1 /* vi: set sw=4 ts=4: */
3 * addgroup - add groups to /etc/group and /etc/gshadow
5 * Copyright (C) 1999 by Lineo, inc. and John Beppu
6 * Copyright (C) 1999,2000,2001 by John Beppu <beppu@codepoet.org>
7 * Copyright (C) 2007 by Tito Ragusa <farmatito@tiscali.it>
9 * Licensed under GPLv2 or later, see file LICENSE in this source tree.
14 #if CONFIG_LAST_SYSTEM_ID < CONFIG_FIRST_SYSTEM_ID
15 #error Bad LAST_SYSTEM_ID or FIRST_SYSTEM_ID in .config
18 #define OPT_GID (1 << 0)
19 #define OPT_SYSTEM_ACCOUNT (1 << 1)
21 /* We assume GID_T_MAX == INT_MAX */
22 static void xgroup_study(struct group *g)
24 unsigned max = INT_MAX;
26 /* Make sure gr_name is unused */
27 if (getgrnam(g->gr_name)) {
28 bb_error_msg_and_die("%s '%s' in use", "group", g->gr_name);
29 /* these format strings are reused in adduser and addgroup */
32 /* if a specific gid is requested, the --system switch and */
33 /* min and max values are overridden, and the range of valid */
34 /* gid values is set to [0, INT_MAX] */
35 if (!(option_mask32 & OPT_GID)) {
36 if (option_mask32 & OPT_SYSTEM_ACCOUNT) {
37 g->gr_gid = CONFIG_FIRST_SYSTEM_ID;
38 max = CONFIG_LAST_SYSTEM_ID;
40 g->gr_gid = CONFIG_LAST_SYSTEM_ID + 1;
44 /* Check if the desired gid is free
45 * or find the first free one */
47 if (!getgrgid(g->gr_gid)) {
48 return; /* found free group: return */
50 if (option_mask32 & OPT_GID) {
51 /* -g N, cannot pick gid other than N: error */
52 bb_error_msg_and_die("%s '%s' in use", "gid", itoa(g->gr_gid));
53 /* this format strings is reused in adduser and addgroup */
55 if (g->gr_gid == max) {
56 /* overflowed: error */
57 bb_error_msg_and_die("no %cids left", 'g');
58 /* this format string is reused in adduser and addgroup */
64 /* append a new user to the passwd file */
65 static void new_group(char *group, gid_t gid)
70 /* make sure gid and group haven't already been allocated */
75 /* add entry to group */
76 p = xasprintf("x:%u:", (unsigned) gr.gr_gid);
77 if (update_passwd(bb_path_group_file, group, p, NULL) < 0)
79 if (ENABLE_FEATURE_CLEAN_UP)
81 #if ENABLE_FEATURE_SHADOWPASSWDS
82 /* /etc/gshadow fields:
84 * 2. Encrypted password.
85 * If set, non-members of the group can join the group
86 * by typing the password for that group using the newgrp command.
87 * If the value is of this field ! then no user is allowed
88 * to access the group using the newgrp command. A value of !!
89 * is treated the same as a value of ! only it indicates
90 * that a password has never been set before. If the value is null,
91 * only group members can log into the group.
92 * 3. Group administrators (comma delimited list).
93 * Group members listed here can add or remove group members
94 * using the gpasswd command.
95 * 4. Group members (comma delimited list).
97 /* Ignore errors: if file is missing we assume admin doesn't want it */
98 update_passwd(bb_path_gshadow_file, group, "!::", NULL);
102 #if ENABLE_FEATURE_ADDGROUP_LONG_OPTIONS
103 static const char addgroup_longopts[] ALIGN1 =
104 "gid\0" Required_argument "g"
105 "system\0" No_argument "S"
110 * addgroup will take a login_name as its first parameter.
112 * gid can be customized via command-line parameters.
113 * If called with two non-option arguments, addgroup
114 * will add an existing user to an existing group.
116 int addgroup_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
117 int addgroup_main(int argc UNUSED_PARAM, char **argv)
122 /* need to be root */
124 bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
126 #if ENABLE_FEATURE_ADDGROUP_LONG_OPTIONS
127 applet_long_options = addgroup_longopts;
131 * addgroup -g num group
132 * addgroup user group
133 * Check for min, max and missing args */
134 opt_complementary = "-1:?2:g+";
135 opts = getopt32(argv, "g:S", &gid);
136 /* move past the commandline options */
140 #if ENABLE_FEATURE_ADDUSER_TO_GROUP
144 if (opts & OPT_GID) {
145 /* -g was there, but "addgroup -g num user group"
150 /* check if group and user exist */
151 xuname2uid(argv[0]); /* unknown user: exit */
152 gr = xgetgrnam(argv[1]); /* unknown group: exit */
153 /* check if user is already in this group */
154 for (; *(gr->gr_mem) != NULL; (gr->gr_mem)++) {
155 if (!strcmp(argv[0], *(gr->gr_mem))) {
156 /* user is already in group: do nothing */
160 if (update_passwd(bb_path_group_file, argv[1], NULL, argv[0]) < 0) {
163 # if ENABLE_FEATURE_SHADOWPASSWDS
164 update_passwd(bb_path_gshadow_file, argv[1], NULL, argv[0]);
167 #endif /* ENABLE_FEATURE_ADDUSER_TO_GROUP */
169 die_if_bad_username(argv[0]);
170 new_group(argv[0], gid);
172 /* Reached only on success */