summaryrefslogtreecommitdiff
path: root/mk/pkginstall/usergroup-check
blob: 8561cabcf97126e6d63d2ace120b2037e01f44e0 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/bin/sh
#
# $NetBSD: usergroup-check,v 1.1 2006/05/21 23:50:15 jlam Exp $
#
# Copyright (c) 2006 The NetBSD Foundation, Inc.
# All rights reserved.
#
# This code is derived from software contributed to The NetBSD Foundation
# by Johnny C. Lam.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
#    must display the following acknowledgement:
#        This product includes software developed by the NetBSD
#        Foundation, Inc. and its contributors.
# 4. Neither the name of The NetBSD Foundation nor the names of its
#    contributors may be used to endorse or promote products derived
#    from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#

######################################################################
#
# NAME
#	usergroup-check -- verify that users/groups match numeric IDs 
#
# SYNOPSIS
#	usergroup-check -g [group_entry ...]
#	usergroup-check -u [user_entry ...]
#
# DESCRIPTION
#       usergroup-check checks for the existence of users and groups
#	and verifies that they match the requested numeric IDs if
#	given.  The group_entry format matches that of /etc/group and
#	the user_entry format matches that of /etc/passwd, though the
#	field contents may be empty.
#
#	usergroup-check exits 0 if the users and groups exist and match
#	the numeric IDs, and >0 otherwise.
#
# OPTIONS
#	The following command line arguments are supported.
#
#	-g      Indicates that the subsequent arguments are group entries.
#
#	-u      Indicates that the subsequent arguments are user entries.
#
######################################################################

: ${PERL5=perl}

self="${0##*/}"

usage() {
	echo 1>&2 "usage: $self -g [group_entry ...]"
	echo 1>&2 "       $self -u [user_entry ...]"
}

if test $# -lt 1; then
	usage; exit 1
fi

check=
case "$1" in
-g)	check=groups ;;
-u)	check=users ;;
*)	usage; exit 1 ;;
esac
shift

missing_groups=
missing_users=

case $check in
groups)
	while test $# -gt 0; do
		entry="$1"; shift
		( SAVEIFS="$IFS"; IFS=":"
		  set -- $entry; group="$1"; groupid="$2"
		  IFS="$SAVEIFS"
		  gid=`${PERL5} -le 'print scalar getgrnam shift' $group`
		  test -n "$gid" || exit 1
		  case "$groupid" in
		  ""|$gid)     exit 0 ;;
		  *)            exit 1 ;;
		  esac ) || missing_groups="$missing_groups $i"
	done
	;;

users)
	missing_users=
	while test $# -gt 0; do
		entry="$1"; shift
		( SAVEIFS="$IFS"; IFS=":"
		  set -- $entry; user="$1"; userid="$3"
		  IFS="$SAVEIFS"
		  gid=`${PERL5} -le 'print scalar getpwnam shift' $user`
		  test -n "$gid" || exit 1
		  case "$userid" in
		  ""|$gid)     exit 0 ;;
		  *)            exit 1 ;;
		  esac ) || missing_users="$missing_users $i"
	done
	;;
esac

test -z "$missing_groups" -a -z "$missing_users" || exit 1
exit 0