X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=loginutils%2Faddgroup.c;h=215e4a9e0ee74817cb6e7c99fba00f22efe4b80c;hb=9f5a577a3241597cb5e7ba9f6df33c2e3c440e44;hp=2487aad318810074082738e3c07d94d739ea8a96;hpb=b6adbf1be29841501cc49917249e85f273e1df7c;p=oweals%2Fbusybox.git diff --git a/loginutils/addgroup.c b/loginutils/addgroup.c index 2487aad31..215e4a9e0 100644 --- a/loginutils/addgroup.c +++ b/loginutils/addgroup.c @@ -9,164 +9,167 @@ * Licensed under GPLv2 or later, see file LICENSE in this tarball for details. * */ - #include "libbb.h" +#if CONFIG_LAST_SYSTEM_ID < CONFIG_FIRST_SYSTEM_ID +#error Bad LAST_SYSTEM_ID or FIRST_SYSTEM_ID in .config +#endif + +#define OPT_GID (1 << 0) +#define OPT_SYSTEM_ACCOUNT (1 << 1) + +/* We assume GID_T_MAX == INT_MAX */ static void xgroup_study(struct group *g) { - enum { max = 65000 }; - /* Use a particular gid. */ - int desired = (g->gr_gid > 0); + unsigned max = INT_MAX; /* Make sure gr_name is unused */ if (getgrnam(g->gr_name)) { - goto error; + bb_error_msg_and_die("%s '%s' in use", "group", g->gr_name); + /* these format strings are reused in adduser and addgroup */ } - /* Check if the desired gid is free or - find the first free one */ - do { - if (g->gr_gid == max) { /* out of bounds: exit */ - bb_error_msg_and_die("no gids left"); + /* if a specific gid is requested, the --system switch and */ + /* min and max values are overridden, and the range of valid */ + /* gid values is set to [0, INT_MAX] */ + if (!(option_mask32 & OPT_GID)) { + if (option_mask32 & OPT_SYSTEM_ACCOUNT) { + g->gr_gid = CONFIG_FIRST_SYSTEM_ID; + max = CONFIG_LAST_SYSTEM_ID; + } else { + g->gr_gid = CONFIG_LAST_SYSTEM_ID + 1; + max = 64999; } + } + /* Check if the desired gid is free + * or find the first free one */ + while (1) { if (!getgrgid(g->gr_gid)) { - return; /* ok */ + return; /* found free group: return */ } - if (desired) { /* the desired gid is already in use: exit */ - g->gr_name = itoa(g->gr_gid); - goto error; + if (option_mask32 & OPT_GID) { + /* -g N, cannot pick gid other than N: error */ + bb_error_msg_and_die("%s '%s' in use", "gid", itoa(g->gr_gid)); + /* this format strings is reused in adduser and addgroup */ + } + if (g->gr_gid == max) { + /* overflowed: error */ + bb_error_msg_and_die("no %cids left", 'g'); + /* this format string is reused in adduser and addgroup */ } g->gr_gid++; - } while (1); - -error: - /* exit */ - bb_error_msg_and_die("%s: already in use", g->gr_name); + } } /* append a new user to the passwd file */ static void new_group(char *group, gid_t gid) { - FILE *file; struct group gr; + char *p; /* make sure gid and group haven't already been allocated */ gr.gr_gid = gid; gr.gr_name = group; - xgroup_study( &gr); + xgroup_study(&gr); /* add entry to group */ - file = xfopen(bb_path_group_file, "a"); - /* group:passwd:gid:userlist */ - fprintf(file, "%s:x:%d:\n", group, gr.gr_gid); + p = xasprintf("x:%u:", (unsigned) gr.gr_gid); + if (update_passwd(bb_path_group_file, group, p, NULL) < 0) + exit(EXIT_FAILURE); if (ENABLE_FEATURE_CLEAN_UP) - fclose(file); + free(p); #if ENABLE_FEATURE_SHADOWPASSWDS - file = fopen_or_warn(bb_path_gshadow_file, "a"); - if (file) { - fprintf(file, "%s:!::\n", group); - if (ENABLE_FEATURE_CLEAN_UP) - fclose(file); - } + /* /etc/gshadow fields: + * 1. Group name. + * 2. Encrypted password. + * If set, non-members of the group can join the group + * by typing the password for that group using the newgrp command. + * If the value is of this field ! then no user is allowed + * to access the group using the newgrp command. A value of !! + * is treated the same as a value of ! only it indicates + * that a password has never been set before. If the value is null, + * only group members can log into the group. + * 3. Group administrators (comma delimited list). + * Group members listed here can add or remove group members + * using the gpasswd command. + * 4. Group members (comma delimited list). + */ + /* Ignore errors: if file is missing we assume admin doesn't want it */ + update_passwd(bb_path_gshadow_file, group, "!::", NULL); #endif } -#if ENABLE_FEATURE_ADDUSER_TO_GROUP -static void add_user_to_group(char **args, - const char *path, - FILE *(*fopen_func)(const char *fileName, const char *mode)) -{ - char *line; - int len = strlen(args[1]); - llist_t *plist = NULL; - FILE *group_file; - - group_file = fopen_func(path, "r"); - - if (!group_file) return; - - while ((line = xmalloc_getline(group_file))) { - /* Find the group */ - if (!strncmp(line, args[1], len) - && line[len] == ':' - ) { - /* Add the new user */ - line = xasprintf("%s%s%s", line, - last_char_is(line, ':') ? "" : ",", - args[0]); - } - llist_add_to_end(&plist, line); - } - - if (ENABLE_FEATURE_CLEAN_UP) { - fclose(group_file); - group_file = fopen_func(path, "w"); - while ((line = llist_pop(&plist))) { - if (group_file) - fprintf(group_file, "%s\n", line); - free(line); - } - if (group_file) - fclose(group_file); - } else { - group_file = fopen_func(path, "w"); - if (group_file) - while ((line = llist_pop(&plist))) - fprintf(group_file, "%s\n", line); - } -} +#if ENABLE_FEATURE_ADDGROUP_LONG_OPTIONS +static const char addgroup_longopts[] ALIGN1 = + "gid\0" Required_argument "g" + "system\0" No_argument "S" + ; #endif /* * addgroup will take a login_name as its first parameter. * * gid can be customized via command-line parameters. - * If called with two non-option arguments, addgroup + * If called with two non-option arguments, addgroup * will add an existing user to an existing group. */ -int addgroup_main(int argc, char **argv); -int addgroup_main(int argc, char **argv) +int addgroup_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; +int addgroup_main(int argc UNUSED_PARAM, char **argv) { - char *group; - gid_t gid = 0; - - /* check for min, max and missing args and exit on error */ - opt_complementary = "-1:?2:?"; - if (getopt32(argc, argv, "g:", &group)) { - gid = xatoul_range(group, 0, (gid_t)ULONG_MAX); - } - /* move past the commandline options */ - argv += optind; - argc -= optind; + unsigned opts; + unsigned gid = 0; /* need to be root */ if (geteuid()) { bb_error_msg_and_die(bb_msg_perm_denied_are_you_root); } +#if ENABLE_FEATURE_ADDGROUP_LONG_OPTIONS + applet_long_options = addgroup_longopts; +#endif + /* Syntax: + * addgroup group + * addgroup -g num group + * addgroup user group + * Check for min, max and missing args */ + opt_complementary = "-1:?2:g+"; + opts = getopt32(argv, "g:S", &gid); + /* move past the commandline options */ + argv += optind; + //argc -= optind; #if ENABLE_FEATURE_ADDUSER_TO_GROUP - if (argc == 2) { + if (argv[1]) { struct group *gr; - + + if (opts & OPT_GID) { + /* -g was there, but "addgroup -g num user group" + * is a no-no */ + bb_show_usage(); + } + /* check if group and user exist */ xuname2uid(argv[0]); /* unknown user: exit */ - xgroup2gid(argv[1]); /* unknown group: exit */ + gr = xgetgrnam(argv[1]); /* unknown group: exit */ /* check if user is already in this group */ - gr = getgrnam(argv[1]); for (; *(gr->gr_mem) != NULL; (gr->gr_mem)++) { if (!strcmp(argv[0], *(gr->gr_mem))) { /* user is already in group: do nothing */ return EXIT_SUCCESS; } } - add_user_to_group(argv, bb_path_group_file, xfopen); -#if ENABLE_FEATURE_SHADOWPASSWDS - add_user_to_group(argv, bb_path_gshadow_file, fopen_or_warn); -#endif /* ENABLE_FEATURE_SHADOWPASSWDS */ + if (update_passwd(bb_path_group_file, argv[1], NULL, argv[0]) < 0) { + return EXIT_FAILURE; + } +# if ENABLE_FEATURE_SHADOWPASSWDS + update_passwd(bb_path_gshadow_file, argv[1], NULL, argv[0]); +# endif } else #endif /* ENABLE_FEATURE_ADDUSER_TO_GROUP */ + { + die_if_bad_username(argv[0]); new_group(argv[0], gid); + } /* Reached only on success */ return EXIT_SUCCESS; }