diff options
Diffstat (limited to 'usr.sbin/bsdconfig/usermgmt/share')
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/Makefile | 6 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/Makefile.depend | 11 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/group.subr | 518 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/group_input.subr | 596 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/user.subr | 1183 | ||||
| -rw-r--r-- | usr.sbin/bsdconfig/usermgmt/share/user_input.subr | 1338 |
6 files changed, 3652 insertions, 0 deletions
diff --git a/usr.sbin/bsdconfig/usermgmt/share/Makefile b/usr.sbin/bsdconfig/usermgmt/share/Makefile new file mode 100644 index 0000000..eba7c1c --- /dev/null +++ b/usr.sbin/bsdconfig/usermgmt/share/Makefile @@ -0,0 +1,6 @@ +# $FreeBSD$ + +FILESDIR= ${SHAREDIR}/bsdconfig/usermgmt +FILES= group.subr group_input.subr user.subr user_input.subr + +.include <bsd.prog.mk> diff --git a/usr.sbin/bsdconfig/usermgmt/share/Makefile.depend b/usr.sbin/bsdconfig/usermgmt/share/Makefile.depend new file mode 100644 index 0000000..f80275d --- /dev/null +++ b/usr.sbin/bsdconfig/usermgmt/share/Makefile.depend @@ -0,0 +1,11 @@ +# $FreeBSD$ +# Autogenerated - do NOT edit! + +DIRDEPS = \ + + +.include <dirdeps.mk> + +.if ${DEP_RELDIR} == ${_DEP_RELDIR} +# local dependencies - needed for -jN in clean tree +.endif diff --git a/usr.sbin/bsdconfig/usermgmt/share/group.subr b/usr.sbin/bsdconfig/usermgmt/share/group.subr new file mode 100644 index 0000000..e9c8b16 --- /dev/null +++ b/usr.sbin/bsdconfig/usermgmt/share/group.subr @@ -0,0 +1,518 @@ +if [ ! "$_USERMGMT_GROUP_SUBR" ]; then _USERMGMT_GROUP_SUBR=1 +# +# Copyright (c) 2012 Ron McDowell +# Copyright (c) 2012-2014 Devin Teske +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ +# +############################################################ INCLUDES + +BSDCFG_SHARE="/usr/share/bsdconfig" +. $BSDCFG_SHARE/common.subr || exit 1 +f_dprintf "%s: loading includes..." usermgmt/group.subr +f_include $BSDCFG_SHARE/dialog.subr +f_include $BSDCFG_SHARE/usermgmt/group_input.subr + +BSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="070.usermgmt" +f_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr + +############################################################ CONFIGURATION + +# set some reasonable defaults if /etc/adduser.conf does not exist. +[ -f /etc/adduser.conf ] && f_include /etc/adduser.conf +: ${passwdtype:="yes"} + +############################################################ FUNCTIONS + +# f_group_add [$group] +# +# Add a group. If both $group (as a first argument) and $VAR_GROUP are unset +# or NULL and we are running interactively, prompt the user to enter the name +# of a new group and (if $VAR_NO_CONFIRM is unset or NULL) prompt the user to +# answer some questions about the new group. Variables that can be used to +# script user input: +# +# VAR_GROUP [Optional if running interactively] +# The group to add. Ignored if given non-NULL first-argument. +# VAR_GROUP_GID [Optional] +# Numerical group ID to use. If NULL or unset, the group ID is +# automatically chosen. +# VAR_GROUP_MEMBERS [Optional] +# Comma separated list of users that are a member of this group. +# VAR_GROUP_PASSWORD [Optional] +# newgrp(1) password to set for the group. Default if NULL or +# unset is to disable newgrp(1) password authentication. +# +# Returns success if the group was successfully added. +# +f_group_add() +{ + local funcname=f_group_add + local title # Calculated below + local alert=f_show_msg no_confirm= + + f_getvar $VAR_NO_CONFIRM no_confirm + [ "$no_confirm" ] && alert=f_show_info + + local input + f_getvar 3:-\$$VAR_GROUP input "$1" + + # + # NB: pw(8) has a ``feature'' wherein `-n name' can be taken as GID + # instead of name. Work-around is to also pass `-g GID' at the same + # time (the GID is ignored in this case, so any GID will do). + # + if [ "$input" ] && f_quietly pw groupshow -n "$input" -g 1337; then + f_show_err "$msg_group_already_used" "$input" + return $FAILURE + fi + + local group_name="$input" + while f_interactive && [ ! "$group_name" ]; do + f_dialog_input_group_name group_name "$group_name" || + return $SUCCESS + [ "$group_name" ] || + f_show_err "$msg_please_enter_a_group_name" + done + if [ ! "$group_name" ]; then + f_show_err "$msg_no_group_specified" + return $FAILURE + fi + + local group_password group_gid group_members + f_getvar $VAR_GROUP_PASSWORD group_password + f_getvar $VAR_GROUP_GID group_gid + f_getvar $VAR_GROUP_MEMBERS group_members + + local group_password_disable= + f_interactive || [ "$group_password" ] || group_password_disable=1 + + if f_interactive && [ ! "$no_confirm" ]; then + f_dialog_noyes \ + "$msg_use_default_values_for_all_account_details" + retval=$? + if [ $retval -eq $DIALOG_ESC ]; then + return $SUCCESS + elif [ $retval -ne $DIALOG_OK ]; then + # + # Ask series of questions to pre-fill the editor screen + # + # Defaults used in each dialog should allow the user to + # simply hit ENTER to proceed and cancelling a single + # dialog cause them to return to the previous menu. + # + + if [ "$passwdtype" = "yes" ]; then + f_dialog_input_group_password group_password \ + group_password_disable || + return $FAILURE + fi + f_dialog_input_group_gid group_gid "$group_gid" || + return $FAILURE + f_dialog_input_group_members group_members \ + "$group_members" || return $FAILURE + fi + fi + + # + # Loop until the user decides to Exit, Cancel, or presses ESC + # + title="$msg_add $msg_group: $group_name" + if f_interactive; then + local mtag retval defaultitem= + while :; do + f_dialog_title "$title" + f_dialog_menu_group_add "$defaultitem" + retval=$? + f_dialog_title_restore + f_dialog_menutag_fetch mtag + f_dprintf "retval=%u mtag=[%s]" $retval "$mtag" + defaultitem="$mtag" + + # Return if user either pressed ESC or chose Cancel/No + [ $retval -eq $DIALOG_OK ] || return $FAILURE + + case "$mtag" in + X) # Add/Exit + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \ + \"\$group_$var\" _group_$var + done + + local cmd="pw groupadd -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" + [ "$group_members" ] && + cmd="$cmd -M '$_group_members'" + + # Execute the command (break on success) + if [ "$group_password_disable" ]; then + f_eval_catch $funcname pw '%s -h -' "$cmd" + elif [ "$group_password" ]; then + echo "$group_password" | + f_eval_catch $funcname \ + pw '%s -h 0' "$cmd" + else + f_eval_catch $funcname pw '%s' "$cmd" + fi && break + ;; + 1) # Group Name (prompt for new group name) + f_dialog_input_group_name input "$group_name" || + continue + if f_quietly pw groupshow -n "$input" -g 1337; then + f_show_err "$msg_group_already_used" "$input" + continue + fi + group_name="$input" + title="$msg_add $msg_group: $group_name" + ;; + 2) # Password + f_dialog_input_group_password group_password \ + group_password_disable + ;; + 3) # Group ID + f_dialog_input_group_gid group_gid "$group_gid" + ;; + 4) # Group Members + f_dialog_input_group_members group_members \ + "$group_members" + ;; + esac + done + else + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + + # Form the command + local cmd="pw groupadd -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" + [ "$group_members" ] && cmd="$cmd -M '$_group_members'" + + # Execute the command + local retval err + if [ "$group_password_disable" ]; then + f_eval_catch -k err $funcname pw '%s -h -' "$cmd" + elif [ "$group_password" ]; then + err=$( echo "$group_password" | f_eval_catch -de \ + $funcname pw '%s -h 0' "$cmd" 2>&1 ) + else + f_eval_catch -k err $funcname pw '%s' "$cmd" + fi + retval=$? + if [ $retval -ne $SUCCESS ]; then + f_show_err "%s" "$err" + return $retval + fi + fi + + f_dialog_title "$title" + $alert "$msg_group_added" + f_dialog_title_restore + [ "$no_confirm" -a "$USE_DIALOG" ] && sleep 1 + + return $SUCCESS +} + +# f_group_delete [$group] +# +# Delete a group. If both $group (as a first argument) and $VAR_GROUP are unset +# or NULL and we are running interactively, prompt the user to select a group +# from a list of available groups. Variables that can be used to script user +# input: +# +# VAR_GROUP [Optional if running interactively] +# The group to delete. Ignored if given non-NULL first-argument. +# +# Returns success if the group was successfully deleted. +# +f_group_delete() +{ + local funcname=f_group_delete + local title # Calculated below + local alert=f_show_msg no_confirm= + + f_getvar $VAR_NO_CONFIRM no_confirm + [ "$no_confirm" ] && alert=f_show_info + + local input + f_getvar 3:-\$$VAR_GROUP input "$1" + + local group_name group_password group_gid group_members + if [ "$input" ] && ! f_input_group "$input"; then + f_show_err "$msg_group_not_found" "$input" + return $FAILURE + fi + + # + # Loop until the user decides to Exit, Cancel, or presses ESC + # + title="$msg_delete $msg_group: $group_name" + if f_interactive; then + local mtag retval defaultitem= + while :; do + f_dialog_title "$title" + f_dialog_menu_group_delete "$group_name" "$defaultitem" + retval=$? + f_dialog_title_restore + f_dialog_menutag_fetch mtag + f_dprintf "retval=%u mtag=[%s]" $retval "$mtag" + defaultitem="$mtag" + + # Return if user either pressed ESC or chose Cancel/No + [ $retval -eq $DIALOG_OK ] || return $FAILURE + + case "$mtag" in + X) # Delete/Exit + local _group_name + f_shell_escape "$group_name" _group_name + f_eval_catch $funcname pw 'pw groupdel "%s"' \ + "$_group_name" && break + ;; + 1) # Group Name (select different group from list) + f_dialog_menu_group_list "$group_name" || continue + f_dialog_menutag_fetch mtag + + [ "$mtag" = "X $msg_exit" ] && continue + + if ! f_input_group "$mtag"; then + f_show_err "$msg_group_not_found" "$mtag" + # Attempt to fall back to previous selection + f_input_group "$input" || return $FAILURE + else + input="$mtag" + fi + ;; + esac + done + else + local retval err _group_name + f_shell_escape "$group_name" _group_name + f_eval_catch -k err $funcname pw \ + "pw groupdel '%s'" "$_group_name" + retval=$? + if [ $retval -ne $SUCCESS ]; then + f_show_err "%s" "$err" + return $retval + fi + fi + + f_dialog_title "$title" + $alert "$msg_group_deleted" + f_dialog_title_restore + [ "$no_confirm" -a "$USE_DIALOG" ] && sleep 1 + + return $SUCCESS +} + +# f_group_edit [$group] +# +# Modify a group. If both $group (as a first argument) and $VAR_GROUP are unset +# or NULL and we are running interactively, prompt the user to select a group +# from a list of available groups. Variables that can be used to script user +# input: +# +# VAR_GROUP [Optional if running interactively] +# The group to modify. Ignored if given non-NULL first-argument. +# VAR_GROUP_GID [Optional] +# Numerical group ID to set. If NULL or unset, the group ID is +# unchanged. +# VAR_GROUP_MEMBERS [Optional] +# Comma separated list of users that are a member of this group. +# If set but NULL, group memberships are reset (no users will be +# a member of this group). If unset, group membership is +# unmodified. +# VAR_GROUP_PASSWORD [Optional] +# newgrp(1) password to set for the group. If unset, the password +# is unmodified. If NULL, the newgrp(1) password is disabled. +# +# Returns success if the group was successfully modified. +# +f_group_edit() +{ + local funcname=f_group_edit + local title # Calculated below + local alert=f_show_msg no_confirm= + + f_getvar $VAR_NO_CONFIRM no_confirm + [ "$no_confirm" ] && alert=f_show_info + + local input + f_getvar 3:-\$$VAR_GROUP input "$1" + + # + # NB: pw(8) has a ``feature'' wherein `-n name' can be taken as GID + # instead of name. Work-around is to also pass `-g GID' at the same + # time (the GID is ignored in this case, so any GID will do). + # + if [ "$input" ] && ! f_quietly pw groupshow -n "$input" -g 1337; then + f_show_err "$msg_group_not_found" "$input" + return $FAILURE + fi + + if f_interactive && [ ! "$input" ]; then + f_dialog_menu_group_list || return $SUCCESS + f_dialog_menutag_fetch input + [ "$input" = "X $msg_exit" ] && return $SUCCESS + elif [ ! "$input" ]; then + f_show_err "$msg_no_group_specified" + return $FAILURE + fi + + local group_name group_password group_gid group_members + if ! f_input_group "$input"; then + f_show_err "$msg_group_not_found" "$input" + return $FAILURE + fi + + f_isset $VAR_GROUP_GID && f_getvar $VAR_GROUP_GID group_gid + local null_members= + if f_isset $VAR_GROUP_MEMBERS; then + f_getvar $VAR_GROUP_MEMBERS group_members + [ "$group_members" ] || null_members=1 + fi + local group_password_disable= + if f_isset $VAR_GROUP_PASSWORD; then + f_getvar $VAR_GROUP_PASSWORD group_password + [ "$group_password" ] || group_password_disable=1 + fi + + # + # Loop until the user decides to Exit, Cancel, or presses ESC + # + title="$msg_edit_view $msg_group: $group_name" + if f_interactive; then + local mtag retval defaultitem= + while :; do + f_dialog_title "$title" + f_dialog_menu_group_edit "$defaultitem" + retval=$? + f_dialog_title_restore + f_dialog_menutag_fetch mtag + f_dprintf "retval=%u mtag=[%s]" $retval "$mtag" + defaultitem="$mtag" + + # Return if user either pressed ESC or chose Cancel/No + [ $retval -eq $DIALOG_OK ] || return $FAILURE + + case "$mtag" in + X) # Save/Exit + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \ + \"\$group_$var\" _group_$var + done + + local cmd="pw groupmod -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" + [ "$group_members" -o "$null_members" ] && + cmd="$cmd -M '$_group_members'" + + # Execute the command (break on success) + if [ "$group_password_disable" ]; then + f_eval_catch $funcname pw '%s -h -' "$cmd" + elif [ "$group_password" ]; then + echo "$group_password" | f_eval_catch \ + $funcname pw '%s -h 0' "$cmd" + else + f_eval_catch $funcname pw '%s' "$cmd" + fi && break + ;; + 1) # Group Name (select different group from list) + f_dialog_menu_group_list "$group_name" || continue + f_dialog_menutag_fetch mtag + + [ "$mtag" = "X $msg_exit" ] && continue + + if ! f_input_group "$mtag"; then + f_show_err "$msg_group_not_found" "$mtag" + # Attempt to fall back to previous selection + f_input_group "$input" || return $FAILURE + else + input="$mtag" + fi + title="$msg_edit_view $msg_group: $group_name" + ;; + 2) # Password + f_dialog_input_group_password group_password \ + group_password_disable + ;; + 3) # Group ID + f_dialog_input_group_gid group_gid "$group_gid" + ;; + 4) # Group Members + f_dialog_input_group_members group_members \ + "$group_members" && [ ! "$group_members" ] && + null_members=1 + ;; + esac + done + else + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + + # Form the command + local cmd="pw groupmod -n '$_group_name'" + [ "$group_gid" ] && cmd="$cmd -g '$_group_gid'" + [ "$group_members" -o "$null_members" ] && + cmd="$cmd -M '$_group_members'" + + # Execute the command + local retval err + if [ "$group_password_disable" ]; then + f_eval_catch -k err $funcname pw '%s -h -' "$cmd" + elif [ "$group_password" -o "$null_password" ]; then + err=$( echo "$group_password" | f_eval_catch -de \ + $funcname pw '%s -h 0' "$cmd" 2>&1 ) + else + f_eval_catch -k err $funcname pw '%s' "$cmd" + fi + retval=$? + if [ $retval -ne $SUCCESS ]; then + f_show_err "%s" "$err" + return $retval + fi + fi + + f_dialog_title "$title" + $alert "$msg_group_updated" + f_dialog_title_restore + [ "$no_confirm" -a "$USE_DIALOG" ] && sleep 1 + + return $SUCCESS +} + +############################################################ MAIN + +f_dprintf "%s: Successfully loaded." usermgmt/group.subr + +fi # ! $_USERMGMT_GROUP_SUBR diff --git a/usr.sbin/bsdconfig/usermgmt/share/group_input.subr b/usr.sbin/bsdconfig/usermgmt/share/group_input.subr new file mode 100644 index 0000000..2e8c086 --- /dev/null +++ b/usr.sbin/bsdconfig/usermgmt/share/group_input.subr @@ -0,0 +1,596 @@ +if [ ! "$_USERMGMT_GROUP_INPUT_SUBR" ]; then _USERMGMT_GROUP_INPUT_SUBR=1 +# +# Copyright (c) 2012 Ron McDowell +# Copyright (c) 2012-2014 Devin Teske +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ +# +############################################################ INCLUDES + +BSDCFG_SHARE="/usr/share/bsdconfig" +. $BSDCFG_SHARE/common.subr || exit 1 +f_dprintf "%s: loading includes..." usermgmt/group_input.subr +f_include $BSDCFG_SHARE/dialog.subr +f_include $BSDCFG_SHARE/strings.subr + +BSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="070.usermgmt" +f_include_lang $BSDCFG_LIBE/include/messages.subr +f_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr + +############################################################ FUNCTIONS + +# f_input_group $group +# +# Given $group name or id, create the environment variables group_name, +# group_gid, and group_members (and group_password is reset to NULL). +# +f_input_group() +{ + local funcname=f_input_group + local group="$1" + + f_dprintf "$funcname: Getting info for group \`%s'" "$group" + eval "$( pw groupshow "$group" 2> /dev/null | awk -F: ' + function set_value(var, value) { + gsub(/'\''/, "'\''\\'\'\''", value) + printf "group_%s='\'%s\''\n", var, value + } + { + found = $1 != "" + set_value("name", $1) + set_value("password", "") + set_value("gid", $3) + set_value("members", $4) + exit + } + END { if (!found) print "false" }' )" +} + +# f_dialog_menu_group_list [$default] +# +# Allows the user to select a group from a list. Optionally, if present and +# non-NULL, initially highlight $default group. +# +f_dialog_menu_group_list() +{ + local prompt= + local menu_list=" + 'X $msg_exit' '' + " # END-QUOTE + local defaultitem="$1" + local hline="$hline_alnum_punc_tab_enter" + + # Add groups from group(5) + menu_list="$menu_list $( pw groupshow -a | awk -F: ' + function mprint(tag, item) { + gsub(/'\''/, "'\''\\'\'\''", tag) + gsub(/'\''/, "'\''\\'\'\''", item) + printf "'\'%s\'\ \'%s\''\n", tag, item + } + !/^[[:space:]]*(#|$)/ { mprint($1, $1) } + ' )" + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_menutag_store -s "$menu_choice" + return $retval +} + +# f_dialog_input_group_name $var_to_set [$group_name] +# +# Allows the user to enter a name for a new group. If the user does not cancel +# or press ESC, the $var_to_set variable will hold the newly-configured value +# upon return. +# +f_dialog_input_group_name() +{ + local __var_to_set="$1" __name="$2" + + # + # Loop until the user provides taint-free/valid input + # + local __input="$__name" + while :; do + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_group" "$__input" \ + "$hline_alnum_tab_enter" || return $? + + # Check for no-change + if [ "$__input" = "$__name" ]; then + setvar "$__var_to_set" "$__input" + return $DIALOG_OK + fi + + # Check for NULL entry + if [ ! "$__input" ]; then + f_show_msg "$msg_group_is_empty" + continue + fi + + # Check for invalid entry + case "$__input" in [!a-zA-Z]*) + f_show_msg "$msg_group_must_start_with_letter" + continue + esac + + # Check for duplicate entry + if f_quietly pw groupshow -n "$__input"; then + f_show_msg "$msg_group_already_used" "$__input" + continue + fi + + setvar "$__var_to_set" "$__input" + break + done + + return $DIALOG_OK +} + +# f_dialog_input_group_password $var_to_set $dvar_to_set +# +# Prompt the user to enter a password (twice). If the user does not cancel or +# press ESC, $var_to_set will hold the confirmed user entry. Otherwise, if the +# user cancels or enters a NULL password (twice), they are given the choice to +# disable password authentication for the given group, wherein $dvar_to_set has +# a value of 1 to indicate password authentication should be disabled. +# +f_dialog_input_group_password() +{ + local __var_to_set="$1" __dvar_to_set="$2" + local __prompt1="$msg_group_password" + local __prompt2="$msg_reenter_group_password" + local __hline="$hline_alnum_punc_tab_enter" + + local __height1 __width1 + f_dialog_inputbox_size __height1 __width1 \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt1" \ + "" \ + "$__hline" + + local __height2 __width2 + f_dialog_inputbox_size __height2 __width2 \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt2" \ + "" \ + "$__hline" + + # + # Loop until the user provides taint-free/valid input + # + local __retval __password1 __password2 + while :; do + __password1=$( $DIALOG \ + --title "$DIALOG_TITLE" \ + --backtitle "$DIALOG_BACKTITLE" \ + --hline "$__hline" \ + --ok-label "$msg_ok" \ + --cancel-label "$msg_cancel" \ + --insecure \ + --passwordbox "$__prompt1" \ + $__height1 $__width1 \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + debug= f_dialog_line_sanitize __password1 + + # Return if user has either pressed ESC or chosen Cancel/No + [ $__retval -eq $DIALOG_OK ] || return $__retval + + __password2=$( $DIALOG \ + --title "$DIALOG_TITLE" \ + --backtitle "$DIALOG_BACKTITLE" \ + --hline "$__hline" \ + --ok-label "$msg_ok" \ + --cancel-label "$msg_cancel" \ + --insecure \ + --passwordbox "$__prompt2" \ + $__height2 $__width2 \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + debug= f_dialog_line_sanitize __password2 + + # Return if user has either pressed ESC or chosen Cancel/No + [ $__retval -eq $DIALOG_OK ] || return $__retval + + # Check for password mismatch + if [ "$__password1" != "$__password2" ]; then + f_show_msg "$msg_group_passwords_do_not_match" + continue + fi + + # Check for NULL entry + if [ ! "$__password1" ]; then + f_dialog_yesno "$msg_disable_password_auth_for_group" + __retval=$? + if [ $__retval -eq $DIALOG_ESC ]; then + return $__retval + elif [ $__retval -eq $DIALOG_OK ]; then + setvar "$__dvar_to_set" 1 + else + continue # back to password prompt + fi + else + setvar "$__dvar_to_set" "" + fi + + setvar "$__var_to_set" "$__password1" + break + done + + return $DIALOG_OK +} + +# f_dialog_input_group_gid $var_to_set [$group_gid] +# +# Allow the user to enter a new GID for a given group. If the user does not +# cancel or press ESC, the $var_to_set variable will hold the newly-configured +# value upon return. +# +f_dialog_input_group_gid() +{ + local __var_to_set="$1" __input="$2" + + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_group_id_leave_empty_for_default" \ + "$__input" "$hline_num_tab_enter" || return $? + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_group_members $var_to_set [$group_members] +# +# Allow the user to modify a list of members for a given group. If the user +# does not cancel or press ESC, the $var_to_set variable will hold the newly- +# configured value upon return. +# +f_dialog_input_group_members() +{ + local __var_to_set="$1" __input="$2" + local __prompt="$msg_group_members:" + local __menu_list=" + 'X' '$msg_continue' + '1' '$msg_select_group_members_from_list' + '2' '$msg_enter_group_members_manually' + " # END-QUOTE + local __defaultitem= + local __hline="$hline_num_arrows_tab_enter" + + local __mheight __mwidth __mrows + eval f_dialog_menu_size __mheight __mwidth __mrows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$__prompt\" \ + \"\$__hline\" \ + $__menu_list + + local __menu_choice __retval + while :; do + __menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$__defaultitem\" \ + --menu \"\$__prompt\" \ + $__mheight $__mwidth $__mrows \ + $__menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __menu_choice + __defaultitem="$__menu_choice" + f_dprintf "retval=%u menu_choice=[%s]" \ + $__retval "$__menu_choice" + + # Return if user has either pressed ESC or chosen Cancel/No + [ $__retval -eq $DIALOG_OK ] || return $__retval + + local __group_members + case "$__menu_choice" in + X) # Exit + break ;; + 1) # Select Group Members from a list + local __check_list= # Calculated below + local __user_list __u __user __length=0 + __user_list=$( pw usershow -a | + awk -F: '!/^[[:space:]]*(#|$)/{print $1}' ) + while [ $__length -ne ${#__user_list} ]; do + __u="${__user_list%%$NL*}" # First line + f_shell_escape "$__u" __user + + # Format of a checklist entry: tag item status + __check_list="$__check_list '$__user' ''" + case "$__input" in + "$__u"|"$__u",*|*,"$__u",*|*,"$__u") + __check_list="$__check_list on" ;; + *) + __check_list="$__check_list off" + esac + + __length=${#__user_list} + __user_list="${__user_list#*$NL}" # Kill line + done + + local __cheight __cwidth __crows + eval f_dialog_checklist_size \ + __cheight __cwidth __crows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$__prompt\" \ + \"\$__hline\" \ + $__check_list + __group_members=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --separate-output \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --checklist \"\$__prompt\" \ + $__cheight $__cwidth $__crows \ + $__check_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) || continue + # Return to previous menu if user either + # pressed ESC or chose Cancel/No + f_dialog_data_sanitize __group_members + + # + # Convert the newline separated list into a comma- + # separated one so that if the user switches over to + # manual editing, list reflects checklist selections + # + f_replaceall "$__group_members" "[$NL]" "," __input + ;; + 2) # Enter Group Members manually + local __prompt2="$msg_group_members" + __prompt2="$__prompt2 ($msg_separated_by_commas)" + + f_dialog_input __group_members \ + "$__prompt2" "$__input" \ + "$hline_num_tab_enter" || continue + # Return to previous menu if user either + # pressed ESC or chose Cancel/No + + __input="$__group_members" + ;; + esac + done + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_menu_group_add [$defaultitem] +# +# Present a menu detailing the properties of a group that is about to be added. +# The user's menu choice is available using f_dialog_menutag_fetch(). Returns +# success unless the user chose Cancel or pressed ESC. Data to display is taken +# from environment variables group_name, group_gid, and group_members. If +# $defaultitem is present and non-NULL, initially highlight the item in the +# menu. +# +f_dialog_menu_group_add() +{ + local prompt="$msg_save_exit_or_cancel" + local menu_list # Calculated below + local defaultitem="$1" + local hline="$hline_arrows_tab_enter" + + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + + menu_list=" + 'X' '$msg_add/$msg_exit' + '1' '$msg_group: $_group_name' + '2' '$msg_password: -----' + '3' '$msg_group_id: $_group_gid' + '4' '$msg_group_members: $_group_members' + " # END-QUOTE + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_data_sanitize menu_choice + f_dialog_menutag_store "$menu_choice" + return $retval +} + +# f_dialog_menu_group_delete $group [$defaultitem] +# +# Present a menu detailing the properties of a group that is about to be +# deleted. The user's menu choice is available using f_dialog_menutag_fetch(). +# Returns success unless the user chose Cancel or pressed ESC. Data to display +# is populated automatically from the system accounting database for the given +# $group argument. If $defaultitem is present and non-NULL, initially highlight +# the item in the menu. +# +f_dialog_menu_group_delete() +{ + local prompt="$msg_delete_exit_or_cancel" + local menu_list # Calculated below + local defaultitem="$2" + local hline="$hline_arrows_tab_enter" + + local group_name group_password group_gid group_members + f_input_group "$1" + + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + + menu_list=" + 'X' '$msg_delete/$msg_exit' + '1' '$msg_group: $_group_name' + '-' '$msg_password: -----' + '-' '$msg_group_id: $_group_gid' + '-' '$msg_group_members: $_group_members' + " # END-QUOTE + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_data_sanitize menu_choice + f_dialog_menutag_store "$menu_choice" + return $retval +} + +# f_dialog_menu_group_edit [$defaultitem] +# +# Present a menu detailing the properties of a group that is about to be +# modified. The user's menu choice is available using f_dialog_menutag_fetch(). +# Returns success unless the user chose Cancel or pressed ESC. Data to display +# is taken from environment variables group_name, group_gid, and group_members. +# If $defaultitem is present and non-NULL, initially highlight the item in the +# menu. +# +f_dialog_menu_group_edit() +{ + local prompt="$msg_save_exit_or_cancel" + local menu_list # Calculated below + local defaultitem="$1" + local hline="$hline_arrows_tab_enter" + + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in gid members name; do + local _group_$var + eval f_shell_escape \"\$group_$var\" _group_$var + done + + menu_list=" + 'X' '$msg_save/$msg_exit' + '1' '$msg_group: $_group_name' + '2' '$msg_password: -----' + '3' '$msg_group_id: $_group_gid' + '4' '$msg_group_members: $_group_members' + " # END-QUOTE + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_data_sanitize menu_choice + f_dialog_menutag_store "$menu_choice" + return $retval +} + +############################################################ MAIN + +f_dprintf "%s: Successfully loaded." usermgmt/group_input.subr + +fi # ! $_USERMGMT_GROUP_INPUT_SUBR diff --git a/usr.sbin/bsdconfig/usermgmt/share/user.subr b/usr.sbin/bsdconfig/usermgmt/share/user.subr new file mode 100644 index 0000000..27d9d66 --- /dev/null +++ b/usr.sbin/bsdconfig/usermgmt/share/user.subr @@ -0,0 +1,1183 @@ +if [ ! "$_USERMGMT_USER_SUBR" ]; then _USERMGMT_USER_SUBR=1 +# +# Copyright (c) 2012 Ron McDowell +# Copyright (c) 2012-2015 Devin Teske +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ +# +############################################################ INCLUDES + +BSDCFG_SHARE="/usr/share/bsdconfig" +. $BSDCFG_SHARE/common.subr || exit 1 +f_dprintf "%s: loading includes..." usermgmt/user.subr +f_include $BSDCFG_SHARE/dialog.subr +f_include $BSDCFG_SHARE/strings.subr +f_include $BSDCFG_SHARE/usermgmt/group_input.subr +f_include $BSDCFG_SHARE/usermgmt/user_input.subr + +BSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="070.usermgmt" +f_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr + +############################################################ CONFIGURATION + +# set some reasonable defaults if /etc/adduser.conf does not exist. +[ -f /etc/adduser.conf ] && f_include /etc/adduser.conf +: ${defaultclass:=""} +: ${defaultshell:="/bin/sh"} +: ${homeprefix:="/home"} +: ${passwdtype:="yes"} +: ${udotdir:="/usr/share/skel"} +: ${uexpire:=""} + # Default account expire time. Format is similar to upwexpire variable. +: ${ugecos:="User &"} +: ${upwexpire:=""} + # The default password expiration time. Format of the date is either a + # UNIX time in decimal, or a date in dd-mmm-yy[yy] format, where dd is + # the day, mmm is the month in either numeric or alphabetic format, and + # yy[yy] is either a two or four digit year. This variable also accepts + # a relative date in the form of n[mhdwoy] where n is a decimal, octal + # (leading 0) or hexadecimal (leading 0x) digit followed by the number + # of Minutes, Hours, Days, Weeks, Months or Years from the current date + # at which the expiration time is to be set. + +# +# uexpire and upwexpire from adduser.conf(5) differ only slightly from what +# pw(8) accepts as `date' argument(s); pw(8) requires a leading `+' for the +# relative date syntax (n[mhdwoy]). +# +case "$uexpire" in *[mhdwoy]) + f_isinteger "${uexpire%[mhdwoy]}" && uexpire="+$uexpire" +esac +case "$upwexpire" in *[mhdwoy]) + f_isinteger "${upwexpire%[mhdwoy]}" && upwexpire="+$upwexpire" +esac + +############################################################ FUNCTIONS + +# f_user_create_homedir $user +# +# Create home directory for $user. +# +f_user_create_homedir() +{ + local funcname=f_user_create_homedir + local user="$1" + + [ "$user" ] || return $FAILURE + + local user_account_expire user_class user_gecos user_gid user_home_dir + local user_member_groups user_name user_password user_password_expire + local user_shell user_uid # Variables created by f_input_user() below + f_input_user "$user" || return $FAILURE + + f_dprintf "Creating home directory \`%s' for user \`%s'" \ + "$user_home_dir" "$user" + + local _user_gid _user_home_dir _user_uid + f_shell_escape "$user_gid" _user_gid + f_shell_escape "$user_home_dir" _user_home_dir + f_shell_escape "$user_uid" _user_uid + f_eval_catch $funcname mkdir "mkdir -p '%s'" "$_user_home_dir" || + return $FAILURE + f_eval_catch $funcname chown "chown '%i:%i' '%s'" \ + "$_user_uid" "$_user_gid" "$_user_home_dir" || return $FAILURE +} + +# f_user_copy_dotfiles $user +# +# Copy `skel' dot-files from $udotdir (global inherited from /etc/adduser.conf) +# to the home-directory of $user. Attempts to create the home-directory first +# if it doesn't exist. +# +f_user_copy_dotfiles() +{ + local funcname=f_user_copy_dotfiles + local user="$1" + + [ "$udotdir" ] || return $FAILURE + [ "$user" ] || return $FAILURE + + local user_account_expire user_class user_gecos user_gid user_home_dir + local user_member_groups user_name user_password user_password_expire + local user_shell user_uid # Variables created by f_input_user() below + f_input_user "$user" || return $FAILURE + + f_dprintf "Copying dot-files from \`%s' to \`%s'" \ + "$udotdir" "$user_home_dir" + + # Attempt to create the home directory if it doesn't exist + [ -d "$user_home_dir" ] || + f_user_create_homedir "$user" || return $FAILURE + + local _user_gid _user_home_dir _user_uid + f_shell_escape "$user_gid" _user_gid + f_shell_escape "$user_home_dir" _user_home_dir + f_shell_escape "$user_uid" _user_uid + + local - # Localize `set' to this function + set +f # Enable glob pattern-matching for paths + cd "$udotdir" || return $FAILURE + + local _file file retval + for file in dot.*; do + [ -e "$file" ] || continue # no-match + + f_shell_escape "$file" "_file" + f_eval_catch $funcname cp "cp -n '%s' '%s'" \ + "$_file" "$_user_home_dir/${_file#dot}" + retval=$? + [ $retval -eq $SUCCESS ] || break + f_eval_catch $funcname chown \ + "chown -h '%i:%i' '%s'" \ + "$_user_uid" "$_user_gid" \ + "$_user_home_dir/${_file#dot}" + retval=$? + [ $retval -eq $SUCCESS ] || break + done + + cd - + return $retval +} + +# f_user_add [$user] +# +# Create a login account. If both $user (as a first argument) and $VAR_USER are +# unset or NULL and we are running interactively, prompt the end-user to enter +# the name of a new login account and (if $VAR_NO_CONFIRM is unset or NULL) +# prompt the end-user to answer some questions about the new account. Variables +# that can be used to script user input: +# +# VAR_USER [Optional if running interactively] +# The login to add. Ignored if given non-NULL first-argument. +# VAR_USER_ACCOUNT_EXPIRE [Optional] +# The account expiration time. Format is similar to +# VAR_USER_PASSWORD_EXPIRE variable below. Default is to never +# expire the account. +# VAR_USER_DOTFILES_CREATE [Optional] +# If non-NULL, populate the user's home directory with the +# template files found in $udotdir (`/usr/share/skel' default). +# VAR_USER_GECOS [Optional] +# Often the full name of the account holder. Default is NULL. +# VAR_USER_GID [Optional] +# Numerical primary-group ID to use. If NULL or unset, the group +# ID is automatically chosen. +# VAR_USER_GROUPS [Optional] +# Comma-separated list of additional groups to which the user is +# a member of. Default is NULL (no additional groups). +# VAR_USER_HOME [Optional] +# The home directory to set. If NULL or unset, the home directory +# is automatically calculated. +# VAR_USER_HOME_CREATE [Optional] +# If non-NULL, create the user's home directory if it doesn't +# already exist. +# VAR_USER_LOGIN_CLASS [Optional] +# Login class to use when creating the login. Default is NULL. +# VAR_USER_PASSWORD [Optional] +# Unencrypted password to use. If unset or NULL, password +# authentication for the login is disabled. +# VAR_USER_PASSWORD_EXPIRE [Optional] +# The password expiration time. Format of the date is either a +# UNIX time in decimal, or a date in dd-mmm-yy[yy] format, where +# dd is the day, mmm is the month in either numeric or alphabetic +# format, and yy[yy] is either a two or four digit year. This +# variable also accepts a relative date in the form of +n[mhdwoy] +# where n is a decimal, octal (leading 0) or hexadecimal (leading +# 0x) digit followed by the number of Minutes, Hours, Days, +# Weeks, Months or Years from the current date at which the +# expiration time is to be set. Default is to never expire the +# account password. +# VAR_USER_SHELL [Optional] +# Path to login shell to use. Default is `/bin/sh'. +# VAR_USER_UID [Optional] +# Numerical user ID to use. If NULL or unset, the user ID is +# automatically chosen. +# +# Returns success if the user account was successfully created. +# +f_user_add() +{ + local funcname=f_user_add + local title # Calculated below + local alert=f_show_msg no_confirm= + + f_getvar $VAR_NO_CONFIRM no_confirm + [ "$no_confirm" ] && alert=f_show_info + + local input + f_getvar 3:-\$$VAR_USER input "$1" + + # + # NB: pw(8) has a ``feature'' wherein `-n name' can be taken as UID + # instead of name. Work-around is to also pass `-u UID' at the same + # time (the UID is ignored in this case, so any UID will do). + # + if [ "$input" ] && f_quietly pw usershow -n "$input" -u 1337; then + f_show_err "$msg_login_already_used" "$input" + return $FAILURE + fi + + local user_name="$input" + while f_interactive && [ ! "$user_name" ]; do + f_dialog_input_name user_name "$user_name" || + return $SUCCESS + [ "$user_name" ] || + f_show_err "$msg_please_enter_a_user_name" + done + if [ ! "$user_name" ]; then + f_show_err "$msg_no_user_specified" + return $FAILURE + fi + + local user_account_expire user_class user_gecos user_gid user_home_dir + local user_member_groups user_password user_password_expire user_shell + local user_uid user_dotfiles_create= user_home_create= + f_getvar $VAR_USER_ACCOUNT_EXPIRE-\$uexpire user_account_expire + f_getvar $VAR_USER_DOTFILES_CREATE:+\$msg_yes user_dotfiles_create + f_getvar $VAR_USER_GECOS-\$ugecos user_gecos + f_getvar $VAR_USER_GID user_gid + f_getvar $VAR_USER_GROUPS user_member_groups + f_getvar $VAR_USER_HOME:-\${homeprefix%/}/\$user_name \ + user_home_dir + f_getvar $VAR_USER_HOME_CREATE:+\$msg_yes user_home_create + f_getvar $VAR_USER_LOGIN_CLASS-\$defaultclass user_class + f_getvar $VAR_USER_PASSWORD user_password + f_getvar $VAR_USER_PASSWORD_EXPIRE-\$upwexpire user_password_expire + f_getvar $VAR_USER_SHELL-\$defaultshell user_shell + f_getvar $VAR_USER_UID user_uid + + # Create home-dir if no script-override and does not exist + f_isset $VAR_USER_HOME_CREATE || [ -d "$user_home_dir" ] || + user_home_create="$msg_yes" + # Copy dotfiles if home-dir creation is desired, does not yet exist, + # and no script-override has been set + f_isset $VAR_USER_DOTFILES_CREATE || + [ "$user_home_create" != "$msg_yes" ] || + [ -d "$user_home_dir" ] || user_dotfiles_create="$msg_yes" + # Create home-dir if copying dotfiles but home-dir does not exist + [ "$user_dotfiles_create" -a ! -d "$user_home_dir" ] && + user_home_create="$msg_yes" + + # Set flags for meaningful NULL values if-provided + local no_account_expire= no_password_expire= null_gecos= null_members= + local user_password_disable= + f_isset $VAR_USER_ACCOUNT_EXPIRE && + [ ! "$user_account_expire" ] && no_account_expire=1 + f_isset $VAR_USER_GECOS && + [ ! "$user_gecos" ] && null_gecos=1 + f_isset $VAR_USER_GROUPS && + [ ! "$user_member_groups" ] && null_members=1 + f_isset $VAR_USER_PASSWORD && + [ ! "$user_password" ] && user_password_disable=1 + f_isset $VAR_USER_PASSWORD_EXPIRE && + [ ! "$user_password_expire" ] && no_password_expire=1 + + if f_interactive && [ ! "$no_confirm" ]; then + f_dialog_noyes \ + "$msg_use_default_values_for_all_account_details" + retval=$? + if [ $retval -eq $DIALOG_ESC ]; then + return $SUCCESS + elif [ $retval -ne $DIALOG_OK ]; then + # + # Ask series of questions to pre-fill the editor screen + # + # Defaults used in each dialog should allow the user to + # simply hit ENTER to proceed, because cancelling any + # single dialog will cause them to be returned to the + # previous menu. + # + + f_dialog_input_gecos user_gecos "$user_gecos" || + return $FAILURE + if [ "$passwdtype" = "yes" ]; then + f_dialog_input_password user_password \ + user_password_disable || + return $FAILURE + fi + f_dialog_input_uid user_uid "$user_uid" || + return $FAILURE + f_dialog_input_gid user_gid "$user_gid" || + return $FAILURE + f_dialog_input_member_groups user_member_groups \ + "$user_member_groups" || return $FAILURE + f_dialog_input_class user_class "$user_class" || + return $FAILURE + f_dialog_input_expire_password user_password_expire \ + "$user_password_expire" || return $FAILURE + f_dialog_input_expire_account user_account_expire \ + "$user_account_expire" || return $FAILURE + f_dialog_input_home_dir user_home_dir \ + "$user_home_dir" || return $FAILURE + if [ ! -d "$user_home_dir" ]; then + f_dialog_input_home_create user_home_create || + return $FAILURE + if [ "$user_home_create" = "$msg_yes" ]; then + f_dialog_input_dotfiles_create \ + user_dotfiles_create || + return $FAILURE + fi + fi + f_dialog_input_shell user_shell "$user_shell" || + return $FAILURE + fi + fi + + # + # Loop until the user decides to Exit, Cancel, or presses ESC + # + title="$msg_add $msg_user: $user_name" + if f_interactive; then + local mtag retval defaultitem= + while :; do + f_dialog_title "$title" + f_dialog_menu_user_add "$defaultitem" + retval=$? + f_dialog_title_restore + f_dialog_menutag_fetch mtag + f_dprintf "retval=%u mtag=[%s]" $retval "$mtag" + defaultitem="$mtag" + + # Return if user either pressed ESC or chose Cancel/No + [ $retval -eq $DIALOG_OK ] || return $FAILURE + + case "$mtag" in + X) # Add/Exit + local var + for var in account_expire class gecos gid home_dir \ + member_groups name password_expire shell uid \ + ; do + local _user_$var + eval f_shell_escape \"\$user_$var\" _user_$var + done + + local cmd="pw useradd -n '$_user_name'" + [ "$user_gid" ] && cmd="$cmd -g '$_user_gid'" + [ "$user_shell" ] && cmd="$cmd -s '$_user_shell'" + [ "$user_uid" ] && cmd="$cmd -u '$_user_uid'" + [ "$user_account_expire" -o \ + "$no_account_expire" ] && + cmd="$cmd -e '$_user_account_expire'" + [ "$user_class" -o "$null_class" ] && + cmd="$cmd -L '$_user_class'" + [ "$user_gecos" -o "$null_gecos" ] && + cmd="$cmd -c '$_user_gecos'" + [ "$user_home_dir" ] && + cmd="$cmd -d '$_user_home_dir'" + [ "$user_member_groups" ] && + cmd="$cmd -G '$_user_member_groups'" + [ "$user_password_expire" -o \ + "$no_password_expire" ] && + cmd="$cmd -p '$_user_password_expire'" + + # Execute the command + if [ "$user_password_disable" ]; then + f_eval_catch $funcname pw '%s -h -' "$cmd" + elif [ "$user_password" ]; then + echo "$user_password" | f_eval_catch \ + $funcname pw '%s -h 0' "$cmd" + else + f_eval_catch $funcname pw '%s' "$cmd" + fi || continue + + # Create home directory if desired + [ "${user_home_create:-$msg_no}" != "$msg_no" ] && + f_user_create_homedir "$user_name" + + # Copy dotfiles if desired + [ "${user_dotfiles_create:-$msg_no}" != \ + "$msg_no" ] && f_user_copy_dotfiles "$user_name" + + break # to success + ;; + 1) # Login (prompt for new login name) + f_dialog_input_name input "$user_name" || + continue + if f_quietly pw usershow -n "$input" -u 1337; then + f_show_err "$msg_login_already_used" "$input" + continue + fi + user_name="$input" + title="$msg_add $msg_user: $user_name" + user_home_dir="${homeprefix%/}/$user_name" + ;; + 2) # Full Name + f_dialog_input_gecos user_gecos "$user_gecos" && + [ ! "$user_gecos" ] && null_gecos=1 ;; + 3) # Password + f_dialog_input_password \ + user_password user_password_disable ;; + 4) # User ID + f_dialog_input_uid user_uid "$user_uid" ;; + 5) # Group ID + f_dialog_input_gid user_gid "$user_gid" ;; + 6) # Member of Groups + f_dialog_input_member_groups \ + user_member_groups "$user_member_groups" && + [ ! "$user_member_groups" ] && + null_members=1 ;; + 7) # Login Class + f_dialog_input_class user_class "$user_class" && + [ ! "$user_class" ] && null_class=1 ;; + 8) # Password Expires On + f_dialog_input_expire_password \ + user_password_expire "$user_password_expire" && + [ ! "$user_password_expire" ] && + no_password_expire=1 ;; + 9) # Account Expires On + f_dialog_input_expire_account \ + user_account_expire "$user_account_expire" && + [ ! "$user_account_expire" ] && + no_account_expire=1 ;; + A) # Home Directory + f_dialog_input_home_dir \ + user_home_dir "$user_home_dir" ;; + B) # Shell + f_dialog_input_shell user_shell "$user_shell" ;; + C) # Create Home Directory? + if [ "${user_home_create:-$msg_no}" != "$msg_no" ] + then + user_home_create="$msg_no" + else + user_home_create="$msg_yes" + fi ;; + D) # Create Dotfiles? + if [ "${user_dotfiles_create:-$msg_no}" != \ + "$msg_no" ] + then + user_dotfiles_create="$msg_no" + else + user_dotfiles_create="$msg_yes" + fi ;; + esac + done + else + local var + for var in account_expire class gecos gid home_dir \ + member_groups name password_expire shell uid \ + ; do + local _user_$var + eval f_shell_escape \"\$user_$var\" _user_$var + done + + # Form the command + local cmd="pw useradd -n '$_user_name'" + [ "$user_gid" ] && cmd="$cmd -g '$_user_gid'" + [ "$user_home_dir" ] && cmd="$cmd -d '$_user_home_dir'" + [ "$user_shell" ] && cmd="$cmd -s '$_user_shell'" + [ "$user_uid" ] && cmd="$cmd -u '$_user_uid'" + [ "$user_account_expire" -o "$no_account_expire" ] && + cmd="$cmd -e '$_user_account_expire'" + [ "$user_class" -o "$null_class" ] && + cmd="$cmd -L '$_user_class'" + [ "$user_gecos" -o "$null_gecos" ] && + cmd="$cmd -c '$_user_gecos'" + [ "$user_member_groups" -o "$null_members" ] && + cmd="$cmd -G '$_user_member_groups'" + [ "$user_password_expire" -o "$no_password_expire" ] && + cmd="$cmd -p '$_user_password_expire'" + + # Execute the command + local retval err + if [ "$user_password_disable" ]; then + f_eval_catch -k err $funcname pw '%s -h -' "$cmd" + elif [ "$user_password" ]; then + err=$( echo "$user_password" | f_eval_catch -de \ + $funcname pw '%s -h 0' "$cmd" 2>&1 ) + else + f_eval_catch -k err $funcname pw '%s' "$cmd" + fi + retval=$? + if [ $retval -ne $SUCCESS ]; then + f_show_err "%s" "$err" + return $retval + fi + + # Create home directory if desired + [ "${user_home_create:-$msg_no}" != "$msg_no" ] && + f_user_create_homedir "$user_name" + + # Copy dotfiles if desired + [ "${user_dotfiles_create:-$msg_no}" != "$msg_no" ] && + f_user_copy_dotfiles "$user_name" + fi + + f_dialog_title "$title" + $alert "$msg_login_added" + f_dialog_title_restore + [ "$no_confirm" -a "$USE_DIALOG" ] && sleep 1 + + return $SUCCESS +} + +# f_user_delete [$user] +# +# Delete a user. If both $user (as a first argument) and $VAR_USER are unset or +# NULL and we are running interactively, prompt the end-user to select a user +# account from a list of those available. Variables that can be used to script +# user input: +# +# VAR_USER [Optional if running interactively] +# The user to delete. Ignored if given non-NULL first-argument. +# +# Returns success if the user account was successfully deleted. +# +f_user_delete() +{ + local funcname=f_user_delete + local title # Calculated below + local alert=f_show_msg no_confirm= + + f_getvar $VAR_NO_CONFIRM no_confirm + [ "$no_confirm" ] && alert=f_show_info + + local input + f_getvar 3:-\$$VAR_USER input "$1" + + if f_interactive && [ ! "$input" ]; then + f_dialog_menu_user_list || return $SUCCESS + f_dialog_menutag_fetch input + [ "$input" = "X $msg_exit" ] && return $SUCCESS + elif [ ! "$input" ]; then + f_show_err "$msg_no_user_specified" + return $FAILURE + fi + + local user_account_expire user_class user_gecos user_gid user_home_dir + local user_member_groups user_name user_password user_password_expire + local user_shell user_uid # Variables created by f_input_user() below + if [ "$input" ] && ! f_input_user "$input"; then + f_show_err "$msg_login_not_found" "$input" + return $FAILURE + fi + + local user_group_delete= user_home_delete= + f_getvar $VAR_USER_GROUP_DELETE:-\$msg_no user_group_delete + f_getvar $VAR_USER_HOME_DELETE:-\$msg_no user_home_delete + + # Attempt to translate user GID into a group name + local user_group + if user_group=$( pw groupshow -g "$user_gid" 2> /dev/null ); then + user_group="${user_group%%:*}" + # Default to delete the primary group if no script-override and + # exists with same name as the user (same logic used by pw(8)) + f_isset $VAR_USER_GROUP_DELETE || + [ "$user_group" != "$user_name" ] || + user_group_delete="$msg_yes" + fi + + # + # Loop until the user decides to Exit, Cancel, or presses ESC + # + title="$msg_delete $msg_user: $user_name" + if f_interactive; then + local mtag retval defaultitem= + while :; do + f_dialog_title "$title" + f_dialog_menu_user_delete "$user_name" "$defaultitem" + retval=$? + f_dialog_title_restore + f_dialog_menutag_fetch mtag + f_dprintf "retval=%u mtag=[%s]" $retval "$mtag" + defaultitem="$mtag" + + # Return if user either pressed ESC or chose Cancel/No + [ $retval -eq $DIALOG_OK ] || return $FAILURE + + case "$mtag" in + X) # Delete/Exit + f_shell_escape "$user_uid" _user_uid + + # Save group information in case pw(8) deletes it + # and we wanted to keep it (to be restored below) + if [ "${user_group_delete:-$msg_no}" = "$msg_no" ] + then + local v vars="gid members name password" + for v in $vars; do local group_$var; done + f_input_group "$user_group" + + # Remove user-to-delete from group members + # NB: Otherwise group restoration could fail + local name length=0 _members= + while [ $length -ne ${#group_members} ]; do + name="${group_members%%,*}" + [ "$name" != "$user_name" ] && + _members="$_members,$name" + length=${#group_members} + group_members="${group_members#*,}" + done + group_members="${_members#,}" + + # Create escaped variables for f_eval_catch() + for v in $vars; do + local _group_$v + eval f_shell_escape \ + \"\$group_$v\" _group_$v + done + fi + + # Delete the user (if asked to delete home directory + # display [X]dialog notification to show activity) + local cmd="pw userdel -u '$_user_uid'" + if [ "$user_home_delete" = "$msg_yes" -a \ + "$USE_XDIALOG" ] + then + local err + err=$( + exec 9>&1 + f_eval_catch -e $funcname pw \ + "%s -r" "$cmd" \ + >&$DIALOG_TERMINAL_PASSTHRU_FD 2>&9 | + f_xdialog_info \ + "$msg_deleting_home_directory" + ) + [ ! "$err" ] + elif [ "$user_home_delete" = "$msg_yes" ]; then + f_dialog_info "$msg_deleting_home_directory" + f_eval_catch $funcname pw '%s -r' "$cmd" + else + f_eval_catch $funcname pw '%s' "$cmd" + fi || continue + + # + # pw(8) may conditionally delete the primary group, + # which may not be what is desired. + # + # If we've been asked to delete the group and pw(8) + # chose not to, delete it. Otherwise, if we're told + # to NOT delete the group, we may need to restore it + # since pw(8) doesn't have a flag to tell `userdel' + # to not delete the group. + # + # NB: If primary group and user have different names + # the group may not have been deleted (again, see PR + # 169471 and SVN r263114 for details). + # + if [ "${user_group_delete:-$msg_no}" != "$msg_no" ] + then + f_quietly pw groupshow -g "$user_gid" && + f_eval_catch $funcname pw \ + "pw groupdel -g '%s'" "$_user_gid" + elif ! f_quietly pw groupshow -g "$group_gid" && + [ "$group_name" -a "$group_gid" ] + then + # Group deleted by pw(8), so restore it + local cmd="pw groupadd -n '$_group_name'" + cmd="$cmd -g '$_group_gid'" + cmd="$cmd -M '$_group_members'" + + # Get the group password (pw(8) groupshow does + # NOT provide this (even if running privileged) + local group_password_enc + group_password_enc=$( getent group | awk -F: ' + !/^[[:space:]]*(#|$)/ && \ + $1 == ENVIRON["group_name"] && \ + $3 == ENVIRON["group_gid"] && \ + $4 == ENVIRON["group_members"] \ + { print $2; exit } + ' ) + if [ "$group_password_enc" ]; then + echo "$group_password_enc" | + f_eval_catch $funcname \ + pw '%s -H 0' "$cmd" + else + f_eval_catch $funcname \ + pw '%s -h -' "$cmd" + fi + fi + + break # to success + ;; + 1) # Login (select different login from list) + f_dialog_menu_user_list "$user_name" || continue + f_dialog_menutag_fetch mtag + + [ "$mtag" = "X $msg_exit" ] && continue + + if ! f_input_user "$mtag"; then + f_show_err "$msg_login_not_found" "$mtag" + # Attempt to fall back to previous selection + f_input_user "$input" || return $FAILURE + else + input="$mtag" + fi + title="$msg_delete $msg_user: $user_name" + ;; + C) # Delete Primary Group? + if [ "${user_group_delete:-$msg_no}" != "$msg_no" ] + then + user_group_delete="$msg_no" + else + user_group_delete="$msg_yes" + fi ;; + D) # Delete Home Directory? + if [ "${user_home_delete:-$msg_no}" != "$msg_no" ] + then + user_home_delete="$msg_no" + else + user_home_delete="$msg_yes" + fi ;; + esac + done + else + f_shell_escape "$user_uid" _user_uid + + # Save group information in case pw(8) deletes it + # and we wanted to keep it (to be restored below) + if [ "${user_group_delete:-$msg_no}" = "$msg_no" ]; then + local v vars="gid members name password" + for v in $vars; do local group_$v; done + f_input_group "$user_group" + + # Remove user we're about to delete from group members + # NB: Otherwise group restoration could fail + local name length=0 _members= + while [ $length -ne ${#group_members} ]; do + name="${group_members%%,*}" + [ "$name" != "$user_name" ] && + _members="$_members,$name" + length=${#group_members} + group_members="${group_members#*,}" + done + group_members="${_members#,}" + + # Create escaped variables for later f_eval_catch() + for v in $vars; do + local _group_$v + eval f_shell_escape \"\$group_$v\" _group_$v + done + fi + + # Delete the user (if asked to delete home directory + # display [X]dialog notification to show activity) + local err cmd="pw userdel -u '$_user_uid'" + if [ "$user_home_delete" = "$msg_yes" -a "$USE_XDIALOG" ]; then + err=$( + exec 9>&1 + f_eval_catch -de $funcname pw \ + '%s -r' "$cmd" 2>&9 | f_xdialog_info \ + "$msg_deleting_home_directory" + ) + [ ! "$err" ] + elif [ "$user_home_delete" = "$msg_yes" ]; then + f_dialog_info "$msg_deleting_home_directory" + f_eval_catch -k err $funcname pw '%s -r' "$cmd" + else + f_eval_catch -k err $funcname pw '%s' "$cmd" + fi + local retval=$? + if [ $retval -ne $SUCCESS ]; then + f_show_err "%s" "$err" + return $retval + fi + + # + # pw(8) may conditionally delete the primary group, which may + # not be what is desired. + # + # If we've been asked to delete the group and pw(8) chose not + # to, delete it. Otherwise, if we're told to NOT delete the + # group, we may need to restore it since pw(8) doesn't have a + # flag to tell `userdel' to not delete the group. + # + # NB: If primary group and user have different names the group + # may not have been deleted (again, see PR 169471 and SVN + # r263114 for details). + # + if [ "${user_group_delete:-$msg_no}" != "$msg_no" ] + then + f_quietly pw groupshow -g "$user_gid" && + f_eval_catch $funcname pw \ + "pw groupdel -g '%s'" "$_user_gid" + elif ! f_quietly pw groupshow -g "$group_gid" && + [ "$group_name" -a "$group_gid" ] + then + # Group deleted by pw(8), so restore it + local cmd="pw groupadd -n '$_group_name'" + cmd="$cmd -g '$_group_gid'" + cmd="$cmd -M '$_group_members'" + local group_password_enc + group_password_enc=$( getent group | awk -F: ' + !/^[[:space:]]*(#|$)/ && \ + $1 == ENVIRON["group_name"] && \ + $3 == ENVIRON["group_gid"] && \ + $4 == ENVIRON["group_members"] \ + { print $2; exit } + ' ) + if [ "$group_password_enc" ]; then + echo "$group_password_enc" | + f_eval_catch $funcname \ + pw '%s -H 0' "$cmd" + else + f_eval_catch $funcname pw '%s -h -' "$cmd" + fi + fi + fi + + f_dialog_title "$title" + $alert "$msg_login_deleted" + f_dialog_title_restore + [ "$no_confirm" -a "$USE_DIALOG" ] && sleep 1 + + return $SUCCESS +} + +# f_user_edit [$user] +# +# Modify a login account. If both $user (as a first argument) and $VAR_USER are +# unset or NULL and we are running interactively, prompt the end-user to select +# a login account from a list of those available. Variables that can be used to +# script user input: +# +# VAR_USER [Optional if running interactively] +# The login to modify. Ignored if given non-NULL first-argument. +# VAR_USER_ACCOUNT_EXPIRE [Optional] +# The account expiration time. Format is similar to +# VAR_USER_PASSWORD_EXPIRE variable below. If unset, account +# expiry is unchanged. If set but NULL, account expiration is +# disabled (same as setting a value of `0'). +# VAR_USER_DOTFILES_CREATE [Optional] +# If non-NULL, re-populate the user's home directory with the +# template files found in $udotdir (`/usr/share/skel' default). +# VAR_USER_GECOS [Optional] +# Often the full name of the account holder. If unset, the GECOS +# field is unmodified. If set but NULL, the field is blanked. +# VAR_USER_GID [Optional] +# Numerical primary-group ID to set. If NULL or unset, the group +# ID is unchanged. +# VAR_USER_GROUPS [Optional] +# Comma-separated list of additional groups to which the user is +# a member of. If set but NULL, group memberships are reset (this +# login will not be a member of any additional groups besides the +# primary group). If unset, group membership is unmodified. +# VAR_USER_HOME [Optional] +# The home directory to set. If NULL or unset, the home directory +# is unchanged. +# VAR_USER_HOME_CREATE [Optional] +# If non-NULL, create the user's home directory if it doesn't +# already exist. +# VAR_USER_LOGIN_CLASS [Optional] +# Login class to set. If unset, the login class is unchanged. If +# set but NULL, the field is blanked. +# VAR_USER_PASSWORD [Optional] +# Unencrypted password to set. If unset, the login password is +# unmodified. If set but NULL, password authentication for the +# login is disabled. +# VAR_USER_PASSWORD_EXPIRE [Optional] +# The password expiration time. Format of the date is either a +# UNIX time in decimal, or a date in dd-mmm-yy[yy] format, where +# dd is the day, mmm is the month in either numeric or alphabetic +# format, and yy[yy] is either a two or four digit year. This +# variable also accepts a relative date in the form of +n[mhdwoy] +# where n is a decimal, octal (leading 0) or hexadecimal (leading +# 0x) digit followed by the number of Minutes, Hours, Days, +# Weeks, Months or Years from the current date at which the +# expiration time is to be set. If unset, password expiry is +# unchanged. If set but NULL, password expiration is disabled +# (same as setting a value of `0'). +# VAR_USER_SHELL [Optional] +# Path to login shell to set. If NULL or unset, the shell is +# unchanged. +# VAR_USER_UID [Optional] +# Numerical user ID to set. If NULL or unset, the user ID is +# unchanged. +# +# Returns success if the user account was successfully modified. +# +f_user_edit() +{ + local funcname=f_user_edit + local title # Calculated below + local alert=f_show_msg no_confirm= + + f_getvar $VAR_NO_CONFIRM no_confirm + [ "$no_confirm" ] && alert=f_show_info + + local input + f_getvar 3:-\$$VAR_USER input "$1" + + # + # NB: pw(8) has a ``feature'' wherein `-n name' can be taken as UID + # instead of name. Work-around is to also pass `-u UID' at the same + # time (the UID is ignored in this case, so any UID will do). + # + if [ "$input" ] && ! f_quietly pw usershow -n "$input" -u 1337; then + f_show_err "$msg_login_not_found" "$input" + return $FAILURE + fi + + if f_interactive && [ ! "$input" ]; then + f_dialog_menu_user_list || return $SUCCESS + f_dialog_menutag_fetch input + [ "$input" = "X $msg_exit" ] && return $SUCCESS + elif [ ! "$input" ]; then + f_show_err "$msg_no_user_specified" + return $FAILURE + fi + + local user_account_expire user_class user_gecos user_gid user_home_dir + local user_member_groups user_name user_password user_password_expire + local user_shell user_uid # Variables created by f_input_user() below + if ! f_input_user "$input"; then + f_show_err "$msg_login_not_found" "$input" + return $FAILURE + fi + + # + # Override values probed by f_input_user() with desired values + # + f_isset $VAR_USER_GID && f_getvar $VAR_USER_GID user_gid + f_isset $VAR_USER_HOME && f_getvar $VAR_USER_HOME user_home_dir + f_isset $VAR_USER_SHELL && f_getvar $VAR_USER_SHELL user_shell + f_isset $VAR_USER_UID && f_getvar $VAR_USER_UID user_uid + local user_dotfiles_create= user_home_create= + f_getvar $VAR_USER_DOTFILES_CREATE:+\$msg_yes user_dotfiles_create + f_getvar $VAR_USER_HOME_CREATE:+\$msg_yes user_home_create + local no_account_expire= + if f_isset $VAR_USER_ACCOUNT_EXPIRE; then + f_getvar $VAR_USER_ACCOUNT_EXPIRE user_account_expire + [ "$user_account_expire" ] || no_account_expire=1 + fi + local null_gecos= + if f_isset $VAR_USER_GECOS; then + f_getvar $VAR_USER_GECOS user_gecos + [ "$user_gecos" ] || null_gecos=1 + fi + local null_members= + if f_isset $VAR_USER_GROUPS; then + f_getvar $VAR_USER_GROUPS user_member_groups + [ "$user_member_groups" ] || null_members=1 + fi + local null_class= + if f_isset $VAR_USER_LOGIN_CLASS; then + f_getvar $VAR_USER_LOGIN_CLASS user_class + [ "$user_class" ] || null_class=1 + fi + local user_password_disable= + if f_isset $VAR_USER_PASSWORD; then + f_getvar $VAR_USER_PASSWORD user_password + [ "$user_password" ] || user_password_disable=1 + fi + local no_password_expire= + if f_isset $VAR_USER_PASSWORD_EXPIRE; then + f_getvar $VAR_USER_PASSWORD_EXPIRE user_password_expire + [ "$user_password_expire" ] || no_password_expire=1 + fi + + # + # Loop until the user decides to Exit, Cancel, or presses ESC + # + title="$msg_edit_view $msg_user: $user_name" + if f_interactive; then + local mtag retval defaultitem= + while :; do + f_dialog_title "$title" + f_dialog_menu_user_edit "$defaultitem" + retval=$? + f_dialog_title_restore + f_dialog_menutag_fetch mtag + f_dprintf "retval=%u mtag=[%s]" $retval "$mtag" + defaultitem="$mtag" + + # Return if user either pressed ESC or chose Cancel/No + [ $retval -eq $DIALOG_OK ] || return $FAILURE + + case "$mtag" in + X) # Save/Exit + local var + for var in account_expire class gecos gid home_dir \ + member_groups name password_expire shell uid \ + ; do + local _user_$var + eval f_shell_escape \"\$user_$var\" _user_$var + done + + local cmd="pw usermod -n '$_user_name'" + [ "$user_gid" ] && cmd="$cmd -g '$_user_gid'" + [ "$user_shell" ] && cmd="$cmd -s '$_user_shell'" + [ "$user_uid" ] && cmd="$cmd -u '$_user_uid'" + [ "$user_account_expire" -o \ + "$no_account_expire" ] && + cmd="$cmd -e '$_user_account_expire'" + [ "$user_class" -o "$null_class" ] && + cmd="$cmd -L '$_user_class'" + [ "$user_gecos" -o "$null_gecos" ] && + cmd="$cmd -c '$_user_gecos'" + [ "$user_home_dir" ] && + cmd="$cmd -d '$_user_home_dir'" + [ "$user_member_groups" -o "$null_members" ] && + cmd="$cmd -G '$_user_member_groups'" + [ "$user_password_expire" -o \ + "$no_password_expire" ] && + cmd="$cmd -p '$_user_password_expire'" + + # Execute the command + if [ "$user_password_disable" ]; then + f_eval_catch $funcname pw '%s -h -' "$cmd" + elif [ "$user_password" ]; then + echo "$user_password" | f_eval_catch \ + $funcname pw '%s -h 0' "$cmd" + else + f_eval_catch $funcname pw '%s' "$cmd" + fi || continue + + # Create home directory if desired + [ "${user_home_create:-$msg_no}" != "$msg_no" ] && + f_user_create_homedir "$user_name" + + # Copy dotfiles if desired + [ "${user_dotfiles_create:-$msg_no}" != \ + "$msg_no" ] && f_user_copy_dotfiles "$user_name" + + break # to success + ;; + 1) # Login (select different login from list) + f_dialog_menu_user_list "$user_name" || continue + f_dialog_menutag_fetch mtag + + [ "$mtag" = "X $msg_exit" ] && continue + + if ! f_input_user "$mtag"; then + f_show_err "$msg_login_not_found" "$mtag" + # Attempt to fall back to previous selection + f_input_user "$input" || return $FAILURE + else + input="$mtag" + fi + title="$msg_edit_view $msg_user: $user_name" + ;; + 2) # Full Name + f_dialog_input_gecos user_gecos "$user_gecos" && + [ ! "$user_gecos" ] && null_gecos=1 ;; + 3) # Password + f_dialog_input_password \ + user_password user_password_disable ;; + 4) # User ID + f_dialog_input_uid user_uid "$user_uid" ;; + 5) # Group ID + f_dialog_input_gid user_gid "$user_gid" ;; + 6) # Member of Groups + f_dialog_input_member_groups \ + user_member_groups "$user_member_groups" && + [ ! "$user_member_groups" ] && + null_members=1 ;; + 7) # Login Class + f_dialog_input_class user_class "$user_class" && + [ ! "$user_class" ] && null_class=1 ;; + 8) # Password Expires On + f_dialog_input_expire_password \ + user_password_expire "$user_password_expire" && + [ ! "$user_password_expire" ] && + no_password_expire=1 ;; + 9) # Account Expires On + f_dialog_input_expire_account \ + user_account_expire "$user_account_expire" && + [ ! "$user_account_expire" ] && + no_account_expire=1 ;; + A) # Home Directory + f_dialog_input_home_dir \ + user_home_dir "$user_home_dir" ;; + B) # Shell + f_dialog_input_shell user_shell "$user_shell" ;; + C) # Create Home Directory? + if [ "${user_home_create:-$msg_no}" != "$msg_no" ] + then + user_home_create="$msg_no" + else + user_home_create="$msg_yes" + fi ;; + D) # Create Dotfiles? + if [ "${user_dotfiles_create:-$msg_no}" != \ + "$msg_no" ] + then + user_dotfiles_create="$msg_no" + else + user_dotfiles_create="$msg_yes" + fi ;; + esac + done + else + local var + for var in account_expire class gecos gid home_dir \ + member_groups name password_expire shell uid \ + ; do + local _user_$var + eval f_shell_escape \"\$user_$var\" _user_$var + done + + # Form the command + local cmd="pw usermod -n '$_user_name'" + [ "$user_gid" ] && cmd="$cmd -g '$_user_gid'" + [ "$user_home_dir" ] && cmd="$cmd -d '$_user_home_dir'" + [ "$user_shell" ] && cmd="$cmd -s '$_user_shell'" + [ "$user_uid" ] && cmd="$cmd -u '$_user_uid'" + [ "$user_account_expire" -o "$no_account_expire" ] && + cmd="$cmd -e '$_user_account_expire'" + [ "$user_class" -o "$null_class" ] && + cmd="$cmd -L '$_user_class'" + [ "$user_gecos" -o "$null_gecos" ] && + cmd="$cmd -c '$_user_gecos'" + [ "$user_member_groups" -o "$null_members" ] && + cmd="$cmd -G '$_user_member_groups'" + [ "$user_password_expire" -o "$no_password_expire" ] && + cmd="$cmd -p '$_user_password_expire'" + + # Execute the command + local retval err + if [ "$user_password_disable" ]; then + f_eval_catch -k err $funcname pw '%s -h -' "$cmd" + elif [ "$user_password" ]; then + err=$( echo "$user_password" | f_eval_catch -de \ + $funcname pw '%s -h 0' "$cmd" 2>&1 ) + else + f_eval_catch -k err $funcname pw '%s' "$cmd" + fi + retval=$? + if [ $retval -ne $SUCCESS ]; then + f_show_err "%s" "$err" + return $retval + fi + + # Create home directory if desired + [ "${user_home_create:-$msg_no}" != "$msg_no" ] && + f_user_create_homedir "$user_name" + + # Copy dotfiles if desired + [ "${user_dotfiles_create:-$msg_no}" != "$msg_no" ] && + f_user_copy_dotfiles "$user_name" + fi + + f_dialog_title "$title" + $alert "$msg_login_updated" + f_dialog_title_restore + [ "$no_confirm" -a "$USE_DIALOG" ] && sleep 1 + + return $SUCCESS +} + +############################################################ MAIN + +f_dprintf "%s: Successfully loaded." usermgmt/user.subr + +fi # ! $_USERMGMT_USER_SUBR diff --git a/usr.sbin/bsdconfig/usermgmt/share/user_input.subr b/usr.sbin/bsdconfig/usermgmt/share/user_input.subr new file mode 100644 index 0000000..39578c8 --- /dev/null +++ b/usr.sbin/bsdconfig/usermgmt/share/user_input.subr @@ -0,0 +1,1338 @@ +if [ ! "$_USERMGMT_USER_INPUT_SUBR" ]; then _USERMGMT_USER_INPUT_SUBR=1 +# +# Copyright (c) 2012 Ron McDowell +# Copyright (c) 2012-2014 Devin Teske +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. +# +# $FreeBSD$ +# +############################################################ INCLUDES + +BSDCFG_SHARE="/usr/share/bsdconfig" +. $BSDCFG_SHARE/common.subr || exit 1 +f_dprintf "%s: loading includes..." usermgmt/user_input.subr +f_include $BSDCFG_SHARE/dialog.subr +f_include $BSDCFG_SHARE/strings.subr + +BSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="070.usermgmt" +f_include_lang $BSDCFG_LIBE/include/messages.subr +f_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr + +############################################################ CONFIGURATION + +# +# Default location of shells(5) +# +: ${ETC_SHELLS:=/etc/shells} + +############################################################ FUNCTIONS + +# f_get_member_groups $var_to_set $user +# +# Get a list of additional groups $user is a member of in group(5). +# +f_get_member_groups() +{ + f_replaceall "$( pw groupshow -a | awk -F: -v user="$2" '{ + if (!split($4, users, /,/)) next + for (u in users) if (users[u] == user) { print $1; next } + }' )" "[$NL]" "," "$1" +} + +# f_input_user $user +# +# Given $user name or id, create the environment variables user_name, user_uid, +# user_gid, user_class, user_password_expire, user_account_expire, user_gecos, +# user_home_dir, user_shell, and user_member_groups (and user_password is reset +# to NULL). +# +f_input_user() +{ + local funcname=f_input_user + local user="$1" + + f_dprintf "$funcname: Getting info for user \`%s'" "$user" + eval "$( pw usershow "$user" 2> /dev/null | awk -F: ' + function set_value(var, value) { + gsub(/'\''/, "'\''\\'\'\''", value) + printf "user_%s='\'%s\''\n", var, value + } + { + found = $1 != "" + set_value("name", $1 ) + set_value("password", "" ) + set_value("uid", $3 ) + set_value("gid", $4 ) + set_value("class", $5 ) + set_value("password_expire", $6 ) + set_value("account_expire", $7 ) + set_value("gecos", $8 ) + set_value("home_dir", $9 ) + set_value("shell", $10) + exit + } + END { if (!found) print "false" }' )" + local retval=$? + + f_dprintf "$funcname: Getting group memberships for user \`%s'" "$user" + f_get_member_groups user_member_groups "$user" + + return $retval +} + +# f_dialog_menu_user_list [$default] +# +# Allows the user to select a login from a list. Optionally, if present and +# non-NULL, initially highlight $default user. +# +f_dialog_menu_user_list() +{ + local prompt= + local menu_list=" + 'X $msg_exit' '' + " # END-QUOTE + local defaultitem="$1" + local hline="$hline_alnum_punc_tab_enter" + + # Add users from passwd(5) + menu_list="$menu_list $( pw usershow -a | awk -F: ' + function mprint(tag, item) { + gsub(/'\''/, "'\''\\'\'\''", tag) + gsub(/'\''/, "'\''\\'\'\''", item) + printf "'\'%s\'\ \'%s\''\n", tag, item + } + !/^[[:space:]]*(#|$)/ { mprint($1, $8) } + ' )" + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_menutag_store -s "$menu_choice" + return $retval +} + +# f_dialog_input_member_groups $var_to_set [$member_groups] +# +# Allows the user to edit group memberships for a given user. If the user does +# not cancel or press ESC, the $var_to_set variable will hold the newly- +# configured value upon return. +# +f_dialog_input_member_groups() +{ + local __var_to_set="$1" __input="$2" + local __prompt="$msg_member_of_groups" + local __menu_list=" + 'X' '$msg_continue' + '1' '$msg_select_groups_from_list' + '2' '$msg_enter_groups_manually' + " # END-QUOTE + local __defaultitem= + local __hline="$hline_alnum_space_tab_enter" + + local __mheight __mwidth __mrows + eval f_dialog_menu_size __mheight __mwidth __mrows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$__prompt\" \ + \"\$__hline\" \ + $__menu_list + + local __menu_choice __retval + while :; do + __menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$__defaultitem\" \ + --menu \"\$__prompt\" \ + $__mheight $__mwidth $__mrows \ + $__menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __menu_choice + __defaultitem="$__menu_choice" + f_dprintf "retval=%u menu_choice=[%s]" \ + $__retval "$__menu_choice" + + # Return if user has either pressed ESC or chosen Cancel/No + [ $__retval -eq $DIALOG_OK ] || return $__retval + + local __member_groups + case "$__menu_choice" in + X) # Exit + break ;; + 1) # Select Groups from a list + local __check_list= # Calculated below + local __group_list __g __grp __length=0 + __group_list=$( pw groupshow -a | + awk -F: '!/^[[:space:]]*(#|$)/{print $1}' ) + while [ $__length -ne ${#__group_list} ]; do + __g="${__group_list%%$NL*}" # First line + f_shell_escape "$__g" __grp + + # Format of a checklist entry: tag item status + # NB: Setting both tag/item to group name below + __check_list="$__check_list '$__grp' '$__grp'" + case "$__input" in + "$__g"|"$__g",*|*,"$__g",*|*,"$__g") + __check_list="$__check_list on" ;; + *) + __check_list="$__check_list off" + esac + + __length=${#__group_list} + __group_list="${__group_list#*$NL}" # Kill line + done + + local __cheight __cwidth __crows + + eval f_dialog_checklist_size \ + __cheight __cwidth __crows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$__prompt\" \ + \"\$__hline\" \ + $__check_list + __member_groups=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --separate-output \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --checklist \"\$__prompt\" \ + $__cheight $__cwidth $__crows \ + $__check_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) || continue + # Return to previous menu if user either + # pressed ESC or chose Cancel/No + f_dialog_data_sanitize __member_groups + + # + # Convert the newline separated list into a comma- + # separated one so that if the user switches over to + # manual editing, list reflects checklist selections + # + f_replaceall "$__member_groups" "[$NL]" "," __input + ;; + 2) # Enter Groups manually + local __prompt2="$msg_groups" + __prompt2="$__prompt2 ($msg_separated_by_commas)" + + f_dialog_input __member_groups \ + "$__prompt2" "$__input" \ + "$hline_num_tab_enter" || continue + # Return to previous menu if user either + # pressed ESC or chose Cancel/No + + # + # Validate each of the groups the user has entered + # + local __all_groups_valid=1 __grp __grp_list + f_replaceall "$__member_groups" "," " " __grp_list + for __grp in $__grp_list; do + if ! f_quietly pw groupshow -n "$__grp"; then + f_show_msg "$msg_group_not_found" \ + "$__grp" + __all_groups_valid= + break + fi + done + [ "$__all_groups_valid" ] || continue + + __input="$__member_groups" + ;; + esac + done + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_name $var_to_set [$name] +# +# Allows the user to enter a new username for a given user. If the user does +# not cancel or press ESC, the $var_to_set variable will hold the newly- +# configured value upon return. +# +f_dialog_input_name() +{ + local __var_to_set="$1" __name="$2" + + # + # Loop until the user provides taint-free/valid input + # + local __input="$__name" + while :; do + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_login" "$__input" \ + "$hline_alnum_tab_enter" || return $? + + # Check for no-change + if [ "$__input" = "$__name" ]; then + setvar "$__var_to_set" "$__input" + return $DIALOG_OK + fi + + # Check for NULL entry + if [ ! "$__input" ]; then + f_show_msg "$msg_login_is_empty" + continue + fi + + # Check for invalid entry + case "$__input" in [!a-zA-Z]*) + f_show_msg "$msg_login_must_start_with_letter" + continue + esac + + # Check for duplicate entry + if f_quietly pw usershow -n "$__input"; then + f_show_msg "$msg_login_already_used" "$__input" + continue + fi + + setvar "$__var_to_set" "$__input" + break + done + + return $DIALOG_OK +} + +# f_dialog_input_password $var_to_set $dvar_to_set +# +# Prompt the user to enter a password (twice). If the user does not cancel or +# press ESC, $var_to_set will hold the confirmed user entry. Otherwise, if the +# user cancels or enters a NULL password (twice), they are given the choice to +# disable password authentication for the given login, wherein $dvar_to_set has +# a value of 1 to indicate password authentication should be disabled. +# +f_dialog_input_password() +{ + local __var_to_set="$1" __dvar_to_set="$2" + local __prompt1="$msg_password" + local __prompt2="$msg_reenter_password" + local __hline="$hline_alnum_punc_tab_enter" + + local __height1 __width1 + f_dialog_inputbox_size __height1 __width1 \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt1" \ + "" \ + "$__hline" + local __height2 __width2 + f_dialog_inputbox_size __height2 __width2 \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt2" \ + "" \ + "$__hline" + + # + # Loop until the user provides taint-free/valid input + # + local __retval __password1 __password2 + while :; do + __password1=$( $DIALOG \ + --title "$DIALOG_TITLE" \ + --backtitle "$DIALOG_BACKTITLE" \ + --hline "$__hline" \ + --ok-label "$msg_ok" \ + --cancel-label "$msg_cancel" \ + --insecure \ + --passwordbox "$__prompt1" \ + $__height1 $__width1 \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) || return $? + # Return if user either pressed ESC or chose Cancel/No + debug= f_dialog_line_sanitize __password1 + + __password2=$( $DIALOG \ + --title "$DIALOG_TITLE" \ + --backtitle "$DIALOG_BACKTITLE" \ + --hline "$__hline" \ + --ok-label "$msg_ok" \ + --cancel-label "$msg_cancel" \ + --insecure \ + --passwordbox "$__prompt2" \ + $__height2 $__width2 \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) || return $? + # Return if user either pressed ESC or chose Cancel/No + debug= f_dialog_line_sanitize __password2 + + # Check for password mismatch + if [ "$__password1" != "$__password2" ]; then + f_show_msg "$msg_passwords_do_not_match" + continue + fi + + # Check for NULL entry + if [ ! "$__password1" ]; then + f_dialog_yesno "$msg_disable_password_auth_for_account" + __retval=$? + if [ $__retval -eq $DIALOG_ESC ]; then + return $__retval + elif [ $__retval -eq $DIALOG_OK ]; then + setvar "$__dvar_to_set" 1 + else + continue # back to password prompt + fi + else + setvar "$__dvar_to_set" "" + fi + + setvar "$__var_to_set" "$__password1" + break + done + + return $DIALOG_OK +} + +# f_dialog_input_gecos $var_to_set [$gecos] +# +# Allow the user to enter new GECOS information for a given user. This +# information is commonly used to store the ``Full Name'' of the user. If the +# user does not cancel or press ESC, the $var_to_set variable will hold the +# newly-configured value upon return. +# +f_dialog_input_gecos() +{ + local __var_to_set="$1" __input="$2" + + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_full_name" "$__input" \ + "$hline_alnum_punc_tab_enter" || return $? + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_uid $var_to_set [$uid] +# +# Allow the user to enter a new UID for a given user. If the user does not +# cancel or press ESC, the $var_to_set variable will hold the newly-configured +# value upon return. +# +f_dialog_input_uid() +{ + local __var_to_set="$1" __input="$2" + + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_user_id_leave_empty_for_default" \ + "$__input" "$hline_num_tab_enter" || return $? + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_gid $var_to_set [$gid] +# +# Allow the user to enter a new primary GID for a given user. If the user does +# not cancel or press ESC, the $var_to_set variable will hold the newly- +# configured value upon return. +# +f_dialog_input_gid() +{ + local __var_to_set="$1" __input="$2" + + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_group_id_leave_empty_for_default" \ + "$__input" "$hline_num_tab_enter" || return $? + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_class $var_to_set [$class] +# +# Allow the user to enter a new login class for a given user. If the user does +# not cancel or press ESC, the $var_to_set variable will hold the newly- +# configured value upon return. +# +f_dialog_input_class() +{ + local __var_to_set="$1" __input="$2" + + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_login_class" "$__input" \ + "$hline_alnum_tab_enter" || return $? + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_expire_password $var_to_set [$seconds] +# +# Allow the user to enter a date/time (in number-of-seconds since the `epoch') +# for when a given user's password must be changed. If the user does not cancel +# or press ESC, the $var_to_set variable will hold the newly-configured value +# upon return. +# +f_dialog_input_expire_password() +{ + local __var_to_set="$1" __input="$2" + local __prompt="$msg_password_expires_on" + local __menu_list=" + '1' '$msg_password_does_not_expire' + '2' '$msg_edit_date_time_with_a_calendar' + '3' '$msg_enter_value_manually' + " # END-QUOTE + local __defaultitem= # Calculated below + local __hline="$hline_num_arrows_tab_enter" + + local __mheight __mwidth __mrows + eval f_dialog_menu_size __mheight __mwidth __mrows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$__prompt\" \ + \"\$__hline\" \ + $__menu_list + local __cheight __cwidth + f_dialog_calendar_size __cheight __cwidth \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt" \ + "$__hline" + local __theight __twidth + f_dialog_timebox_size __theight __twidth \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt" \ + "$__hline" + + # + # Loop until the user provides taint-free/cancellation-free input + # + local __retval __date_type + while :; do + __date_type=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --default-item \"\$__defaultitem\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --menu \"\$__prompt\" \ + $__mheight $__mwidth $__mrows \ + $__menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __date_type + __defaultitem="$__date_type" + f_dprintf "retval=%u date_type=[%s]" $__retval "$__date_type" + + # Return if user has either pressed ESC or chosen Cancel/No + [ $__retval -eq $DIALOG_OK ] || return $__retval + + case "$__date_type" in + 1) # Password does not expire + __input= break ;; + + 2) # Edit date/time with a calendar + local __input_date __input_time __ret_date __ret_time + + local __seconds="$__input" + { f_isinteger "$__seconds" && [ $__seconds -gt 0 ]; } || + __seconds= + __input_date=$( date -j -f "%s" -- "$__seconds" \ + "+%d %m %Y" 2> /dev/null ) + __ret_date=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --calendar \"\$__prompt\" \ + $__cheight $__cwidth \ + $__input_date \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __ret_date + f_dprintf "retval=%u ret_date=[%s]" \ + $__retval "$__ret_date" + + # Return to menu if either ESC or Cancel/No + [ $__retval -eq $DIALOG_OK ] || continue + + __input_time= + [ "$__seconds" ] && __input_time=$( date -j \ + -f %s -- "$__input" "+%H %M %S" 2> /dev/null ) + __ret_time=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --timebox \"\$__prompt\" \ + $__theight $__twidth \ + $__input_time \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __ret_time + f_dprintf "retval=%u ret_time=[%s]" \ + $__retval "$__ret_time" + + # Return to menu if either ESC or Cancel/No + [ $__retval -eq $DIALOG_OK ] || continue + + __input=$( date -j -f "%d/%m/%Y %T" -- \ + "$__ret_date $__ret_time" +%s 2> /dev/null ) + f_dprintf "input=[%s]" "$__input" + break ;; + + 3) # Enter value manually + local __msg __new_input + f_sprintf __msg "$msg_password_expire_manual_edit" \ + "$( date -r 0 "+%c %Z" )" + + # Return to menu if either ESC or Cancel/No + f_dialog_input __new_input \ + "$__msg" "$__input" "$__hline" || continue + + __input="$__new_input" + f_dprintf "input=[%s]" "$__input" + break ;; + + esac + + done # Loop forever + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_expire_account $var_to_set [$seconds] +# +# Allow the user to enter a date/time (in number-of-seconds since the `epoch') +# for when a given user's account should become expired. If the user does not +# cancel or press ESC, the $var_to_set variable will hold the newly-configured +# value upon return. +# +f_dialog_input_expire_account() +{ + local __var_to_set="$1" __input="$2" + local __prompt="$msg_account_expires_on" + local __menu_list=" + '1' '$msg_account_does_not_expire' + '2' '$msg_edit_date_time_with_a_calendar' + '3' '$msg_enter_value_manually' + " # END-QUOTE + local __defaultitem= # Calculated below + local __hline="$hline_num_arrows_tab_enter" + + local __mheight __mwidth __mrows + eval f_dialog_menu_size __mheight __mwidth __mrows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$__prompt\" \ + \"\$__hline\" \ + $__menu_list + local __cheight __cwidth + f_dialog_calendar_size __cheight __cwidth \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt" \ + "$__hline" + local __theight __twidth + f_dialog_timebox_size __theight __twidth \ + "$DIALOG_TITLE" \ + "$DIALOG_BACKTITLE" \ + "$__prompt" \ + "$__hline" + + # + # Loop until the user provides taint-free/cancellation-free input + # + local __retval __date_type + while :; do + __date_type=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --default-item \"\$__defaultitem\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --menu \"\$__prompt\" \ + $__mheight $__mwidth $__mrows \ + $__menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __date_type + __defaultitem="$__date_type" + f_dprintf "retval=%u date_type=[%s]" $__retval "$__date_type" + + # Return if user has either pressed ESC or chosen Cancel/No + [ $__retval -eq $DIALOG_OK ] || return $__retval + + case "$__date_type" in + 1) # Account does not expire + __input= break ;; + + 2) # Edit date/time with a calendar + local __input_date __input_time __ret_date __ret_time + + local __seconds="$__input" + { f_isinteger "$__seconds" && [ $__seconds -gt 0 ]; } || + __seconds= + __input_date=$( date -j -f "%s" -- "$__seconds" \ + "+%d %m %Y" 2> /dev/null ) + __ret_date=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --calendar \"\$__prompt\" \ + $__cheight $__cwidth \ + $__input_date \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __ret_date + f_dprintf "retval=%u ret_date=[%s]" \ + $__retval "$__ret_date" + + # Return to menu if either ESC or Cancel/No + [ $__retval -eq $DIALOG_OK ] || continue + + __input_time= + [ "$__seconds" ] && __input_time=$( date -j \ + -f %s -- "$__input" "+%H %M %S" 2> /dev/null ) + __ret_time=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --timebox \"\$__prompt\" \ + $__theight $__twidth \ + $__input_time \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + __retval=$? + f_dialog_data_sanitize __ret_time + f_dprintf "retval=%u ret_time=[%s]" \ + $__retval "$__ret_time" + + # Return to menu if either ESC or Cancel/No + [ $__retval -eq $DIALOG_OK ] || continue + + __input=$( date -j -f "%d/%m/%Y %T" -- \ + "$ret_date $ret_time" +%s 2> /dev/null ) + f_dprintf "input=[%s]" "$__input" + break ;; + + 3) # Enter value manually + local __msg __new_input + f_sprintf __msg "$msg_account_expire_manual_edit" \ + "$( date -r 0 "+%c %Z" )" + + # Return to menu if either ESC or Cancel/No + f_dialog_input __new_input \ + "$__msg" "$__input" "$__hline" || continue + + __input="$__new_input" + f_dprintf "input=[%s]" "$__input" + break ;; + + esac + + done # Loop forever + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_home_dir $var_to_set [$home_dir] +# +# Allow the user to enter a new home directory for a given login. If the user +# does not cancel or press ESC, the $var_to_set variable will hold the newly- +# configured value upon return. +# +f_dialog_input_home_dir() +{ + local __var_to_set="$1" __input="$2" + + # Return if user has either pressed ESC or chosen Cancel/No + f_dialog_input __input "$msg_home_directory" "$__input" \ + "$hline_alnum_punc_tab_enter" || return $? + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_input_home_create $var_to_set +# +# Prompt the user to confirm creation of a given login's home directory. If the +# user does not cancel (by choosing "No") or press ESC, the $var_to_set +# variable will hold $msg_yes upon return, otherwise $msg_no. Use these return +# variables ($msg_yes and $msg_no) for comparisons to be i18n-compatible. +# +f_dialog_input_home_create() +{ + local __var_to_set="$1" + + f_dialog_yesno "$msg_create_home_directory" + local __retval=$? + + if [ $__retval -eq $DIALOG_OK ]; then + setvar "$__var_to_set" "$msg_yes" + else + setvar "$__var_to_set" "$msg_no" + fi + + [ $__retval -ne $DIALOG_ESC ] # return failure if user pressed ESC +} + +# f_dialog_input_group_delete $var_to_set [$group] +# +# Prompt the user to confirm deletion of a given login's primary group. If the +# user does not cancel (by choosing "No") or press ESC, the $var_to_set +# variable will hold $msg_yes upon return, otherwise $msg_no. Use these return +# variables ($msg_yes and $msg_no) for comparisons to be i18n-compatible. +# +f_dialog_input_group_delete() +{ + local __var_to_set="$1" __group="$2" + + if f_isinteger "$__group"; then + if [ $__group -lt 1000 ]; then + f_dialog_noyes "$msg_delete_primary_group" + else + f_dialog_yesno "$msg_delete_primary_group" + fi + elif [ "$__group" ]; then + local __gid=0 + __gid=$( pw groupshow "$__group" | awk -F: '{print $3}' ) + if f_isinteger "$__gid" && [ $__gid -lt 1000 ]; then + f_dialog_noyes "$msg_delete_primary_group" + else + f_dialog_yesno "$msg_delete_primary_group" + fi + else + f_dialog_yesno "$msg_delete_primary_group" + fi + local __retval=$? + + if [ $__retval -eq $DIALOG_OK ]; then + setvar "$__var_to_set" "$msg_yes" + else + setvar "$__var_to_set" "$msg_no" + fi + + [ $__retval -ne $DIALOG_ESC ] # return failure if user pressed ESC +} + +# f_dialog_input_home_delete $var_to_set +# +# Prompt the user to confirm deletion of a given login's home directory. If the +# user does not cancel (by choosing "No") or press ESC, the $var_to_set +# variable will hold $msg_yes upon return, otherwise $msg_no. Use these return +# variables ($msg_yes and $msg_no) for comparisons to be i18n-compatible. +# +f_dialog_input_home_delete() +{ + local __var_to_set="$1" + + f_dialog_yesno "$msg_delete_home_directory" + local __retval=$? + + if [ $__retval -eq $DIALOG_OK ]; then + setvar "$__var_to_set" "$msg_yes" + else + setvar "$__var_to_set" "$msg_no" + fi + + [ $__retval -ne $DIALOG_ESC ] # return failure if user pressed ESC +} + +# f_dialog_input_dotfiles_create $var_to_set +# +# Prompt the user to confirm population of a given login's home directory with +# sample dotfiles. If the user does not cancel (by choosing "No") or press ESC, +# the $var_to_set variable will hold $msg_yes upon return, otherwise $msg_no. +# Use these return variables ($msg_yes and $msg_no) for comparison to be i18n- +# compatible. +# +f_dialog_input_dotfiles_create() +{ + local __var_to_set="$1" + + f_dialog_yesno "$msg_create_dotfiles" + local __retval=$? + + if [ $__retval -eq $DIALOG_OK ]; then + setvar "$__var_to_set" "$msg_yes" + else + setvar "$__var_to_set" "$msg_no" + fi + + [ $__retval -ne $DIALOG_ESC ] # return failure if user pressed ESC +} + +# f_dialog_input_shell $var_to_set [$shell] +# +# Allow the user to select a new shell for a given login. If the user does not +# cancel or press ESC, the $var_to_set variable will hold the newly-configured +# value upon return. +# +f_dialog_input_shell() +{ + local __funcname=f_dialog_input_shell + local __var_to_set="$1" __input="$2" + local __prompt="$msg_select_login_shell" + local __radio_list= # Calculated below + local __defaultitem="$2" + local __hline="$hline_arrows_space_tab_enter" + + # + # Generate the radiolist of shells + # + local __shell_list __s __shell __length=0 + f_eval_catch -k __shell_list $__funcname awk "awk '%s' \"%s\"" \ + '!/^[[:space:]]*(#|$)/{print}' "$ETC_SHELLS" || return $FAILURE + while [ $__length -ne ${#__shell_list} ]; do + __s="${__shell_list%%$NL*}" # First line + f_shell_escape "$__s" __shell + + # Format of a radiolist entry: tag item status + if [ "$__s" = "$__input" ]; then + __radio_list="$__radio_list '$__shell' '' 'on'" + else + __radio_list="$__radio_list '$__shell' '' 'off'" + fi + + __length=${#__shell_list} + __shell_list="${__shell_list#*$NL}" # Kill line + done + + local __height __width __rows + eval f_dialog_radiolist_size __height __width __rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$__prompt\" \ + \"\$__hline\" \ + $__radio_list + + __input=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$__hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$__defaultitem\" \ + --radiolist \"\$__prompt\" \ + $__height $__width $__rows \ + $__radio_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) || return $? + # Return if user either pressed ESC or chose Cancel/No + f_dialog_data_sanitize __input + + setvar "$__var_to_set" "$__input" + return $DIALOG_OK +} + +# f_dialog_menu_user_add [$defaultitem] +# +# Present a menu detailing the properties of a login that is about to be added. +# The user's menu choice is available using f_dialog_menutag_fetch(). Returns +# success unless the user chose Cancel or pressed ESC. Data to display is taken +# from environment variables user_account_expire, user_class, +# user_dotfiles_create, user_gecos, user_gid, user_home_create, user_home_dir, +# user_member_groups, user_name, user_password_expire, user_shell, and +# user_uid. If $defaultitem is present and non-NULL, initially highlight the +# item in the menu. +# +f_dialog_menu_user_add() +{ + local funcname=f_dialog_menu_user_add + local prompt="$msg_save_exit_or_cancel" + local menu_list # Calculated below + local defaultitem="$1" + local hline="$hline_arrows_tab_enter" + + # Attempt to convert numeric UNIX time to calendar date/time + local user_account_expires_on= + if f_isinteger "$user_account_expire"; then + [ "$user_account_expire" -ne 0 ] && user_account_expires_on=$( + date -r "$user_account_expire" "+%F %T %Z" + ) + else + user_account_expires_on="$user_account_expire" + fi + local user_password_expires_on= + if f_isinteger "$user_password_expire"; then + [ $user_password_expire -ne 0 ] && user_password_expires_on=$( + date -r "$user_password_expire" "+%F %T %Z" + ) + else + user_password_expires_on="$user_password_expire" + fi + + # Attempt to translate a numeric GID into `number (name)' + if f_isinteger "$user_gid"; then + local user_group + user_group=$( pw groupshow -g "$user_gid" 2> /dev/null ) && + user_gid="$user_gid (${user_group%%:*})" + fi + + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in account_expires_on class dotfiles_create gecos gid \ + home_create home_dir member_groups name password_expires_on \ + shell uid \ + ; do + local _user_$var + eval f_shell_escape \"\$user_$var\" _user_$var + done + + menu_list=" + 'X' '$msg_add/$msg_exit' + '1' '$msg_login: $_user_name' + '2' '$msg_full_name: $_user_gecos' + '3' '$msg_password: -----' + '4' '$msg_user_id: $_user_uid' + '5' '$msg_group_id: $_user_gid' + '6' '$msg_member_of_groups: $_user_member_groups' + '7' '$msg_login_class: $_user_class' + '8' '$msg_password_expires_on: $_user_password_expires_on' + '9' '$msg_account_expires_on: $_user_account_expires_on' + 'A' '$msg_home_directory: $_user_home_dir' + 'B' '$msg_shell: $_user_shell' + " # END-QUOTE + case "$user_home_dir" in + /|/nonexistent|/var/empty) menu_list="$menu_list + '-' '$msg_create_home_directory: $msg_n_a' + '-' '$msg_create_dotfiles: $msg_n_a' + " # END-QUOTE + ;; + *) if [ -d "$user_home_dir" ]; then menu_list="$menu_list + '-' '$msg_create_home_directory: $msg_n_a' + 'D' '$msg_create_dotfiles: ${_user_dotfiles_create:-$msg_no}' + " # END-QUOTE + else menu_list="$menu_list + 'C' '$msg_create_home_directory: ${_user_home_create:-$msg_no}' + 'D' '$msg_create_dotfiles: ${_user_dotfiles_create:-$msg_no}' + " # END-QUOTE + fi + esac + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --keep-tite \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_data_sanitize menu_choice + f_dialog_menutag_store "$menu_choice" + return $retval +} + +# f_dialog_menu_user_delete $user [$defaultitem] +# +# Present a menu detailing the properties of a login that is about to be +# deleted. The user's menu choice is available using f_dialog_menutag_fetch(). +# Returns success unless the user chose Cancel or pressed ESC. Data to display +# is populated automatically from the system accounting database for the given +# $user argument with the exception of two environment variables: +# user_group_delete and user_home_delete. If $defaultitem is present and non- +# NULL, initially highlight the item in the menu. +# +f_dialog_menu_user_delete() +{ + local prompt="$msg_delete_exit_or_cancel" + local menu_list # Calculated below + local defaultitem="$2" + local hline="$hline_arrows_tab_enter" + + local user_name user_password user_uid user_gid user_class + local user_password_expire user_account_expire user_gecos + local user_home_dir user_shell user_member_groups + f_input_user "$1" + + # Attempt to convert numeric UNIX time to calendar date/time + local user_account_expires_on= + if f_isinteger "$user_account_expire"; then + [ "$user_account_expire" -ne 0 ] && user_account_expires_on=$( + date -r "$user_account_expire" "+%F %T %Z" + ) + else + user_account_expires_on="$user_account_expire" + fi + local user_password_expires_on= + if f_isinteger "$user_password_expire"; then + [ $user_password_expire -ne 0 ] && user_password_expires_on=$( + date -r "$user_password_expire" "+%F %T %Z" + ) + else + user_password_expires_on="$user_password_expire" + fi + + # Attempt to translate a numeric GID into `number (name)' + if f_isinteger "$user_gid"; then + local user_group + user_group=$( pw groupshow -g "$user_gid" 2> /dev/null ) && + user_gid="$user_gid (${user_group%%:*})" + fi + + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in account_expires_on class gecos gid group_delete \ + home_delete home_dir member_groups name password_expires_on \ + shell uid \ + ; do + local _user_$var + eval f_shell_escape \"\$user_$var\" _user_$var + done + + menu_list=" + 'X' '$msg_delete/$msg_exit' + '1' '$msg_login: $_user_name' + '-' '$msg_full_name: $_user_gecos' + '-' '$msg_password: -----' + '-' '$msg_user_id: $_user_uid' + '-' '$msg_group_id: $_user_gid' + '-' '$msg_group_members: $_user_member_groups' + '-' '$msg_login_class: $_user_class' + '-' '$msg_password_expires_on: $_user_password_expires_on' + '-' '$msg_account_expires_on: $_user_account_expires_on' + '-' '$msg_home_directory: $_user_home_dir' + '-' '$msg_shell: $_user_shell' + " # END-QUOTE + if f_quietly pw groupshow -g "$user_gid"; then menu_list="$menu_list + 'C' '$msg_delete_primary_group: ${_user_group_delete:-$msg_no}' + " # END-QUOTE + else menu_list="$menu_list + '-' '$msg_delete_primary_group: $msg_n_a' + " # END-QUOTE + fi + case "$user_home_dir" in + /|/nonexistent|/var/empty) menu_list="$menu_list + '-' '$msg_delete_home_directory: $msg_n_a' + " # END-QUOTE + ;; + *) if [ -d "$user_home_dir" ]; then menu_list="$menu_list + 'D' '$msg_delete_home_directory: ${_user_home_delete:-$msg_no}' + " # END-QUOTE + else menu_list="$menu_list + '-' '$msg_delete_home_directory: $msg_n_a' + " # END-QUOTE + fi + esac + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --keep-tite \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_data_sanitize menu_choice + f_dialog_menutag_store "$menu_choice" + return $retval +} + +# f_dialog_menu_user_edit [$defaultitem] +# +# Present a menu detailing the properties of a login that is about to be +# modified. The user's menu choice is available using f_dialog_menutag_fetch(). +# Returns success unless the user chose Cancel or pressed ESC. Data to display +# is taken from environment variables user_account_expire, user_class, +# user_dotfiles_create, user_gecos, user_gid, user_home_create, user_home_dir, +# user_member_groups, user_name, user_password_expire, user_shell, and +# user_uid. If $defaultitem is present and non-NULL, initially highlight the +# item in the menu. +# +f_dialog_menu_user_edit() +{ + local prompt="$msg_save_exit_or_cancel" + local menu_list # Calculated below + local defaultitem="$1" + local hline="$hline_arrows_tab_enter" + + # Attempt to convert numeric UNIX time to calendar date/time + local user_account_expires_on= + if f_isinteger "$user_account_expire"; then + [ "$user_account_expire" -ne 0 ] && user_account_expires_on=$( + date -r "$user_account_expire" "+%F %T %Z" + ) + else + user_account_expires_on="$user_account_expire" + fi + local user_password_expires_on= + if f_isinteger "$user_password_expire"; then + [ $user_password_expire -ne 0 ] && user_password_expires_on=$( + date -r "$user_password_expire" "+%F %T %Z" + ) + else + user_password_expires_on="$user_password_expire" + fi + + # Attempt to translate a numeric GID into `number (name)' + if f_isinteger "$user_gid"; then + local user_group + user_group=$( pw groupshow -g "$user_gid" 2> /dev/null ) && + user_gid="$user_gid (${user_group%%:*})" + fi + + # Localize potentially hostile variables and escape their values + # to the local variable (see f_shell_escape() of `strings.subr') + local var + for var in account_expires_on class dotfiles_create gecos gid \ + home_create home_dir member_groups name password_expires_on \ + shell uid \ + ; do + local _user_$var + eval f_shell_escape \"\$user_$var\" _user_$var + done + + menu_list=" + 'X' '$msg_save/$msg_exit' + '1' '$msg_login: $_user_name' + '2' '$msg_full_name: $_user_gecos' + '3' '$msg_password: -----' + '4' '$msg_user_id: $_user_uid' + '5' '$msg_group_id: $_user_gid' + '6' '$msg_member_of_groups: $_user_member_groups' + '7' '$msg_login_class: $_user_class' + '8' '$msg_password_expires_on: $_user_password_expires_on' + '9' '$msg_account_expires_on: $_user_account_expires_on' + 'A' '$msg_home_directory: $_user_home_dir' + 'B' '$msg_shell: $_user_shell' + " # END-QUOTE + case "$user_home_dir" in + /|/nonexistent|/var/empty) menu_list="$menu_list + '-' '$msg_create_home_directory: $msg_n_a' + '-' '$msg_create_dotfiles: $msg_n_a' + " # END-QUOTE + ;; + *) if [ -d "$user_home_dir" ]; then menu_list="$menu_list + '-' '$msg_create_home_directory: $msg_n_a' + 'D' '$msg_create_dotfiles: ${_user_dotfiles_create:-$msg_no}' + " # END-QUOTE + else menu_list="$menu_list + 'C' '$msg_create_home_directory: ${_user_home_create:-$msg_no}' + 'D' '$msg_create_dotfiles: ${_user_dotfiles_create:-$msg_no}' + " # END-QUOTE + fi + esac + + local height width rows + eval f_dialog_menu_size height width rows \ + \"\$DIALOG_TITLE\" \ + \"\$DIALOG_BACKTITLE\" \ + \"\$prompt\" \ + \"\$hline\" \ + $menu_list + + local menu_choice + menu_choice=$( eval $DIALOG \ + --title \"\$DIALOG_TITLE\" \ + --backtitle \"\$DIALOG_BACKTITLE\" \ + --hline \"\$hline\" \ + --ok-label \"\$msg_ok\" \ + --cancel-label \"\$msg_cancel\" \ + --default-item \"\$defaultitem\" \ + --keep-tite \ + --menu \"\$prompt\" \ + $height $width $rows \ + $menu_list \ + 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD + ) + local retval=$? + f_dialog_data_sanitize menu_choice + f_dialog_menutag_store "$menu_choice" + return $retval +} + +############################################################ MAIN + +f_dprintf "%s: Successfully loaded." usermgmt/user_input.subr + +fi # ! $_USERMGMT_USER_INPUT_SUBR |
