile ? config.logfile :
sbuf_cat(buf, cnf->logfile ? cnf->logfile :
boolean_str(0));
break;
case _UC_HOMEROOT:
sbuf_cat(buf, config.home);
sbuf_cat(buf, cnf->home);
break;
case _UC_HOMEMODE:
sbuf_printf(buf, "%04o", config.homemode);
sbuf_printf(buf, "%04o", cnf->homemode);
quote = 0;
break;
case _UC_SHELLPATH:
sbuf_cat(buf, config.shelldir);
sbuf_cat(buf, cnf->shelldir);
break;
case _UC_SHELLS:
for (j = 0; j < _UC_MAXSHELLS &&
@ -459,46 +458,46 @@ write_userconfig(char const * file)
quote = 0;
break;
case _UC_DEFAULTSHELL:
sbuf_cat(buf, config.shell_default ?
config.shell_default : bourne_shell);
sbuf_cat(buf, cnf->shell_default ?
cnf->shell_default : bourne_shell);
break;
case _UC_DEFAULTGROUP:
sbuf_cat(buf, config.default_group ?
config.default_group : "");
sbuf_cat(buf, cnf->default_group ?
cnf->default_group : "");
break;
case _UC_EXTRAGROUPS:
for (j = 0; config.groups != NULL &&
j < (int)config.groups->sl_cur; j++)
for (j = 0; cnf->groups != NULL &&
j < (int)cnf->groups->sl_cur; j++)
sbuf_printf(buf, "%s\"%s\"", j ?
"," : "", config.groups->sl_str[j]);
"," : "", cnf->groups->sl_str[j]);
quote = 0;
break;
case _UC_DEFAULTCLASS:
sbuf_cat(buf, config.default_class ?
config.default_class : "");
sbuf_cat(buf, cnf->default_class ?
cnf->default_class : "");
break;
case _UC_MINUID:
sbuf_printf(buf, "%ju", (uintmax_t)config.min_uid);
sbuf_printf(buf, "%ju", (uintmax_t)cnf->min_uid);
quote = 0;
break;
case _UC_MAXUID:
sbuf_printf(buf, "%ju", (uintmax_t)config.max_uid);
sbuf_printf(buf, "%ju", (uintmax_t)cnf->max_uid);
quote = 0;
break;
case _UC_MINGID:
sbuf_printf(buf, "%ju", (uintmax_t)config.min_gid);
sbuf_printf(buf, "%ju", (uintmax_t)cnf->min_gid);
quote = 0;
break;
case _UC_MAXGID:
sbuf_printf(buf, "%ju", (uintmax_t)config.max_gid);
sbuf_printf(buf, "%ju", (uintmax_t)cnf->max_gid);
quote = 0;
break;
case _UC_EXPIRE:
sbuf_printf(buf, "%d", config.expire_days);
sbuf_printf(buf, "%ld", cnf->expire_days);
quote = 0;
break;
case _UC_PASSWORD:
sbuf_printf(buf, "%d", config.password_days);
sbuf_printf(buf, "%ld", cnf->password_days);
quote = 0;
break;
case _UC_NONE:

769
usr.sbin/pw/pw_group.c
View File

@ -31,47 +31,50 @@ static const char rcsid[] =
#include <ctype.h>
#include <err.h>
#include <inttypes.h>
#include <termios.h>
#include <stdbool.h>
#include <unistd.h>
#include <grp.h>
#include <inttypes.h>
#include <libutil.h>
#include <paths.h>
#include <stdbool.h>
#include <termios.h>
#include <unistd.h>
#include "pw.h"
#include "bitmap.h"
static struct passwd *lookup_pwent(const char *user);
static void delete_members(struct group *grp, char *list);
static int print_group(struct group * grp);
static gid_t gr_gidpolicy(struct userconf * cnf, long id);
static int print_group(struct group * grp, bool pretty);
static gid_t gr_gidpolicy(struct userconf * cnf, intmax_t id);
static void
set_passwd(struct group *grp, bool update)
grp_set_passwd(struct group *grp, bool update, int fd, bool precrypted)
{
int b;
int istty;
struct termios t, n;
char *p, line[256];
if (conf.fd == '-') {
if (fd == -1)
return;
if (fd == '-') {
grp->gr_passwd = "*"; /* No access */
return;
}
if ((istty = isatty(conf.fd))) {
if ((istty = isatty(fd))) {
n = t;
/* Disable echo */
n.c_lflag &= ~(ECHO);
tcsetattr(conf.fd, TCSANOW, &n);
tcsetattr(fd, TCSANOW, &n);
printf("%sassword for group %s:", update ? "New p" : "P",
grp->gr_name);
fflush(stdout);
}
b = read(conf.fd, line, sizeof(line) - 1);
b = read(fd, line, sizeof(line) - 1);
if (istty) { /* Restore state */
tcsetattr(conf.fd, TCSANOW, &t);
tcsetattr(fd, TCSANOW, &t);
fputc('\n', stdout);
fflush(stdout);
}
@ -83,7 +86,7 @@ set_passwd(struct group *grp, bool update)
if (!*line)
errx(EX_DATAERR, "empty password read on file descriptor %d",
conf.fd);
if (conf.precrypted) {
if (precrypted) {
if (strchr(line, ':') != 0)
errx(EX_DATAERR, "wrong encrypted passwrd");
grp->gr_passwd = line;
@ -103,193 +106,24 @@ pw_groupnext(struct userconf *cnf, bool quiet)
return (EXIT_SUCCESS);
}
static int
pw_groupshow(const char *name, long id, struct group *fakegroup)
static struct group *
getgroup(char *name, intmax_t id, bool fatal)
{
struct group *grp = NULL;
if (id < 0 && name == NULL && !conf.all)
errx(EX_DATAERR, "groupname or id or '-a' required");
if (conf.all) {
SETGRENT();
while ((grp = GETGRENT()) != NULL)
print_group(grp);
ENDGRENT();
return (EXIT_SUCCESS);
}
grp = (name != NULL) ? GETGRNAM(name) : GETGRGID(id);
if (grp == NULL) {
if (conf.force) {
grp = fakegroup;
} else {
if (name == NULL)
errx(EX_DATAERR, "unknown gid `%ld'", id);
errx(EX_DATAERR, "unknown group `%s'", name);
}
}
return (print_group(grp));
}
static int
pw_groupdel(const char *name, long id)
{
struct group *grp = NULL;
int rc;
grp = (name != NULL) ? GETGRNAM(name) : GETGRGID(id);
if (grp == NULL) {
if (name == NULL)
errx(EX_DATAERR, "unknown gid `%ld'", id);
errx(EX_DATAERR, "unknown group `%s'", name);
}
rc = delgrent(grp);
if (rc == -1)
err(EX_IOERR, "group '%s' not available (NIS?)", name);
else if (rc != 0)
err(EX_IOERR, "group update");
pw_log(conf.userconf, M_DELETE, W_GROUP, "%s(%ld) removed", name, id);
return (EXIT_SUCCESS);
}
int
pw_group(int mode, char *name, long id, struct cargs * args)
{
int rc;
struct carg *arg;
struct group *grp = NULL;
struct userconf *cnf = conf.userconf;
static struct group fakegroup =
{
"nogroup",
"*",
-1,
NULL
};
if (mode == M_NEXT)
return (pw_groupnext(cnf, conf.quiet));
if (mode == M_PRINT)
return (pw_groupshow(name, id, &fakegroup));
if (mode == M_DELETE)
return (pw_groupdel(name, id));
if (mode == M_LOCK || mode == M_UNLOCK)
errx(EX_USAGE, "'lock' command is not available for groups");
struct group *grp;
if (id < 0 && name == NULL)
errx(EX_DATAERR, "group name or id required");
errx(EX_DATAERR, "groupname or id required");
grp = (name != NULL) ? GETGRNAM(name) : GETGRGID(id);
if (mode == M_UPDATE) {
if (name == NULL && grp == NULL) /* Try harder */
grp = GETGRGID(id);
if (grp == NULL) {
if (name == NULL)
errx(EX_DATAERR, "unknown group `%s'", name);
else
errx(EX_DATAERR, "unknown group `%ld'", id);
}
if (name == NULL) /* Needed later */
name = grp->gr_name;
if (id > 0)
grp->gr_gid = (gid_t) id;
if (conf.newname != NULL)
grp->gr_name = pw_checkname(conf.newname, 0);
} else {
if (name == NULL) /* Required */
errx(EX_DATAERR, "group name required");
else if (grp != NULL) /* Exists */
errx(EX_DATAERR, "group name `%s' already exists", name);
grp = &fakegroup;
grp->gr_name = pw_checkname(name, 0);
grp->gr_passwd = "*";
grp->gr_gid = gr_gidpolicy(cnf, id);
grp->gr_mem = NULL;
if (grp == NULL) {
if (!fatal)
return (NULL);
if (name == NULL)
errx(EX_DATAERR, "unknown gid `%ju'", id);
errx(EX_DATAERR, "unknown group `%s'", name);
}
/*
* This allows us to set a group password Group passwords is an
* antique idea, rarely used and insecure (no secure database) Should
* be discouraged, but it is apparently still supported by some
* software.
*/
if (conf.which == W_GROUP && conf.fd != -1)
set_passwd(grp, mode == M_UPDATE);
if (((arg = getarg(args, 'M')) != NULL ||
(arg = getarg(args, 'd')) != NULL ||
(arg = getarg(args, 'm')) != NULL) && arg->val) {
char *p;
struct passwd *pwd;
/* Make sure this is not stay NULL with -M "" */
if (arg->ch == 'd')
delete_members(grp, arg->val);
else if (arg->ch == 'M')
grp->gr_mem = NULL;
for (p = strtok(arg->val, ", \t"); arg->ch != 'd' && p != NULL;
p = strtok(NULL, ", \t")) {
int j;
/*
* Check for duplicates
*/
pwd = lookup_pwent(p);
for (j = 0; grp->gr_mem != NULL && grp->gr_mem[j] != NULL; j++) {
if (strcmp(grp->gr_mem[j], pwd->pw_name) == 0)
break;
}
if (grp->gr_mem != NULL && grp->gr_mem[j] != NULL)
continue;
grp = gr_add(grp, pwd->pw_name);
}
}
if (conf.dryrun)
return print_group(grp);
if (mode == M_ADD && (rc = addgrent(grp)) != 0) {
if (rc == -1)
errx(EX_IOERR, "group '%s' already exists",
grp->gr_name);
else
err(EX_IOERR, "group update");
} else if (mode == M_UPDATE && (rc = chggrent(name, grp)) != 0) {
if (rc == -1)
errx(EX_IOERR, "group '%s' not available (NIS?)",
grp->gr_name);
else
err(EX_IOERR, "group update");
}
if (conf.newname != NULL)
name = conf.newname;
/* grp may have been invalidated */
if ((grp = GETGRNAM(name)) == NULL)
errx(EX_SOFTWARE, "group disappeared during update");
pw_log(cnf, mode, W_GROUP, "%s(%ju)", grp->gr_name, (uintmax_t)grp->gr_gid);
return EXIT_SUCCESS;
return (grp);
}
/*
* Lookup a passwd entry using a name or UID.
*/
@ -332,11 +166,11 @@ delete_members(struct group *grp, char *list)
}
}
static gid_t
gr_gidpolicy(struct userconf * cnf, long id)
static gid_t
gr_gidpolicy(struct userconf * cnf, intmax_t id)
{
struct group *grp;
struct bitmap bm;
gid_t gid = (gid_t) - 1;
/*
@ -347,66 +181,59 @@ gr_gidpolicy(struct userconf * cnf, long id)
if ((grp = GETGRGID(gid)) != NULL && conf.checkduplicate)
errx(EX_DATAERR, "gid `%ju' has already been allocated", (uintmax_t)grp->gr_gid);
} else {
struct bitmap bm;
/*
* We need to allocate the next available gid under one of
* two policies a) Grab the first unused gid b) Grab the
* highest possible unused gid
*/
if (cnf->min_gid >= cnf->max_gid) { /* Sanity claus^H^H^H^Hheck */
cnf->min_gid = 1000;
cnf->max_gid = 32000;
}
bm = bm_alloc(cnf->max_gid - cnf->min_gid + 1);
/*
* Now, let's fill the bitmap from the password file
*/
SETGRENT();
while ((grp = GETGRENT()) != NULL)
if ((gid_t)grp->gr_gid >= (gid_t)cnf->min_gid &&
(gid_t)grp->gr_gid <= (gid_t)cnf->max_gid)
bm_setbit(&bm, grp->gr_gid - cnf->min_gid);
ENDGRENT();
/*
* Then apply the policy, with fallback to reuse if necessary
*/
if (cnf->reuse_gids)
gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid);
else {
gid = (gid_t) (bm_lastset(&bm) + 1);
if (!bm_isset(&bm, gid))
gid += cnf->min_gid;
else
gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid);
}
/*
* Another sanity check
*/
if (gid < cnf->min_gid || gid > cnf->max_gid)
errx(EX_SOFTWARE, "unable to allocate a new gid - range fully used");
bm_dealloc(&bm);
return (gid);
}
return gid;
/*
* We need to allocate the next available gid under one of
* two policies a) Grab the first unused gid b) Grab the
* highest possible unused gid
*/
if (cnf->min_gid >= cnf->max_gid) { /* Sanity claus^H^H^H^Hheck */
cnf->min_gid = 1000;
cnf->max_gid = 32000;
}
bm = bm_alloc(cnf->max_gid - cnf->min_gid + 1);
/*
* Now, let's fill the bitmap from the password file
*/
SETGRENT();
while ((grp = GETGRENT()) != NULL)
if ((gid_t)grp->gr_gid >= (gid_t)cnf->min_gid &&
(gid_t)grp->gr_gid <= (gid_t)cnf->max_gid)
bm_setbit(&bm, grp->gr_gid - cnf->min_gid);
ENDGRENT();
/*
* Then apply the policy, with fallback to reuse if necessary
*/
if (cnf->reuse_gids)
gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid);
else {
gid = (gid_t) (bm_lastset(&bm) + 1);
if (!bm_isset(&bm, gid))
gid += cnf->min_gid;
else
gid = (gid_t) (bm_firstunset(&bm) + cnf->min_gid);
}
/*
* Another sanity check
*/
if (gid < cnf->min_gid || gid > cnf->max_gid)
errx(EX_SOFTWARE, "unable to allocate a new gid - range fully used");
bm_dealloc(&bm);
return (gid);
}
static int
print_group(struct group * grp)
print_group(struct group * grp, bool pretty)
{
if (!conf.pretty) {
char *buf = NULL;
buf = gr_make(grp);
printf("%s\n", buf);
free(buf);
} else {
int i;
char *buf = NULL;
int i;
if (pretty) {
printf("Group Name: %-15s #%lu\n"
" Members: ",
grp->gr_name, (long) grp->gr_gid);
@ -415,6 +242,444 @@ print_group(struct group * grp)
printf("%s%s", i ? "," : "", grp->gr_mem[i]);
}
fputs("\n\n", stdout);
return (EXIT_SUCCESS);
}
return EXIT_SUCCESS;
buf = gr_make(grp);
printf("%s\n", buf);
free(buf);
return (EXIT_SUCCESS);
}
int
pw_group_next(int argc, char **argv, char *arg1 __unused)
{
struct userconf *cnf;
const char *cfg = NULL;
int ch;
bool quiet;
while ((ch = getopt(argc, argv, "Cq")) != -1) {
switch (ch) {
case 'C':
cfg = optarg;
break;
case 'q':
quiet = true;
break;
}
}
if (quiet)
freopen(_PATH_DEVNULL, "w", stderr);
cnf = get_userconfig(cfg);
return (pw_groupnext(cnf, quiet));
}
int
pw_group_show(int argc, char **argv, char *arg1)
{
struct group *grp = NULL;
char *name;
intmax_t id = -1;
int ch;
bool all, force, quiet, pretty;
all = force = quiet = pretty = false;
struct group fakegroup = {
"nogroup",
"*",
-1,
NULL
};
if (arg1 != NULL) {
if (strspn(arg1, "0123456789") == strlen(arg1))
id = pw_checkid(arg1, GID_MAX);
else
name = arg1;
}
while ((ch = getopt(argc, argv, "C:qn:g:FPa")) != -1) {
switch (ch) {
case 'C':
/* ignore compatibility */
break;
case 'q':
quiet = true;
break;
case 'n':
name = optarg;
break;
case 'g':
id = pw_checkid(optarg, GID_MAX);
break;
case 'F':
force = true;
break;
case 'P':
pretty = true;
break;
case 'a':
all = true;
break;
}
}
if (quiet)
freopen(_PATH_DEVNULL, "w", stderr);
if (all) {
SETGRENT();
while ((grp = GETGRENT()) != NULL)
print_group(grp, pretty);
ENDGRENT();
return (EXIT_SUCCESS);
}
grp = getgroup(name, id, !force);
if (grp == NULL)
grp = &fakegroup;
return (print_group(grp, pretty));
}
int
pw_group_del(int argc, char **argv, char *arg1)
{
struct userconf *cnf = NULL;
struct group *grp = NULL;
char *name;
const char *cfg = NULL;
intmax_t id = -1;
int ch, rc;
bool quiet = false;
bool nis = false;
if (arg1 != NULL) {
if (strspn(arg1, "0123456789") == strlen(arg1))
id = pw_checkid(arg1, GID_MAX);
else
name = arg1;
}
while ((ch = getopt(argc, argv, "C:qn:g:Y")) != -1) {
switch (ch) {
case 'C':
cfg = optarg;
break;
case 'q':
quiet = true;
break;
case 'n':
name = optarg;
break;
case 'g':
id = pw_checkid(optarg, GID_MAX);
break;
case 'Y':
nis = true;
break;
}
}
if (quiet)
freopen(_PATH_DEVNULL, "w", stderr);
grp = getgroup(name, id, true);
cnf = get_userconfig(cfg);
rc = delgrent(grp);
if (rc == -1)
err(EX_IOERR, "group '%s' not available (NIS?)", name);
else if (rc != 0)
err(EX_IOERR, "group update");
pw_log(cnf, M_DELETE, W_GROUP, "%s(%ju) removed", name,
(uintmax_t)id);
if (nis && nis_update() == 0)
pw_log(cnf, M_DELETE, W_GROUP, "NIS maps updated");
return (EXIT_SUCCESS);
}
static bool
grp_has_member(struct group *grp, const char *name)
{
int j;
for (j = 0; grp->gr_mem != NULL && grp->gr_mem[j] != NULL; j++)
if (strcmp(grp->gr_mem[j], name) == 0)
return (true);
return (false);
}
static void
grp_add_members(struct group **grp, char *members)
{
struct passwd *pwd;
char *p;
char tok[] = ", \t";
if (members == NULL)
return;
for (p = strtok(members, tok); p != NULL; p = strtok(NULL, tok)) {
pwd = lookup_pwent(p);
if (grp_has_member(*grp, pwd->pw_name))
continue;
*grp = gr_add(*grp, pwd->pw_name);
}
}
int
groupadd(struct userconf *cnf, char *name, gid_t id, char *members, int fd,
bool dryrun, bool pretty, bool precrypted)
{
struct group *grp;
int rc;
struct group fakegroup = {
"nogroup",
"*",
-1,
NULL
};
grp = &fakegroup;
grp->gr_name = pw_checkname(name, 0);
grp->gr_passwd = "*";
grp->gr_gid = gr_gidpolicy(cnf, id);
grp->gr_mem = NULL;
/*
* This allows us to set a group password Group passwords is an
* antique idea, rarely used and insecure (no secure database) Should
* be discouraged, but it is apparently still supported by some
* software.
*/
grp_set_passwd(grp, false, fd, precrypted);
grp_add_members(&grp, members);
if (dryrun)
return (print_group(grp, pretty));
if ((rc = addgrent(grp)) != 0) {
if (rc == -1)
errx(EX_IOERR, "group '%s' already exists",
grp->gr_name);
else
err(EX_IOERR, "group update");
}
pw_log(cnf, M_ADD, W_GROUP, "%s(%ju)", grp->gr_name,
(uintmax_t)grp->gr_gid);
return (EXIT_SUCCESS);
}
int
pw_group_add(int argc, char **argv, char *arg1)
{
struct userconf *cnf = NULL;
char *name = NULL;
char *members = NULL;
const char *cfg = NULL;
intmax_t id = -1;
int ch, rc, fd = -1;
bool quiet, precrypted, dryrun, pretty, nis;
quiet = precrypted = dryrun = pretty = nis = false;
if (arg1 != NULL) {
if (strspn(arg1, "0123456789") == strlen(arg1))
id = pw_checkid(arg1, GID_MAX);
else
name = arg1;
}
while ((ch = getopt(argc, argv, "C:qn:g:h:H:M:oNPY")) != -1) {
switch (ch) {
case 'C':
cfg = optarg;
break;
case 'q':
quiet = true;
break;
case 'n':
name = optarg;
break;
case 'g':
id = pw_checkid(optarg, GID_MAX);
break;
case 'H':
if (fd != -1)
errx(EX_USAGE, "'-h' and '-H' are mutually "
"exclusive options");
fd = pw_checkfd(optarg);
precrypted = true;
if (fd == '-')
errx(EX_USAGE, "-H expects a file descriptor");
break;
case 'h':
if (fd != -1)
errx(EX_USAGE, "'-h' and '-H' are mutually "
"exclusive options");
fd = pw_checkfd(optarg);
break;
case 'M':
members = optarg;
break;
case 'o':
conf.checkduplicate = false;
break;
case 'N':
dryrun = true;
break;
case 'P':
pretty = true;
break;
case 'Y':
nis = true;
break;
}
}
if (quiet)
freopen(_PATH_DEVNULL, "w", stderr);
if (name == NULL)
errx(EX_DATAERR, "group name required");
cnf = get_userconfig(cfg);
rc = groupadd(cnf, name, gr_gidpolicy(cnf, id), members, fd, dryrun,
pretty, precrypted);
if (nis && rc == EXIT_SUCCESS && nis_update() == 0)
pw_log(cnf, M_ADD, W_GROUP, "NIS maps updated");
return (rc);
}
int
pw_group_mod(int argc, char **argv, char *arg1)
{
struct userconf *cnf;
struct group *grp = NULL;
const char *cfg = NULL;
char *oldmembers = NULL;
char *members = NULL;
char *newmembers = NULL;
char *newname = NULL;
char *name = NULL;
intmax_t id = -1;
int ch, rc, fd = -1;
bool quiet, pretty, dryrun, nis, precrypted;
quiet = pretty = dryrun = nis = precrypted = false;
if (arg1 != NULL) {
if (strspn(arg1, "0123456789") == strlen(arg1))
id = pw_checkid(arg1, GID_MAX);
else
name = arg1;
}
while ((ch = getopt(argc, argv, "C:qn:d:g:l:h:H:M:m:NPY")) != -1) {
switch (ch) {
case 'C':
cfg = optarg;
break;
case 'q':
quiet = true;
break;
case 'n':
name = optarg;
break;
case 'g':
id = pw_checkid(optarg, GID_MAX);
break;
case 'd':
oldmembers = optarg;
break;
case 'l':
newname = optarg;
break;
case 'H':
if (fd != -1)
errx(EX_USAGE, "'-h' and '-H' are mutually "
"exclusive options");
fd = pw_checkfd(optarg);
precrypted = true;
if (fd == '-')
errx(EX_USAGE, "-H expects a file descriptor");
break;
case 'h':
if (fd != -1)
errx(EX_USAGE, "'-h' and '-H' are mutually "
"exclusive options");
fd = pw_checkfd(optarg);
break;
case 'M':
members = optarg;
break;
case 'm':
newmembers = optarg;
break;
case 'N':
dryrun = true;
break;
case 'P':
pretty = true;
break;
case 'Y':
nis = true;
break;
}
}
if (quiet)
freopen(_PATH_DEVNULL, "w", stderr);
cnf = get_userconfig(cfg);
grp = getgroup(name, id, true);
if (name == NULL)
name = grp->gr_name;
if (id > 0)
grp->gr_gid = id;
if (newname != NULL)
grp->gr_name = pw_checkname(newname, 0);
grp_set_passwd(grp, true, fd, precrypted);
/*
* Keep the same logic as old code for now:
* if -M is passed, -d and -m are ignored
* then id -d, -m is ignored
* last is -m
*/
if (members) {
grp->gr_mem = NULL;
grp_add_members(&grp, members);
} else if (oldmembers) {
delete_members(grp, oldmembers);
} else if (newmembers) {
grp_add_members(&grp, newmembers);
}
if ((rc = chggrent(name, grp)) != 0) {
if (rc == -1)
errx(EX_IOERR, "group '%s' not available (NIS?)",
grp->gr_name);
else
err(EX_IOERR, "group update");
}
if (newname)
name = newname;
/* grp may have been invalidated */
if ((grp = GETGRNAM(name)) == NULL)
errx(EX_SOFTWARE, "group disappeared during update");
pw_log(cnf, M_UPDATE, W_GROUP, "%s(%ju)", grp->gr_name,
(uintmax_t)grp->gr_gid);
if (nis && nis_update() == 0)
pw_log(cnf, M_UPDATE, W_GROUP, "NIS maps updated");
return (EXIT_SUCCESS);
}

1
usr.sbin/pw/pw_nis.c
View File

@ -43,6 +43,7 @@ pw_nisupdate(const char * path, struct passwd * pwd, char const * user)
struct passwd *pw = NULL;
struct passwd *old_pw = NULL;
printf("===> %s\n", path);
if (pwd != NULL)
pw = pw_dup(pwd);

2183
usr.sbin/pw/pw_user.c
View File

File diff suppressed because it is too large Load Diff

97
usr.sbin/pw/pw_utils.c Normal file
View File

@ -0,0 +1,97 @@
/*-
* Copyright (C) 2015 Baptiste Daroussin <bapt@FreeBSD.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer
* in this position and unchanged.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/types.h>
#include <sys/wait.h>
#include <err.h>
#include <inttypes.h>
#include <sysexits.h>
#include <limits.h>
#include <stdlib.h>
#include "pw.h"
int
pw_checkfd(char *nptr)
{
const char *errstr;
int fd = -1;
if (strcmp(nptr, "-") == 0)
return '-';
fd = strtonum(nptr, 0, INT_MAX, &errstr);
if (errstr != NULL)
errx(EX_USAGE, "Bad file descriptor '%s': %s",
nptr, errstr);
return (fd);
}
uintmax_t
pw_checkid(char *nptr, uintmax_t maxval)
{
const char *errstr = NULL;
uintmax_t id;
id = strtounum(nptr, 0, maxval, &errstr);
if (errstr)
errx(EX_USAGE, "Bad id '%s': %s", nptr, errstr);
return (id);
}
struct userconf *
get_userconfig(const char *config)
{
char defaultcfg[MAXPATHLEN];
if (config != NULL)
return (read_userconfig(config));
snprintf(defaultcfg, sizeof(defaultcfg), "%s/pw.conf", conf.etcpath);
return (read_userconfig(defaultcfg));
}
int
nis_update(void) {
pid_t pid;
int i;
fflush(NULL);
if ((pid = fork()) == -1) {
warn("fork()");
return (1);
}
if (pid == 0) {
execlp("/usr/bin/make", "make", "-C", "/var/yp/", (char*) NULL);
_exit(1);
}
waitpid(pid, &i, 0);
if ((i = WEXITSTATUS(i)) != 0)
errx(i, "make exited with status %d", i);
return (i);
}

17
usr.sbin/pw/pwupd.h
View File

@ -76,29 +76,16 @@ struct userconf {
char *default_class; /* Default user class */
uid_t min_uid, max_uid; /* Allowed range of uids */
gid_t min_gid, max_gid; /* Allowed range of gids */
int expire_days; /* Days to expiry */
int password_days; /* Days to password expiry */
time_t expire_days; /* Days to expiry */
time_t password_days; /* Days to password expiry */
};
struct pwconf {
char rootdir[MAXPATHLEN];
char etcpath[MAXPATHLEN];
char *newname;
char *config;
char *gecos;
int fd;
int rootfd;
int which;
bool quiet;
bool force;
bool all;
bool dryrun;
bool pretty;
bool v7;
bool checkduplicate;
bool deletehome;
bool precrypted;
struct userconf *userconf;
};
extern struct pwf PWF;

2
usr.sbin/pw/strtounum.c
View File

@ -1,5 +1,5 @@
/*-
* Copyright (C) Baptiste Daroussin <bapt@FreeBSD.org>
* Copyright (C) 2015 Baptiste Daroussin <bapt@FreeBSD.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without

2
usr.sbin/pw/tests/pw_groupdel.sh
View File

@ -13,7 +13,7 @@ group_do_not_delete_wheel_if_group_unknown_head() {
group_do_not_delete_wheel_if_group_unknown_body() {
populate_etc_skel
atf_check -s exit:0 -o inline:"wheel:*:0:root\n" -x ${PW} groupshow wheel
atf_check -e inline:"pw: -g expects a number\n" -s exit:64 -x \
atf_check -e inline:"pw: Bad id 'I_do_not_exist': invalid\n" -s exit:64 -x \
${PW} groupdel -g I_do_not_exist
atf_check -s exit:0 -o inline:"wheel:*:0:root\n" -x ${PW} groupshow wheel
}

15
usr.sbin/pw/tests/pw_useradd.sh
View File

@ -250,9 +250,9 @@ user_add_R_body() {
test -d ${HOME}/home/bar || atf_fail "Directory not created"
atf_check -s exit:0 ${RPW} userdel bar
test -d ${HOME}/home/bar || atf_fail "Directory removed"
# atf_check -s exit:0 ${RPW} useradd bar
# atf_check -s exit:0 ${RPW} userdel bar -r
# test -d ${HOME}/home/bar && atf_fail "Directory not removed"
atf_check -s exit:0 ${RPW} useradd bar
atf_check -s exit:0 ${RPW} userdel bar -r
[ ! -d ${HOME}/home/bar ] || atf_fail "Directory not removed"
}
atf_test_case user_add_skel
@ -296,6 +296,14 @@ user_add_uid_too_large_body() {
${PW} useradd -n test1 -u 9999999999999
}
atf_test_case user_add_bad_shell
user_add_bad_shell_body() {
populate_etc_skel
atf_check -s exit:0 ${PW} useradd foo -s sh
atf_check -s exit:78 -e ignore ${PW} useradd bar -s badshell
}
atf_init_test_cases() {
atf_add_test_case user_add
atf_add_test_case user_add_noupdate
@ -321,4 +329,5 @@ atf_init_test_cases() {
atf_add_test_case user_add_skel
atf_add_test_case user_add_uid0
atf_add_test_case user_add_uid_too_large
atf_add_test_case user_add_bad_shell
}

2
usr.sbin/pw/tests/pw_userdel.sh
View File

@ -27,7 +27,7 @@ user_do_not_try_to_delete_root_if_user_unknown_head() {
}
user_do_not_try_to_delete_root_if_user_unknown_body() {
populate_etc_skel
atf_check -e inline:"pw: -u expects a number\n" -s exit:64 -x \
atf_check -e inline:"pw: Bad id 'plop': invalid\n" -s exit:64 -x \
${PW} userdel -u plop
}

49
usr.sbin/pw/tests/pw_usermod.sh
View File

@ -100,6 +100,36 @@ user_mod_name_noupdate_body() {
grep "^foo:.*" $HOME/master.passwd
}
atf_test_case user_mod_rename_multigroups
user_mod_rename_multigroups_body() {
populate_etc_skel
atf_check -s exit:0 ${PW} groupadd test1
atf_check -s exit:0 ${PW} groupadd test2
atf_check -s exit:0 ${PW} useradd foo -G test1,test2
atf_check -o match:"foo" -s exit:0 ${PW} groupshow test1
atf_check -o match:"foo" -s exit:0 ${PW} groupshow test2
atf_check -s exit:0 ${PW} usermod foo -l bar
atf_check -o match:"bar" -s exit:0 ${PW} groupshow test1
atf_check -o match:"bar" -s exit:0 ${PW} groupshow test2
}
atf_test_case user_mod_nogroups
user_mod_nogroups_body() {
populate_etc_skel
atf_check -s exit:0 ${PW} groupadd test1
atf_check -s exit:0 ${PW} groupadd test2
atf_check -s exit:0 ${PW} groupadd test3
atf_check -s exit:0 ${PW} groupadd test4
atf_check -s exit:0 ${PW} useradd foo -G test1,test2
atf_check -o match:"foo" -s exit:0 ${PW} groupshow test1
atf_check -o match:"foo" -s exit:0 ${PW} groupshow test2
atf_check -s exit:0 ${PW} usermod foo -G test3,test4
atf_check -s exit:0 -o inline:"test3\ntest4\n" \
awk -F\: '$4 == "foo" { print $1 }' ${HOME}/group
}
atf_test_case user_mod_rename
user_mod_rename_body() {
populate_etc_skel
@ -134,7 +164,7 @@ user_mod_h_body() {
EOF
atf_check -s exit:0 -o match:"^foo:\*:.*" \
grep "^foo" ${HOME}/master.passwd
atf_check -e inline:"pw: '-h' expects a file descriptor or '-'\n" \
atf_check -e inline:"pw: Bad file descriptor 'a': invalid\n" \
-s exit:64 ${PW} usermod foo -h a <<- EOF
$(echo a)
EOF
@ -150,10 +180,21 @@ user_mod_H_body() {
EOF
atf_check -s exit:0 -o match:"^foo:a:.*" \
grep "^foo" ${HOME}/master.passwd
atf_check -s exit:64 -e inline:"pw: '-H' expects a file descriptor\n" \
atf_check -s exit:64 -e inline:"pw: -H expects a file descriptor\n" \
${PW} usermod foo -H -
}
atf_test_case user_mod_renamehome
user_mod_renamehome_body() {
populate_root_etc_skel
mkdir -p ${HOME}/home
atf_check -s exit:0 ${RPW} useradd foo -m
test -d ${HOME}/home/foo || atf_fail "Directory not created"
atf_check -s exit:0 ${RPW} usermod foo -l bar -d /home/bar -m
test -d ${HOME}/home/bar || atf_fail "Directory not created"
}
atf_init_test_cases() {
atf_add_test_case user_mod
atf_add_test_case user_mod_noupdate
@ -161,10 +202,12 @@ atf_init_test_cases() {
atf_add_test_case user_mod_comments_noupdate
atf_add_test_case user_mod_comments_invalid
atf_add_test_case user_mod_comments_invalid_noupdate
atf_add_test_case user_mod_nogroups
atf_add_test_case user_mod_rename
atf_add_test_case user_mod_name_noupdate
atf_add_test_case user_mod_rename
atf_add_test_case user_mod_rename_too_long
atf_add_test_case user_mod_rename_multigroups
atf_add_test_case user_mod_h
atf_add_test_case user_mod_H
atf_add_test_case user_mod_renamehome
}