/*
* main - groupadd command
*/
int main (int argc, char **argv)
{
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
(void) setlocale (LC_ALL, "");
(void) bindtextdomain (PACKAGE, LOCALEDIR);
(void) textdomain (PACKAGE);
process_root_flag ("-R", argc, argv);
prefix = process_prefix_flag ("-P", argc, argv);
OPENLOG ("groupadd");
#ifdef WITH_AUDIT
audit_help_open ();
#endif
if (atexit (do_cleanups) != 0) {
fprintf (stderr,
_("%s: Cannot setup cleanup service.\n"),
Prog);
exit (1);
}
/*
* Parse the command line options.
*/
process_flags (argc, argv);
check_perms ();
#ifdef SHADOWGRP
is_shadow_grp = sgr_file_present ();
#endif
/*
* Do the hard stuff - open the files, create the group entries,
* then close and update the files.
*/
open_files ();
if (!gflg) {
if (find_new_gid (rflg, &group_id, NULL) < 0) {
exit (E_GID_IN_USE);
}
}
grp_update ();
close_files ();
nscd_flush_cache ("group");
return E_SUCCESS;
}
int main (int argc, char **argv)
{
#ifdef USE_PAM
pam_handle_t *pamh = NULL;
struct passwd *pampw;
int retval;
#endif
/*
* Get my name so that I can use it to report errors.
*/
Prog = Basename (argv[0]);
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
textdomain (PACKAGE);
#ifdef USE_PAM
retval = PAM_SUCCESS;
pampw = getpwuid (getuid ());
if (pampw == NULL) {
retval = PAM_USER_UNKNOWN;
}
if (retval == PAM_SUCCESS) {
retval =
pam_start ("shadow", pampw->pw_name, &conv, &pamh);
}
if (retval == PAM_SUCCESS) {
retval = pam_authenticate (pamh, 0);
if (retval != PAM_SUCCESS) {
pam_end (pamh, retval);
}
}
if (retval == PAM_SUCCESS) {
retval = pam_acct_mgmt (pamh, 0);
if (retval != PAM_SUCCESS) {
pam_end (pamh, retval);
}
}
if (retval != PAM_SUCCESS) {
fprintf (stderr, _("%s: PAM authentication failed\n"),
Prog);
exit (1);
}
#endif /* USE_PAM */
OPENLOG (Prog);
#ifdef SHADOWGRP
is_shadow_grp = sgr_file_present ();
#endif
/*
* The open routines for the DBM files don't use read-write as the
* mode, so we have to clue them in.
*/
#ifdef NDBM
gr_dbm_mode = O_RDWR;
#ifdef SHADOWGRP
sg_dbm_mode = O_RDWR;
#endif /* SHADOWGRP */
#endif /* NDBM */
process_flags (argc, argv);
/*
* Start with a quick check to see if the group exists.
*/
if (getgrnam (group_name)) {
if (fflg) {
exit (E_SUCCESS);
}
fprintf (stderr, _("%s: group %s exists\n"), Prog,
group_name);
exit (E_NAME_IN_USE);
}
/*
* Do the hard stuff - open the files, create the group entries,
* then close and update the files.
*/
open_files ();
if (!gflg || !oflg)
find_new_gid ();
grp_update ();
close_files ();
#ifdef USE_PAM
if (retval == PAM_SUCCESS) {
retval = pam_chauthtok (pamh, 0);
if (retval != PAM_SUCCESS) {
pam_end (pamh, retval);
}
}
if (retval != PAM_SUCCESS) {
fprintf (stderr, _("%s: PAM chauthtok failed\n"), Prog);
exit (1);
}
if (retval == PAM_SUCCESS)
pam_end (pamh, PAM_SUCCESS);
#endif /* USE_PAM */
exit (E_SUCCESS);
/*NOTREACHED*/
}
/*
* add_group - create a new group or add a user to an existing group
*/
static int add_group (const char *name, const char *gid, gid_t *ngid, uid_t uid)
{
const struct group *grp;
struct group grent;
char *members[1];
#ifdef SHADOWGRP
const struct sgrp *sg;
#endif
/*
* Start by seeing if the named group already exists. This will be
* very easy to deal with if it does.
*/
grp = getgrnam (gid);
if (NULL == grp) {
grp = gr_locate (gid);
}
if (NULL != grp) {
/* The user will use this ID for her primary group */
*ngid = grp->gr_gid;
/* Don't check gshadow */
return 0;
}
if (isdigit (gid[0])) {
/*
* The GID is a number, which means either this is a brand
* new group, or an existing group.
*/
if (get_gid (gid, &grent.gr_gid) == 0) {
fprintf (stderr,
_("%s: invalid group ID '%s'\n"),
Prog, gid);
return -1;
}
/* Look in both the system database (getgrgid) and in the
* internal database (gr_locate_gid), which may contain
* uncommitted changes */
if ( (getgrgid ((gid_t) grent.gr_gid) != NULL)
|| (gr_locate_gid ((gid_t) grent.gr_gid) != NULL)) {
/* The user will use this ID for her
* primary group */
*ngid = (gid_t) grent.gr_gid;
return 0;
}
/* Do not create groups with GID == (gid_t)-1 */
if (grent.gr_gid == (gid_t)-1) {
fprintf (stderr,
_("%s: invalid group ID '%s'\n"),
Prog, gid);
return -1;
}
} else {
/* The gid parameter can be "" or a name which is not
* already the name of an existing group.
* In both cases, figure out what group ID can be used.
*/
if (find_new_gid(rflg, &grent.gr_gid, &uid) < 0) {
return -1;
}
}
/*
* Now I have all of the fields required to create the new group.
*/
if (('\0' != gid[0]) && (!isdigit (gid[0]))) {
grent.gr_name = xstrdup (gid);
} else {
grent.gr_name = xstrdup (name);
/* FIXME: check if the group exists */
}
/* Check if this is a valid group name */
if (!is_valid_group_name (grent.gr_name)) {
fprintf (stderr,
_("%s: invalid group name '%s'\n"),
Prog, grent.gr_name);
if (grent.gr_name)
free (grent.gr_name);
return -1;
}
grent.gr_passwd = "*"; /* XXX warning: const */
members[0] = NULL;
grent.gr_mem = members;
*ngid = grent.gr_gid;
#ifdef SHADOWGRP
if (is_shadow_grp) {
sg = sgr_locate (grent.gr_name);
if (NULL != sg) {
fprintf (stderr,
_("%s: group '%s' is a shadow group, but does not exist in /etc/group\n"),
Prog, grent.gr_name);
return -1;
}
}
#endif
#ifdef SHADOWGRP
if (is_shadow_grp) {
struct sgrp sgrent;
char *admins[1];
sgrent.sg_name = grent.gr_name;
sgrent.sg_passwd = "*"; /* XXX warning: const */
grent.gr_passwd = "x"; /* XXX warning: const */
admins[0] = NULL;
sgrent.sg_adm = admins;
sgrent.sg_mem = members;
if (sgr_update (&sgrent) == 0) {
return -1;
}
}
#endif
if (gr_update (&grent) == 0) {
return -1;
}
return 0;
}
