Commit Graph

58 Commits

Author SHA1 Message Date
Yaroslav Tykhiy
8335d0edc2 Keep similar things together: Check for too long usernames
inside the function that verifies username validity.
2002-01-28 17:59:09 +00:00
Yaroslav Tykhiy
76ed1f96fd Disallow adding duplicate roots, toors, or other users w/uid 0.
Previously, a truth check instead if defined() check erroneously
allowed that.

PR:		bin/8745
2002-01-28 17:30:12 +00:00
Yaroslav Tykhiy
710e76b063 Implement a flexible way of letting some unusual characters
into usernames: Make the regular expression to check usernames
against configurable.

PR:		bin/22860 bin/31049
Reviewed by:	sheldonh
2002-01-28 17:03:13 +00:00
Yaroslav Tykhiy
743511b28c Remove the newly added -force option because it made adduser(8)
less robust to possible errors of the user/admin while adduser(8)
had been intended to minimize their possibility.
An alternative way of introducing strange symbols into usernames
to be committed really soon.
2002-01-28 16:37:35 +00:00
Ian Dowse
dd24e86e74 Add `-h' to the chown command so that symbolic links copied from
the skeleton directory are chown'd to the new user.

PR:		bin/10601
Submitted by:	Adrian Filipi-Martin <adrian2ubergeeks.com@gosub.cstone.net>
MFC after:	1 month
2002-01-20 17:05:07 +00:00
Yaroslav Tykhiy
2d6a2675b3 Oops, missed one point where $pwd_mkdb had been used.
Now it should be @pwd_mkdb since we moved to Perl's
safe system() not using /bin/sh.
2002-01-04 21:28:32 +00:00
Yaroslav Tykhiy
1b0805da95 Allow weird characters in usernames if an admin persists on that:
a) Convert all the remaining older Perl system() calls to the new,
   more secure LIST format so they are robust to whitespace and
   shell metacharacters in their arguments.
b) Add a new option: -force, which allows adding usernames containing
   characters that are otherwise illegal.

PR:		bin/22860 bin/31049
2002-01-02 18:54:40 +00:00
Yaroslav Tykhiy
9666534916 Be consistent in what restriction is imposed on a username
in the code and what the warning message reads.
2002-01-02 16:19:14 +00:00
Yaroslav Tykhiy
ff1ebf7e7d Forbid adding duplicate users with the name of "0".
Previously, it was possible due to 0 and "0" being
equivalent in Perl.
2002-01-02 15:49:49 +00:00
Dima Dorfman
6680d16d19 Print the correct filename if we fail to open $etc_passwd.
Submitted by:	Brian Poole <raj@cerias.purdue.edu>
2001-09-06 12:21:21 +00:00
Dima Dorfman
e3d0beed03 Pass the username we just made to pwd_mkdb so that the latter doesn't
have to regenerate the entire database.

PR:		25798
Submitted by:	Domas Mituzas <domas.mituzas@delfi.lt>
2001-08-20 01:20:05 +00:00
Dima Dorfman
35904a3be8 Generate a bigger salt. This is necessary for blowfish to work
properly, and doesn't hurt the other algorithms.

PR:		28991
Submitted by:	Yoshihiro Koya <Yoshihiro.Koya@math.yokohama-cu.ac.jp>
2001-07-19 12:00:04 +00:00
Adrian Chadd
aa96491de1 Extend adduser to create "locked" accounts. Adduser can now lock an
account at creation, create accounts with a "*" password (so you can
use alternate authentication schemes without fearing a "default" password
biting you later), and blank passwords.

Yes, adduser could create a blank password account, but this makes it
slightly more difficult to shoot yourself in the foot.

The /etc/adduser.conf entries are:

# use password-based authentication for new users
# defaultusepassword =  "yes" | "no"
defaultusepassword = "yes"

# enable account password at creation
# (the password will be prepended with a star if the account isn't enabled)
# defaultenableaccount = "yes" | "no"
defaultenableaccount = "yes"

# allow blank passwords
# defaultemptypassword = "yes" | "no"
defaultemptypassword = "no"

Requested by: alfred
Reviewed by: alfred
2001-05-02 13:20:12 +00:00
Doug Barton
555dff94cc By popular demand, have adduser preserve comments at the top of the
group file. Because of the way the group sorting works while printing
out the new file it's not possible at this time to restore comments
in other locations, but at least they won't just disappear altogether.
2001-04-17 09:42:07 +00:00
Peter Wemm
97d92980a9 $Id$ -> $FreeBSD$ 1999-08-28 01:35:59 +00:00
Kris Kennaway
dac696d0ca Grammar and spelling fixes
Obtained from:	OpenBSD
1999-06-30 12:49:56 +00:00
Daniel O'Callaghan
47bc1e1873 Print yyyy/mm/dd in /var/log/adduser, instead of yy/mm/dd
Submitted by:	Peter Jeremy <peter.jeremy@alcatel.com.au>
1999-01-15 10:26:59 +00:00
Wolfram Schneider
10e41acac5 Removing -batch option from adduser. Adduser was written as
an *interactive* command for newbies. The pw(8) does now a much better
job for adding users from command line.  Also, the -batch option is
not well tested, buggy and unsupported.
1998-08-17 18:50:29 +00:00
Wolfram Schneider
5b496c24c1 Always ask for homedir.
PR: 6754
Submitted by: uhlar@netlab.sk
1998-06-07 18:38:32 +00:00
Wolfram Schneider
d7f712093f Rename the pwd_mkdb(8) option '-c' to '-C' for better compatiblity
with BSD/OS.
1998-01-10 17:27:28 +00:00
Wolfram Schneider
86e2983aa5 Small bugfix: store $uid_start instead hard coded value 1000
in /etc/adduser.conf.
1997-12-24 11:44:14 +00:00
Wolfram Schneider
142123c17e Do not complain about non existing shell "/nonexistent"
Smarter error check if a uid is already in use.

Submitted by: "Eugene Radchenko" <genie@qsar.chem.msu.su>
1997-09-20 19:59:54 +00:00
Wolfram Schneider
163f94979e Do not accept empty user names. 1997-09-20 18:26:22 +00:00
Wolfram Schneider
956737a7a6 Stop the growing list of shells if /etc/adduser.conf
was updated.
1997-08-26 22:47:51 +00:00
Paul Traina
8a04c9dcc9 Nologin is also a valid 'invalid' shell 1997-07-31 15:25:35 +00:00
Wolfram Schneider
0298e80d89 Delete dead test code. 1997-07-24 17:44:46 +00:00
Wolfram Schneider
2aec92dd66 cp -r' -> cp -R'
Option -r is obsolete and buggy.
1997-07-18 12:05:43 +00:00
Andrey A. Chernov
2105643e74 Change "no" answer to "default" for login class, because "no" class
can exists and "default" class is really equal to empty class.
1997-05-01 23:34:25 +00:00
Andrey A. Chernov
a0c103b58d Allow "no" answer on login class prompt override non-empty
/etc/adduser.conf defaultclass with empty one
1997-05-01 23:23:06 +00:00
Andrey A. Chernov
84dc96f1be 1. Deal with login classes now
2. Turn on send_message by default for security reasons (mailbox
must be pre-created)
1997-05-01 22:55:58 +00:00
Wolfram Schneider
eac4b079c7 Support comments in password database (/etc/master.passwd).
Comments in group database (/etc/group) are currently not
supported - adduser silently delete blank lines and comments.
1997-03-09 12:21:45 +00:00
Peter Wemm
476602a9d0 Revert $FreeBSD$ to $Id$ 1997-02-22 16:15:28 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Wolfram Schneider
d26d5268ed Allow dash -' (except for first char) and underscore _' in usernames.
pointed out by: max
1996-12-29 21:56:31 +00:00
Wolfram Schneider
9a43d0d77b remove group limits checks 1996-12-29 15:06:52 +00:00
Mike Pritchard
574d7dc09d Minor style fixes.
I also renamed the adduser "-quit" option to "-quiet", since
it is supposed to be the same as the -s/-silent option,
and -quit must have beena typo.
1996-12-23 00:10:22 +00:00
Andrey A. Chernov
2f71230e78 Expand username limit to 16 1996-12-07 21:25:12 +00:00
Andrey A. Chernov
28c5126cfb Don't show on the screen just securely entered password
(in /etc/adduser.message text)
Sending password by E-mail on local machine is joke in any case
1996-11-27 22:04:55 +00:00
Wolfram Schneider
42eacfd392 do not print 'illegal shell' for pseudo users news and xten
Submitted by:	 kuku
1996-11-20 01:07:46 +00:00
Wolfram Schneider
d45496e5c4 warn if reach group line limit (>200 users, >1024 bytes per line)
close PR#1595

suggested by: Seppo Kallio <kallio@beeblebrox.cc.jyu.fi
1996-09-17 19:34:56 +00:00
Wolfram Schneider
896f207c80 Do not backup master.passwd if pwd_mkdb returned an error. This
was to paranoid, pwd_mkdb(8) is carefully enough to not
corrupt master.passwd on failure.

Submitted by: joerg
1996-09-14 23:22:23 +00:00
Jordan K. Hubbard
79b69435d9 Make passwords no longer echo or display. Because of this, we now also
ask for matching confirmation.  I'm sure there is a clever direct-from-perl
ioctl way of putting the terminal into noecho mode, but I don't feel like
learning perl so I just used system.  [yes, I'll put stty on the installation
boot floppy as necessary]
1996-09-11 08:36:54 +00:00
Adam David
718737f0fb typo police
I couldn't make any sense of the sentence "Eval variables in this file." so I
left it alone.

also allow creation of new local group when NIS groups are used.
this can probably be done more elegantly, and needs more thought.
1996-08-28 17:54:14 +00:00
Wolfram Schneider
5a80fb277e sync copyright with /usr/share/examples/etc/bsd-style-copyright 1996-08-27 20:04:45 +00:00
Wolfram Schneider
f99f7b462b run pwd_mkdb with new check option [-c] to verify correctness
of /etc/master.passwd
1996-08-20 19:57:23 +00:00
Wolfram Schneider
8a368b34b0 Do not add an user to a group if the group is also the login group. 1996-08-14 19:06:04 +00:00
Wolfram Schneider
2e8b782306 Do not send "welcome mail" as default. If you want this feature
you can still enable it. Better, use mail client like elm or pine.

Requested by: Jordan
1996-08-13 21:50:51 +00:00
Gary Clark II
b8ff21bda2 We DON'T ship bash by default, why is it the default shell?
We also don't ship tcsh or ksh by default.
Correct these two things to make sh the default and increase csh and sh
to be higher priority.
1996-05-06 06:15:19 +00:00
Wolfram Schneider
5038dc1abd Submitted by: Masafumi NAKANE <masafumi@tky007.tth.expo96.ad.jp>
bugfix: chown home directory if don't copy dotfiles
1996-02-10 17:15:47 +00:00
Jordan K. Hubbard
cfe7e224b8 Clean up some of the english here.. 1995-10-22 11:44:16 +00:00