#!/bin/sh # # Copyright © 2001-2006, 2010, 2013, Jonas Smedegaard # Description: Adduser extensions for Redpill # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 3, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU # General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . # # TODO: Invent a way to flag for INTERACTIVE without abusing VERBOSE # set -e NEWUSERNAME=$1 NEWUID=$2 NEWGID=$3 NEWHOMEDIR=$4 fullname() { getent passwd $NEWUSERNAME | awk -F: '{print $5}' | awk -F, '{print $1}'; } maildomain() { if [ -r /etc/mailname ]; then head -n 1 /etc/mailname; fi; } listlists() { if [ -x /usr/sbin/list_lists ]; then /usr/sbin/list_lists -ab -V "$1"; fi; } add2list() { /bin/echo "$1" | /usr/sbin/add_members -w y -a y -r - "$2"; } . /etc/adduser.conf # Ignore non-human accounts silently [ "$NEWUID" -ge "$FIRST_UID" ] && [ "$NEWUID" -le "$LAST_UID" ] || exit 0 [ ! -r /etc/local/users.conf ] || . /etc/local/users.conf # resolve account profiles case "$NEWUSERNAME" in www-*) profile_aux=1 profile_web=1 ;; *-*) profile_aux=1 ;; *) ;; esac # Samba password #FIXME: Check if enabled in samba.conf (or included files!) if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && ([ -x /usr/bin/pdbedit ] || [ -x /usr/bin/smbpasswd ]); then echo -n "Add samba access to the account (y/N)? " read sambaaccount case $sambaaccount in y|Y) if [ -x /usr/bin/pdbedit ]; then /usr/bin/pdbedit -a -u "$NEWUSERNAME" elif [ -x /usr/bin/smbpasswd ] && [ -f /etc/samba/smbpasswd ]; then /usr/bin/smbpasswd -a $NEWUSERNAME fi ;; esac fi # Mail forwarding if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -x /usr/local/sbin/userforward ]; then echo -n "Forward mail to an external account (y/N)? " read mailforward case $mailforward in y|Y) echo -n "Enter external email address: " read mail_address case $mail_address in ?*@?*.*) /usr/local/sbin/userforward $NEWUSERNAME $mail_address ;; ?*) echo "That wasn't a proper email address - skipping..." ;; esac ;; esac fi # Mailing lists maildomain="$(maildomain)" if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -n "$maildomain" ]; then echo -n "Subscribe $NEWUSERNAME@$maildomain to mailinglists (y/N)? " read subscribe case $subscribe in y|Y) fullname="$(fullname)" if [ -n "$fullname" ]; then subscriber="$fullname <$NEWUSERNAME@$maildomain>" else subscriber="$NEWUSERNAME@$maildomain" fi lists="$(listlists "$maildomain")" if [ -z "$lists" ]; then echo "No mailinglists found." fi for list in $lists; do echo -n "Subscribe to mailinglist $list (y/N)? " read subscribe case $subscribe in y|Y) add2list "$subscriber" "$list";; esac done esac fi if [ -z "$profile_aux" ]; then if [ -n "$USERS_GROUPNAME" ]; then addgroup $NEWUSERNAME $USERS_GROUPNAME fi if [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -n "$REALUSERS_GROUPNAME" ]; then echo "This system has both dummy and real users:" echo " Dummy users have read access to specific files." echo " Real users have read/write access to personal files." echo -n "Is this a dummy user (Y/n)? " read realuser case $realuser in y|Y|"") ;; *) addgroup $NEWUSERNAME $REALUSERS_GROUPNAME ;; esac fi fi #if [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -n "$REALUSERS_GROUPNAME" ]; then # cat <<+ #Is this a remote or local user (with need for physical #access to devices like CD-ROM, soundcard and modem needed)? # #+ if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ]; then echo -n "Grant this user access to local utilities (y/N)?" read localuser case $localuser in y|Y) for group in floppy dialout cdrom audio video games; do addgroup $NEWUSERNAME $group done ;; *) ;; esac fi if [ -z "$profile_aux" ] && [ -z "$profile_web" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -d /var/www ]; then echo -n "Setup web hosting for this user (y/N)?" read webuser case $webuser in y|Y) profile_web=1 ;; *) ;; esac fi if [ -n "$profile_web" ] && [ -d /var/www ]; then webroot="$NEWHOMEDIR/public_websites" cgiroot="$NEWHOMEDIR/public_cgi" dataroot="$NEWHOMEDIR/private_webdata" webmount="/var/www/vhosts/$NEWUSERNAME" cgimount="/var/www/cgi-vhosts/$NEWUSERNAME" echo >&2 "Adding private and public subdirs in homedir ..." install -d -o "$NEWUID" -g "$NEWGID" "$webroot" "$cgiroot" install -d -o "$NEWUID" -g "$NEWGID" -m 0750 "$dataroot" [ ! -r /etc/local/webusers.conf ] || . /etc/local/webusers.conf if [ -n "$WEBUSERS_BINDMOUNT" ]; then echo >&2 "Adding subdirs below /var/www ..." install -d "$webmount" "$cgimount" echo >&2 "Adding bind mount entries to /etc/fstab ..." webroot="$webroot" cgiroot="$cgiroot" webmount="$webmount" cgimount="$cgimount" perl -w -p -0 -i.old \ -e 'my $webroot = $ENV{"webroot"};' \ -e 'my $cgiroot = $ENV{"cgiroot"};' \ -e 'my $webmount = $ENV{"webmount"};' \ -e 'my $cgimount = $ENV{"cgimount"};' \ -e 'if (s/\n[# ]*($webroot[ \t]+$webmount[ \t]+[^\n]+)/\n$1/) {' \ -e '$web_seen++;' \ -e 'print STDERR "Using existing web entry in fstab\n";' \ -e '};' \ -e 'if (s/\n[# ]*($cgiroot[ \t]+$cgimount[ \t]+[^\n]+)/\n$1/) {' \ -e '$cgi_seen++;' \ -e 'print STDERR "Using existing cgi entry in fstab\n";' \ -e '};' \ -e 's/$/\n$webroot\t$webmount\tauto\tbind\n/ unless $web_seen;' \ -e 's/\n[# ]*($webroot[ \t]+$webmount[ \t]+[^\n]+)/\n$1\n$cgiroot\t$cgimount\tauto\tbind/ unless $cgi_seen;' \ /etc/fstab echo >&2 "Mount web and cgi subdirs ..." mount "$webmount" mount "$cgimount" fi fi if [ -z "$profile_aux" ] && [ -x /usr/local/sbin/user-init ]; then /usr/local/sbin/user-init $NEWUSERNAME fi