[PATCH 2/2] New option in adduser for to set the mode of home

Juan Francisco Cantero Hurtado iam at juanfra.info
Wed Oct 26 06:10:49 PDT 2011


Imported the last version of adduser from FreeBSD 9.0-CURRENT. The only
change is the new -M option.
---
 usr.sbin/adduser/adduser.8  |    4 ++++
 usr.sbin/adduser/adduser.sh |   40 ++++++++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 0 deletions(-)

diff --git a/usr.sbin/adduser/adduser.8 b/usr.sbin/adduser/adduser.8
index aad06be..fbdfe75 100644
--- a/usr.sbin/adduser/adduser.8
+++ b/usr.sbin/adduser/adduser.8
@@ -38,6 +38,7 @@
 .Op Fl CDENShq
 .Op Fl G Ar groups
 .Op Fl L Ar login_class
+.Op Fl M Ar mode
 .Op Fl d Ar partition
 .Op Fl f Ar file
 .Op Fl g Ar login_group
@@ -240,6 +241,9 @@ Please note that the message
 file can reference the internal variables of the
 .Nm
 script.
+.It Fl M Ar mode
+Create the home directory with permissions set to
+.Ar mode .
 .It Fl N
 Do not read the default configuration file.
 .It Fl q
diff --git a/usr.sbin/adduser/adduser.sh b/usr.sbin/adduser/adduser.sh
index 3a8a9d3..500dbb0 100644
--- a/usr.sbin/adduser/adduser.sh
+++ b/usr.sbin/adduser/adduser.sh
@@ -82,6 +82,7 @@ show_usage() {
 	echo "  -E		disable this account after creation"
 	echo "  -G		additional groups to add accounts to"
 	echo "  -L		login class of the user"
+	echo "  -M		file permission for home directory"
 	echo "  -N		do not read configuration file"
 	echo "  -S		a nonexistent shell is not an error"
 	echo "  -d		home directory"
@@ -191,6 +192,7 @@ save_config() {
 	echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
 	echo "# Last Modified on `${DATECMD}`."		>> ${ADDUSERCONF}
 	echo ''				>> ${ADDUSERCONF}
+	echo "defaultHomePerm=$uhomeperm" >> ${ADDUSERCONF}
 	echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
 	echo "defaultclass=$uclass"	>> ${ADDUSERCONF}
 	echo "defaultgroups=$ugroups"	>> ${ADDUSERCONF}
@@ -248,6 +250,12 @@ add_user() {
 		if [ "$uhome" = "$NOHOME" ]; then
 			_home='-d "$uhome"'
 		else
+			# Use home directory permissions if specified
+			if [ -n "$uhomeperm" ]; then
+				_home='-m -d "$uhome" -M "$uhomeperm"'
+			else
+				_home='-m -d "$uhome"'
+			fi
 			_home='-m -d "$uhome"'
 		fi
 	elif [ -n "$Dflag" -a -n "$uhome" ]; then
@@ -450,6 +458,29 @@ get_homedir() {
 	fi
 }
 
+# get_homeperm
+#      Reads the account's home directory permissions
+#
+get_homeperm() {
+	uhomeperm=$defaultHomePerm
+	_input=
+	_prompt=
+
+	if [ -n "$uhomeperm" ]; then
+		_prompt="Home directory permissions [${uhomeperm}]: "
+	else
+		_prompt="Home directory permissions (Leave empty for default): "
+	fi
+	if [ -z "$fflag" ]; then
+		echo -n "$_prompt"
+		read _input
+	fi
+
+	if [ -n "$_input" ]; then
+		uhomeperm="$_input"
+	fi
+}
+
 # get_uid
 #	Reads a numeric userid in an interactive or batch session. Automatically
 #	allocates one if it is not specified.
@@ -602,6 +633,7 @@ input_from_file() {
 			get_class
 			get_shell
 			get_homedir
+			get_homeperm
 			get_password
 			get_expire_dates
 			ugroups="$defaultgroups"
@@ -671,6 +703,7 @@ input_interactive() {
 	get_class
 	get_shell
 	get_homedir
+	get_homeperm
 
 	while : ; do
 		echo -n "Use password-based authentication? [$_usepass]: "
@@ -781,6 +814,7 @@ input_interactive() {
 	printf "%-10s : %s\n" "Class" "$uclass"
 	printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
 	printf "%-10s : %s\n" "Home" "$uhome"
+	printf "%-10s : %s\n" "Home Mode" "$uhomeperm"
 	printf "%-10s : %s\n" "Shell" "$ushell"
 	printf "%-10s : %s\n" "Locked" "$_disable"
 	while : ; do
@@ -825,6 +859,7 @@ ugecos=
 ulogingroup=
 uclass=
 uhome=
+uhomeperm=
 upass=
 ushell=
 udotdir=/usr/share/skel
@@ -851,6 +886,7 @@ defaultclass=
 defaultLgroup=
 defaultgroups=
 defaultshell="${DEFAULTSHELL}"
+defaultHomePerm=
 
 # Make sure the user running this program is root. This isn't a security
 # measure as much as it is a useful method of reminding the user to
@@ -939,6 +975,10 @@ for _switch ; do
 		esac
 		shift; shift
 		;;
+	-M)
+		defaultHomePerm=$2
+		shift; shift
+		;;
 	-N)
 		readconfig=
 		shift
-- 
1.7.7






More information about the Submit mailing list