/* * main - groupadd command */ int main (int argc, char **argv) { /* * Get my name so that I can use it to report errors. */ Prog = Basename (argv[0]); (void) setlocale (LC_ALL, ""); (void) bindtextdomain (PACKAGE, LOCALEDIR); (void) textdomain (PACKAGE); process_root_flag ("-R", argc, argv); prefix = process_prefix_flag ("-P", argc, argv); OPENLOG ("groupadd"); #ifdef WITH_AUDIT audit_help_open (); #endif if (atexit (do_cleanups) != 0) { fprintf (stderr, _("%s: Cannot setup cleanup service.\n"), Prog); exit (1); } /* * Parse the command line options. */ process_flags (argc, argv); check_perms (); #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif /* * Do the hard stuff - open the files, create the group entries, * then close and update the files. */ open_files (); if (!gflg) { if (find_new_gid (rflg, &group_id, NULL) < 0) { exit (E_GID_IN_USE); } } grp_update (); close_files (); nscd_flush_cache ("group"); return E_SUCCESS; }
int main (int argc, char **argv) { #ifdef USE_PAM pam_handle_t *pamh = NULL; struct passwd *pampw; int retval; #endif /* * Get my name so that I can use it to report errors. */ Prog = Basename (argv[0]); setlocale (LC_ALL, ""); bindtextdomain (PACKAGE, LOCALEDIR); textdomain (PACKAGE); #ifdef USE_PAM retval = PAM_SUCCESS; pampw = getpwuid (getuid ()); if (pampw == NULL) { retval = PAM_USER_UNKNOWN; } if (retval == PAM_SUCCESS) { retval = pam_start ("shadow", pampw->pw_name, &conv, &pamh); } if (retval == PAM_SUCCESS) { retval = pam_authenticate (pamh, 0); if (retval != PAM_SUCCESS) { pam_end (pamh, retval); } } if (retval == PAM_SUCCESS) { retval = pam_acct_mgmt (pamh, 0); if (retval != PAM_SUCCESS) { pam_end (pamh, retval); } } if (retval != PAM_SUCCESS) { fprintf (stderr, _("%s: PAM authentication failed\n"), Prog); exit (1); } #endif /* USE_PAM */ OPENLOG (Prog); #ifdef SHADOWGRP is_shadow_grp = sgr_file_present (); #endif /* * The open routines for the DBM files don't use read-write as the * mode, so we have to clue them in. */ #ifdef NDBM gr_dbm_mode = O_RDWR; #ifdef SHADOWGRP sg_dbm_mode = O_RDWR; #endif /* SHADOWGRP */ #endif /* NDBM */ process_flags (argc, argv); /* * Start with a quick check to see if the group exists. */ if (getgrnam (group_name)) { if (fflg) { exit (E_SUCCESS); } fprintf (stderr, _("%s: group %s exists\n"), Prog, group_name); exit (E_NAME_IN_USE); } /* * Do the hard stuff - open the files, create the group entries, * then close and update the files. */ open_files (); if (!gflg || !oflg) find_new_gid (); grp_update (); close_files (); #ifdef USE_PAM if (retval == PAM_SUCCESS) { retval = pam_chauthtok (pamh, 0); if (retval != PAM_SUCCESS) { pam_end (pamh, retval); } } if (retval != PAM_SUCCESS) { fprintf (stderr, _("%s: PAM chauthtok failed\n"), Prog); exit (1); } if (retval == PAM_SUCCESS) pam_end (pamh, PAM_SUCCESS); #endif /* USE_PAM */ exit (E_SUCCESS); /*NOTREACHED*/ }
/* * add_group - create a new group or add a user to an existing group */ static int add_group (const char *name, const char *gid, gid_t *ngid, uid_t uid) { const struct group *grp; struct group grent; char *members[1]; #ifdef SHADOWGRP const struct sgrp *sg; #endif /* * Start by seeing if the named group already exists. This will be * very easy to deal with if it does. */ grp = getgrnam (gid); if (NULL == grp) { grp = gr_locate (gid); } if (NULL != grp) { /* The user will use this ID for her primary group */ *ngid = grp->gr_gid; /* Don't check gshadow */ return 0; } if (isdigit (gid[0])) { /* * The GID is a number, which means either this is a brand * new group, or an existing group. */ if (get_gid (gid, &grent.gr_gid) == 0) { fprintf (stderr, _("%s: invalid group ID '%s'\n"), Prog, gid); return -1; } /* Look in both the system database (getgrgid) and in the * internal database (gr_locate_gid), which may contain * uncommitted changes */ if ( (getgrgid ((gid_t) grent.gr_gid) != NULL) || (gr_locate_gid ((gid_t) grent.gr_gid) != NULL)) { /* The user will use this ID for her * primary group */ *ngid = (gid_t) grent.gr_gid; return 0; } /* Do not create groups with GID == (gid_t)-1 */ if (grent.gr_gid == (gid_t)-1) { fprintf (stderr, _("%s: invalid group ID '%s'\n"), Prog, gid); return -1; } } else { /* The gid parameter can be "" or a name which is not * already the name of an existing group. * In both cases, figure out what group ID can be used. */ if (find_new_gid(rflg, &grent.gr_gid, &uid) < 0) { return -1; } } /* * Now I have all of the fields required to create the new group. */ if (('\0' != gid[0]) && (!isdigit (gid[0]))) { grent.gr_name = xstrdup (gid); } else { grent.gr_name = xstrdup (name); /* FIXME: check if the group exists */ } /* Check if this is a valid group name */ if (!is_valid_group_name (grent.gr_name)) { fprintf (stderr, _("%s: invalid group name '%s'\n"), Prog, grent.gr_name); if (grent.gr_name) free (grent.gr_name); return -1; } grent.gr_passwd = "*"; /* XXX warning: const */ members[0] = NULL; grent.gr_mem = members; *ngid = grent.gr_gid; #ifdef SHADOWGRP if (is_shadow_grp) { sg = sgr_locate (grent.gr_name); if (NULL != sg) { fprintf (stderr, _("%s: group '%s' is a shadow group, but does not exist in /etc/group\n"), Prog, grent.gr_name); return -1; } } #endif #ifdef SHADOWGRP if (is_shadow_grp) { struct sgrp sgrent; char *admins[1]; sgrent.sg_name = grent.gr_name; sgrent.sg_passwd = "*"; /* XXX warning: const */ grent.gr_passwd = "x"; /* XXX warning: const */ admins[0] = NULL; sgrent.sg_adm = admins; sgrent.sg_mem = members; if (sgr_update (&sgrent) == 0) { return -1; } } #endif if (gr_update (&grent) == 0) { return -1; } return 0; }