less robust to possible errors of the user/admin while adduser(8)
had been intended to minimize their possibility.
An alternative way of introducing strange symbols into usernames
to be committed really soon.
the skeleton directory are chown'd to the new user.
PR: bin/10601
Submitted by: Adrian Filipi-Martin <adrian2ubergeeks.com@gosub.cstone.net>
MFC after: 1 month
a) Convert all the remaining older Perl system() calls to the new,
more secure LIST format so they are robust to whitespace and
shell metacharacters in their arguments.
b) Add a new option: -force, which allows adding usernames containing
characters that are otherwise illegal.
PR: bin/22860 bin/31049
inconsistently named "ptmp" and "etc_ptmp". This commit changes
it to "passwd_tmp" for consistency and to match OpenBSD's name
for the variable.
Consulted with: jedgar
account at creation, create accounts with a "*" password (so you can
use alternate authentication schemes without fearing a "default" password
biting you later), and blank passwords.
Yes, adduser could create a blank password account, but this makes it
slightly more difficult to shoot yourself in the foot.
The /etc/adduser.conf entries are:
# use password-based authentication for new users
# defaultusepassword = "yes" | "no"
defaultusepassword = "yes"
# enable account password at creation
# (the password will be prepended with a star if the account isn't enabled)
# defaultenableaccount = "yes" | "no"
defaultenableaccount = "yes"
# allow blank passwords
# defaultemptypassword = "yes" | "no"
defaultemptypassword = "no"
Requested by: alfred
Reviewed by: alfred
group file. Because of the way the group sorting works while printing
out the new file it's not possible at this time to restore comments
in other locations, but at least they won't just disappear altogether.
one user who differs only by case. The other perl tools assume (or enforce)
the all lowercase requirement, therefore making the search through
master.passwd case insensitive seemed a reasonable optimization, IMO.
I understand, although I do not sympathize with, the argument that someone
might want to do this on purpose, and might subsequently want to use the
wrong tool for the job. So, this fix should hopefully satisfy both camps.
Address this by using getpwnam(), thus killing several birds with
the same stone. My fix is slightly more aggressive than the
originators. :)
PR: misc/22278