path: root/adduser.local

#!/bin/sh
#
# Copyright © 2001-2006, 2010, Jonas Smedegaard <dr@jones.dk>
# Description: Adduser extensions for Redpill <http://www.redpill.dk>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
# General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
#
# TODO: Allow local overriding of using /etc/mailname
# TODO: Only ask additional questions if real user
# TODO: handle samba passwords in /var/lib/samba/passdb.tdb
# TODO: Invent a way to flag for INTERACTIVE without abusing VERBOSE
#

set -e

NEWUSERNAME=$1
NEWUID=$2
NEWGID=$3
NEWHOMEDIR=$4

fullname()  { getent passwd $NEWUSERNAME | awk -F: '{print $5}' | awk -F, '{print $1}'; }
maildomain()    { if [ -r /etc/mailname ]; then head -n 1 /etc/mailname; fi; }

listlists() { if [ -x /usr/sbin/list_lists ]; then /usr/sbin/list_lists -ab -V "$1"; fi; }
add2list()  { /bin/echo "$1" | /usr/sbin/add_members -w y -a y -r - "$2"; }

. /etc/adduser.conf

# Ignore non-human accounts silently
[ "$NEWUID" -ge "$FIRST_UID" -a "$NEWUID" -le "$LAST_UID" ] || exit 0

[ ! -r /etc/local/users.conf ] || . /etc/local/users.conf

# resolve account profiles
case "$NEWUSERNAME" in
  www-*)
    profile_aux=1
    profile_web=1
    ;;
  *-*)
    profile_aux=1
    ;;
  *)
    ;;
esac

# Samba password
#FIXME: Check if enabled in samba.conf (or included files!)
if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && ([ -x /usr/bin/pdbedit ] || [ -x /usr/bin/smbpasswd ]); then
    echo -n "Add samba access to the account (y/N)? "
    read sambaaccount
    case $sambaaccount in
        y|Y)
        if [ -x /usr/bin/pdbedit ]; then
            /usr/bin/pdbedit -a -u "$NEWUSERNAME"
        elif [ -x /usr/bin/smbpasswd ] && [ -f /etc/samba/smbpasswd ]; then
            /usr/bin/smbpasswd -a $NEWUSERNAME
        fi
        ;;
    esac
fi

# Mail forwarding
if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -x /usr/local/sbin/userforward ]; then
    echo -n "Forward mail to an external account (y/N)? "
    read mailforward
    case $mailforward in
        y|Y)
        echo -n "Enter external email address: "
        read mail_address
        case $mail_address in
            ?*@?*.*)
            /usr/local/sbin/userforward $NEWUSERNAME $mail_address
            ;;
            ?*)
            echo "That wasn't a proper email address - skipping..."
            ;;
        esac
        ;;
    esac
fi

# Mailing lists
maildomain="`maildomain`"
if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -n "$maildomain" ]; then
    echo -n "Subscribe $NEWUSERNAME@$maildomain to mailinglists (y/N)? "
    read subscribe
    case $subscribe in
        y|Y)
        if [ -n "$fullname" ]; then
            subscriber="`fullname` <$NEWUSERNAME@$maildomain>"
        else
            subscriber="$NEWUSERNAME@$maildomain"
        fi
        lists="`listlists "$maildomain"`"
        if [ -z "$lists" ]; then
            echo "No mailinglists found."
        fi
        for list in $lists; do
            echo -n "Subscribe to mailinglist $list (y/N)? "
            read subscribe
            case $subscribe in
                y|Y)
                add2list "$subscriber" "$list";;
            esac
        done
    esac
fi

if [ -z "$profile_aux" ]; then
    if [ -n "$USERS_GROUPNAME" ]; then
        addgroup $NEWUSERNAME $USERS_GROUPNAME
    fi

    if [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -n "$REALUSERS_GROUPNAME" ]; then
        echo "This system has both dummy and real users:"
        echo "    Dummy users have read access to specific files."
        echo "    Real users have read/write access to personal files."
        echo -n "Is this a dummy user (Y/n)? "
        read realuser
        case $realuser in
            y|Y|"")
            ;;
            *)
            addgroup $NEWUSERNAME $REALUSERS_GROUPNAME
            ;;
        esac
    fi
fi

#if [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -n "$REALUSERS_GROUPNAME" ]; then
#   cat <<+
#Is this a remote or local user (with need for physical
#access to devices like CD-ROM, soundcard and modem needed)?
#
#+
if [ -z "$profile_aux" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ]; then
    echo -n "Grant this user access to local utilities (y/N)?"
    read localuser
    case $localuser in
        y|Y)
        for group in floppy dialout cdrom audio video games; do
            addgroup $NEWUSERNAME $group
        done
        ;;
        *)
        ;;
    esac
fi

if [ -z "$profile_aux" ] && [ -z "$profile_web" ] && [ -n "$VERBOSE" ] && [ "$VERBOSE" -gt 0 ] && [ -d /var/www ]; then
    echo -n "Setup web hosting for this user (y/N)?"
    read webuser
    case $webuser in
        y|Y)
        profile_web=1
        ;;
        *)
        ;;
    esac
fi

if [ -n "$profile_web" ] && [ -d /var/www ]; then
    webroot="$NEWHOMEDIR/public_websites"
    cgiroot="$NEWHOMEDIR/public_cgi"
    dataroot="$NEWHOMEDIR/private_webdata"
    webmount="/var/www/vhosts/$NEWUSERNAME"
    cgimount="/var/www/cgi-vhosts/$NEWUSERNAME"

    echo >&2 "Adding private and public subdirs in homedir ..."
    install -d -o "$NEWUID" -g "$NEWGID" "$webroot" "$cgiroot"
    install -d -o "$NEWUID" -g "$NEWGID" -m 0750 "$dataroot"

    [ ! -r /etc/local/webusers.conf ] || . /etc/local/webusers.conf

    if [ -n "$WEBUSERS_BINDMOUNT" ]; then
        echo >&2 "Adding subdirs below /var/www ..."
        install -d "$webmount" "$cgimount"

        echo >&2 "Adding bind mount entries to /etc/fstab ..."
        webroot="$webroot" cgiroot="$cgiroot" webmount="$webmount" cgimount="$cgimount" perl -w -p -0 -i.old \
            -e 'my $webroot = $ENV{"webroot"};' \
            -e 'my $cgiroot = $ENV{"cgiroot"};' \
            -e 'my $webmount = $ENV{"webmount"};' \
            -e 'my $cgimount = $ENV{"cgimount"};' \
            -e 'if (s/\n[# ]*($webroot[ \t]+$webmount[ \t]+[^\n]+)/\n$1/) {' \
                -e '$web_seen++;' \
                -e 'print STDERR "Using existing web entry in fstab\n";' \
            -e '};' \
            -e 'if (s/\n[# ]*($cgiroot[ \t]+$cgimount[ \t]+[^\n]+)/\n$1/) {' \
                -e '$cgi_seen++;' \
                -e 'print STDERR "Using existing cgi entry in fstab\n";' \
            -e '};' \
            -e 's/$/\n$webroot\t$webmount\tauto\tbind\n/ unless $web_seen;' \
            -e 's/\n[# ]*($webroot[ \t]+$webmount[ \t]+[^\n]+)/\n$1\n$cgiroot\t$cgimount\tauto\tbind/ unless $cgi_seen;' \
            /etc/fstab

        echo >&2 "Mount web and cgi subdirs ..."
        mount "$webmount"
        mount "$cgimount"
    fi
fi

if [ -z "$profile_aux" ] && [ -x /usr/local/sbin/user-init ]; then
    /usr/local/sbin/user-init $NEWUSERNAME
fi