summaryrefslogtreecommitdiff
path: root/sysutils/user_darwin/files/useradd.sh
blob: a2eb533938a4a460c54b0b01f9ea345a814f9bcb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
#!/bin/sh

PATH=/bin:/usr/bin:$PATH

homedir="/var/empty"
shell="/usr/bin/false"

while [ $# -gt 1 ]; do
    case $1 in
	-c) comment="$2" ;; 
	-d) homedir="$2" ;;
	-g) group="$2"   ;;
	-s) shell="$2"   ;;
	-u) uid="$2"     ;;
	*) echo "useradd: Unrecognized option $1" 1>&2; exit 1; ;;
    esac
    shift; shift
done

getnextuid()
{
    # Find an unused UID. Constraints:
    # * must be <500 (typical OS X user accounts are 500 and up)
    # * must be from a reasonably sized range
    # As of El Capitan, Apple use up to UID 252 for system accounts.

    used_uids=`nireport . /users uid 2>/dev/null ||			\
      dscl . -readall /users UniqueID | grep '^UniqueID:' | cut -d' ' -f2`
    low_uid=300; high_uid=499

    # Try to use the GID as the UID.
    maybe_uid=$1
    if [ $maybe_uid -ge $low_uid ] && [ $maybe_uid -le $high_uid ] && \
      ! echo $used_uids | grep -q $maybe_uid; then
        echo $maybe_uid
        return 0
    fi

    # Else, walk the pkgsrc-"allocated" range.
    maybe_uid=$low_uid
    while [ $maybe_uid -le $high_uid ]; do
        if echo $used_uids | grep -q $maybe_uid; then
            maybe_uid=`expr $maybe_uid + 1`
        else
            echo $maybe_uid
            return 0
        fi
    done
    return 1
}

user="$1"
if [ -z "$user" ]; then
    echo "useradd: Must specify username" 1>&2
    exit 1
fi
if nireport . /users/$user uid 2>/dev/null ||				\
   dscl . -read /users/$user uid >/dev/null 2>&1; then
    echo "useradd: User '$user' already exists" 1>&2
    exit 1
fi

if [ -z "$group" ]; then
    echo "useradd: Must specify group name" 1>&2
    exit 1
fi
gid=`niutil -readprop . /groups/$group gid 2>/dev/null ||		\
     dscl . -read /groups/$group gid 2>/dev/null | cut -d' ' -f2`
if [ -z "$gid" -o "$gid" = "Invalid" ]; then
    echo "useradd: No group '$group'" 1>&2
    exit 1
fi

if [ -n "$uid" ]; then
    if nireport . /users/uid=$uid uid 2>/dev/null ||			\
      dscl . -search /users UniqueID $uid 2>/dev/null |		\
      grep UniqueID >/dev/null 2>&1 ; then
	echo "useradd: UID $uid already exists" 1>&2
	exit 1
    fi
else
    if ! uid=`getnextuid $gid`; then
        echo "useradd: no UIDs available in pkgsrc range" 1>&2
        exit 1
    fi
fi

if [ -x /usr/bin/niload ] || which niload | grep -v -q '^no '; then
    echo "${user}:*:${uid}:${gid}::0:0:${comment}:${homedir}:${shell}" | \
    niload passwd .
else
    dscl . -create /users/$user RecordName $user
    dscl . -create /users/$user RecordType dsRecTypeNative:users
    dscl . -create /users/$user UniqueID $uid
    dscl . -create /users/$user PrimaryGroupID $gid
    dscl . -create /users/$user NFSHomeDirectory "$homedir"
    dscl . -create /users/$user UserShell "$shell"
    dscl . -create /users/$user Comment "$comment"
    dscl . -delete /users/$user AuthenticationAuthority
    dscl . -create /users/$user Password '*'
    dscl . -create /users/$user IsHidden 1
fi

if ! nireport . /users/uid=$uid uid 2>/dev/null &&			\
   ! dscl . -search /users UniqueID $uid 2>/dev/null |			\
   grep UniqueID >/dev/null 2>&1 ; then
    echo "useradd: Could not create user" 1>&2
    exit 1
fi

kill -HUP `cat /var/run/lookupd.pid 2>/dev/null` 2>/dev/null || true