[PATCH 2/2] New option in adduser for to set the mode of home
Imported the last version of adduser from FreeBSD 9.0-CURRENT. The only
change is the new -M option.
---
usr.sbin/adduser/adduser.8 | 4 ++++
usr.sbin/adduser/adduser.sh | 40 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 44 insertions(+), 0 deletions(-)
diff --git a/usr.sbin/adduser/adduser.8 b/usr.sbin/adduser/adduser.8
index aad06be..fbdfe75 100644
--- a/usr.sbin/adduser/adduser.8
+++ b/usr.sbin/adduser/adduser.8
@@ -38,6 +38,7 @@
.Op Fl CDENShq
.Op Fl G Ar groups
.Op Fl L Ar login_class
+.Op Fl M Ar mode
.Op Fl d Ar partition
.Op Fl f Ar file
.Op Fl g Ar login_group
@@ -240,6 +241,9 @@ Please note that the message
file can reference the internal variables of the
.Nm
script.
+.It Fl M Ar mode
+Create the home directory with permissions set to
+.Ar mode .
.It Fl N
Do not read the default configuration file.
.It Fl q
diff --git a/usr.sbin/adduser/adduser.sh b/usr.sbin/adduser/adduser.sh
index 3a8a9d3..500dbb0 100644
--- a/usr.sbin/adduser/adduser.sh
+++ b/usr.sbin/adduser/adduser.sh
@@ -82,6 +82,7 @@ show_usage() {
echo " -E disable this account after creation"
echo " -G additional groups to add accounts to"
echo " -L login class of the user"
+ echo " -M file permission for home directory"
echo " -N do not read configuration file"
echo " -S a nonexistent shell is not an error"
echo " -d home directory"
@@ -191,6 +192,7 @@ save_config() {
echo "# NOTE: only *some* variables are saved." >> ${ADDUSERCONF}
echo "# Last Modified on `${DATECMD}`." >> ${ADDUSERCONF}
echo '' >> ${ADDUSERCONF}
+ echo "defaultHomePerm=$uhomeperm" >> ${ADDUSERCONF}
echo "defaultLgroup=$ulogingroup" >> ${ADDUSERCONF}
echo "defaultclass=$uclass" >> ${ADDUSERCONF}
echo "defaultgroups=$ugroups" >> ${ADDUSERCONF}
@@ -248,6 +250,12 @@ add_user() {
if [ "$uhome" = "$NOHOME" ]; then
_home='-d "$uhome"'
else
+ # Use home directory permissions if specified
+ if [ -n "$uhomeperm" ]; then
+ _home='-m -d "$uhome" -M "$uhomeperm"'
+ else
+ _home='-m -d "$uhome"'
+ fi
_home='-m -d "$uhome"'
fi
elif [ -n "$Dflag" -a -n "$uhome" ]; then
@@ -450,6 +458,29 @@ get_homedir() {
fi
}
+# get_homeperm
+# Reads the account's home directory permissions
+#
+get_homeperm() {
+ uhomeperm=$defaultHomePerm
+ _input=
+ _prompt=
+
+ if [ -n "$uhomeperm" ]; then
+ _prompt="Home directory permissions [${uhomeperm}]: "
+ else
+ _prompt="Home directory permissions (Leave empty for default): "
+ fi
+ if [ -z "$fflag" ]; then
+ echo -n "$_prompt"
+ read _input
+ fi
+
+ if [ -n "$_input" ]; then
+ uhomeperm="$_input"
+ fi
+}
+
# get_uid
# Reads a numeric userid in an interactive or batch session. Automatically
# allocates one if it is not specified.
@@ -602,6 +633,7 @@ input_from_file() {
get_class
get_shell
get_homedir
+ get_homeperm
get_password
get_expire_dates
ugroups="$defaultgroups"
@@ -671,6 +703,7 @@ input_interactive() {
get_class
get_shell
get_homedir
+ get_homeperm
while : ; do
echo -n "Use password-based authentication? [$_usepass]: "
@@ -781,6 +814,7 @@ input_interactive() {
printf "%-10s : %s\n" "Class" "$uclass"
printf "%-10s : %s %s\n" "Groups" "${ulogingroup:-$username}" "$ugroups"
printf "%-10s : %s\n" "Home" "$uhome"
+ printf "%-10s : %s\n" "Home Mode" "$uhomeperm"
printf "%-10s : %s\n" "Shell" "$ushell"
printf "%-10s : %s\n" "Locked" "$_disable"
while : ; do
@@ -825,6 +859,7 @@ ugecos=
ulogingroup=
uclass=
uhome=
+uhomeperm=
upass=
ushell=
udotdir=/usr/share/skel
@@ -851,6 +886,7 @@ defaultclass=
defaultLgroup=
defaultgroups=
defaultshell="${DEFAULTSHELL}"
+defaultHomePerm=
# Make sure the user running this program is root. This isn't a security
# measure as much as it is a useful method of reminding the user to
@@ -939,6 +975,10 @@ for _switch ; do
esac
shift; shift
;;
+ -M)
+ defaultHomePerm=$2
+ shift; shift
+ ;;
-N)
readconfig=
shift
--
1.7.7