/* vi: set sw=4 ts=4: */
/*
- * deluser (remove lusers from the system ;) for TinyLogin
+ * deluser/delgroup implementation for busybox
*
* Copyright (C) 1999 by Lineo, inc. and John Beppu
* Copyright (C) 1999,2000,2001 by John Beppu <beppu@codepoet.org>
+ * Copyright (C) 2007 by Tito Ragusa <farmatito@tiscali.it>
*
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ * Licensed under GPLv2, see file LICENSE in this source tree.
*
*/
-#include <sys/stat.h>
-#include <unistd.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include "busybox.h"
-
-#define PASSWD_FILE "/etc/passwd"
-#define GROUP_FILE "/etc/group"
-#define SHADOW_FILE "/etc/shadow"
-#define GSHADOW_FILE "/etc/gshadow"
-
-
-/* where to start and stop deletion */
-typedef struct {
- size_t start;
- size_t stop;
-} Bounds;
-
-/* An interesting side-effect of boundary()'s
- * implementation is that the first user (typically root)
- * cannot be removed. Let's call it a feature. */
-static inline Bounds boundary(const char *buffer, const char *login)
-{
- char needle[256];
- char *start;
- char *stop;
- Bounds b;
-
- snprintf(needle, 256, "\n%s:", login);
- needle[255] = 0;
- start = strstr(buffer, needle);
- if (!start) {
- b.start = 0;
- b.stop = 0;
- return b;
- }
- start++;
-
- stop = index(start, '\n'); /* index is a BSD-ism */
- b.start = start - buffer;
- b.stop = stop - buffer;
- return b;
-}
-
-/* grep -v ^login (except it only deletes the first match) */
-/* ...in fact, I think I'm going to simplify this later */
-static int del_line_matching(const char *login, const char *filename)
-{
- char *buffer;
- FILE *passwd;
- size_t len;
- Bounds b;
- struct stat statbuf;
-
- /* load into buffer */
- passwd = fopen(filename, "r");
- if (!passwd) {
- return 1;
- }
- stat(filename, &statbuf);
- len = statbuf.st_size;
- buffer = (char *) malloc(len * sizeof(char));
+//usage:#define deluser_trivial_usage
+//usage: "USER"
+//usage:#define deluser_full_usage "\n\n"
+//usage: "Delete USER from the system"
- if (!buffer) {
- fclose(passwd);
- return 1;
- }
- fread(buffer, len, sizeof(char), passwd);
-
- fclose(passwd);
+//usage:#define delgroup_trivial_usage
+//usage: IF_FEATURE_DEL_USER_FROM_GROUP("[USER] ")"GROUP"
+//usage:#define delgroup_full_usage "\n\n"
+//usage: "Delete group GROUP from the system"
+//usage: IF_FEATURE_DEL_USER_FROM_GROUP(" or user USER from group GROUP")
- /* find the user to remove */
- b = boundary(buffer, login);
- if (b.stop == 0) {
- free(buffer);
- return 1;
- }
-
- /* write the file w/o the user */
- passwd = fopen(filename, "w");
- if (!passwd) {
- return 1;
- }
- fwrite(buffer, (b.start - 1), sizeof(char), passwd);
- fwrite(&buffer[b.stop], (len - b.stop), sizeof(char), passwd);
+#include "libbb.h"
- fclose(passwd);
-
- return 0;
-}
-
-/* ________________________________________________________________________ */
-int delgroup_main(int argc, char **argv)
-{
- /* int successful; */
- int failure;
-
- if (argc != 2) {
- show_usage();
- } else {
-
- failure = del_line_matching(argv[1], GROUP_FILE);
-#ifdef CONFIG_FEATURE_SHADOWPASSWDS
- if (access(GSHADOW_FILE, W_OK) == 0) {
- /* EDR the |= works if the error is not 0, so he had it wrong */
- failure |= del_line_matching(argv[1], GSHADOW_FILE);
- }
-#endif /* CONFIG_FEATURE_SHADOWPASSWDS */
- /* if (!successful) { */
- if (failure) {
- error_msg_and_die("%s: Group could not be removed\n", argv[1]);
- }
-
- }
- return (EXIT_SUCCESS);
-}
-
-/* ________________________________________________________________________ */
+int deluser_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
int deluser_main(int argc, char **argv)
{
- /* int successful; */
- int failure;
-
- if (argc != 2) {
- show_usage();
- } else {
-
- failure = del_line_matching(argv[1], PASSWD_FILE);
- /* if (!successful) { */
- if (failure) {
- error_msg_and_die("%s: User could not be removed from %s\n",
- argv[1], PASSWD_FILE);
- }
-#ifdef CONFIG_FEATURE_SHADOWPASSWDS
- failure = del_line_matching(argv[1], SHADOW_FILE);
- /* if (!successful) { */
- if (failure) {
- error_msg_and_die("%s: User could not be removed from %s\n",
- argv[1], SHADOW_FILE);
- }
- failure = del_line_matching(argv[1], GSHADOW_FILE);
- /* if (!successful) { */
- if (failure) {
- error_msg_and_die("%s: User could not be removed from %s\n",
- argv[1], GSHADOW_FILE);
- }
-#endif /* CONFIG_FEATURE_SHADOWPASSWDS */
- failure = del_line_matching(argv[1], GROUP_FILE);
- /* if (!successful) { */
- if (failure) {
- error_msg_and_die("%s: User could not be removed from %s\n",
- argv[1], GROUP_FILE);
+ /* User or group name */
+ char *name;
+ /* Username (non-NULL only in "delgroup USER GROUP" case) */
+ char *member;
+ /* Name of passwd or group file */
+ const char *pfile;
+ /* Name of shadow or gshadow file */
+ const char *sfile;
+ /* Are we deluser or delgroup? */
+ int do_deluser = (ENABLE_DELUSER && (!ENABLE_DELGROUP || applet_name[3] == 'u'));
+
+ if (geteuid() != 0)
+ bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+
+ name = argv[1];
+ member = NULL;
+
+ switch (argc) {
+ case 3:
+ if (!ENABLE_FEATURE_DEL_USER_FROM_GROUP || do_deluser)
+ break;
+ /* It's "delgroup USER GROUP" */
+ member = name;
+ name = argv[2];
+ /* Fallthrough */
+
+ case 2:
+ if (do_deluser) {
+ /* "deluser USER" */
+ xgetpwnam(name); /* bail out if USER is wrong */
+ pfile = bb_path_passwd_file;
+ if (ENABLE_FEATURE_SHADOWPASSWDS)
+ sfile = bb_path_shadow_file;
+ } else {
+ struct group *gr;
+ do_delgroup:
+ /* "delgroup GROUP" or "delgroup USER GROUP" */
+ if (do_deluser < 0) { /* delgroup after deluser? */
+ gr = getgrnam(name);
+ if (!gr)
+ return EXIT_SUCCESS;
+ } else {
+ gr = xgetgrnam(name); /* bail out if GROUP is wrong */
+ }
+ if (!member) {
+ /* "delgroup GROUP" */
+ struct passwd *pw;
+ struct passwd pwent;
+ /* Check if the group is in use */
+#define passwd_buf bb_common_bufsiz1
+ while (!getpwent_r(&pwent, passwd_buf, sizeof(passwd_buf), &pw)) {
+ if (pwent.pw_gid == gr->gr_gid)
+ bb_error_msg_and_die("'%s' still has '%s' as their primary group!", pwent.pw_name, name);
+ }
+ //endpwent();
+ }
+ pfile = bb_path_group_file;
+ if (ENABLE_FEATURE_SHADOWPASSWDS)
+ sfile = bb_path_gshadow_file;
}
+ /* Modify pfile, then sfile */
+ do {
+ if (update_passwd(pfile, name, NULL, member) == -1)
+ return EXIT_FAILURE;
+ if (ENABLE_FEATURE_SHADOWPASSWDS) {
+ pfile = sfile;
+ sfile = NULL;
+ }
+ } while (ENABLE_FEATURE_SHADOWPASSWDS && pfile);
+
+ if (ENABLE_DELGROUP && do_deluser > 0) {
+ /* "deluser USER" also should try to delete
+ * same-named group. IOW: do "delgroup USER"
+ */
+// On debian deluser is a perl script that calls userdel.
+// From man userdel:
+// If USERGROUPS_ENAB is defined to yes in /etc/login.defs, userdel will
+// delete the group with the same name as the user.
+ do_deluser = -1;
+ goto do_delgroup;
+ }
+ return EXIT_SUCCESS;
}
- return (EXIT_SUCCESS);
+ /* Reached only if number of command line args is wrong */
+ bb_show_usage();
}
-
-/* $Id: deluser.c,v 1.1 2002/06/04 20:45:05 sandman Exp $ */