Home | History | Annotate | Download | only in user
History log of /src/usr.sbin/user/user.c
RevisionDateAuthorComments
 1.135  12-Dec-2021  nia Fix copypasto in comment.
 1.134  10-Dec-2021  nia useradd(8): Recognize Argon2 passwords as "valid" when they are given
on the command line.

Reported by Robert Nestor on current-users@.
 1.133  29-Jul-2019  wiz Fix warning in userdel -r.

If the 'rm -rf' works, then the home directory does not exist any more,
and rmdir() on it will return an error (ENOENT). Catch and ignore it.

Avoids:

# useradd -m foo
# userdel -r foo
userdel: Unable to remove all files in `/home/foo': No such file or directory
 1.132  10-Jun-2018  zafer branches: 1.132.2;
Set default homeperm values before writing usermgmt.conf file and honor values in it instead of ignoring it.
Fixes PR bin/40324 by Guy Yur
 1.131  28-Nov-2012  blymn branches: 1.131.22; 1.131.28;
Fix error message when trying to add a group using -g =uid that
that already exists, the old version printed the wrong GID.
 1.130  28-Nov-2012  blymn Google Code In bug fix by Philip Hayes, fixes bin/41049
 1.129  01-Dec-2011  dholland branches: 1.129.6;
Move path names to pathnames.h per conventions
 1.128  01-Dec-2011  dholland Handle return value from system() properly.
PR 45672 from River Tarnell.
 1.127  01-Dec-2011  dholland attribute format printf -> __printflike
 1.126  04-Jan-2011  wiz branches: 1.126.6;
Close masterfd after reading from it. Found by cppcheck.
 1.125  31-Dec-2009  mlelstv Add new keyword gid_range to usermgmt.conf which specifies a default
GID range for groupadd(8).
 1.124  15-Oct-2009  hubertf Fix -p:
* rm_eo is the first character *after* the match, so no need for a +1
* Blowfish hashes are only 53 chars long, not 54
 1.123  20-Mar-2009  mike Fix check for duplicate gid when '-g =uid' is specified to usermod.

Closes PR bin/40391
 1.122  18-Mar-2009  mike Do not allow duplicate group id in groupmod unless -o is specified.

Closes PR bin/40393
 1.121  11-Mar-2009  christos bin/40994: Michael van Elst: usermod -l change password so user is unable to
login. User getpwnam_r to avoid trashing result of previous call to getpwnam().
 1.120  21-Jul-2008  lukem branches: 1.120.4; 1.120.6;
Remove the \n and tabs from the __COPYRIGHT() strings.
Tweak to use a consistent format.
 1.119  27-Feb-2008  reed branches: 1.119.4;
Remove the -v verbose switch from userinfo. It was not used.

Also remove reference to usermgmt.conf from userinfo manpage.

Discussed on tech-userlevel.
 1.118  04-Feb-2008  hubertf branches: 1.118.2;
disclaim copyright
 1.117  02-Nov-2006  pavel branches: 1.117.2; 1.117.8;
Change the default shell to /bin/sh. It has most of the usability
advantages of our ksh (emacs line editing). There were objections against
using ksh, because our (pd)ksh is not the real ksh. See also the
discussion on tech-userlevel.

Motivation for changing the default from csh is better interactive
usability and desire to use a standard shell, which is already used for
all the system shell scripts.

Approved by core.
 1.116  13-Oct-2006  wiz Sort options in usage.
 1.115  07-Oct-2006  elad PR/30351: Hubert Feyrer: useradd(8) doesn't allow setting permissions of
new home [patch]

Adapted to current code and some nits from myself. Thanks for the patch!
 1.114  30-Sep-2006  pavel revert change of default shell, reguested by agc@.
 1.113  30-Sep-2006  pavel Change the default shell to /bin/ksh, which is our best interactive
shell at the moment. Proposed on tech-userlevel and approved by hubertf@.
 1.112  30-Sep-2006  pavel in userinfo, initialize buf (the buffer which will hold group names)
to be a null-terminated string. Otherwise, if the user is not a member
of any secondary groups, buf is completely uninitialized and userinfo
adds garbage to the list of groups printed.
 1.111  27-Jun-2006  christos use realloc instead of free+calloc
 1.110  02-Jun-2006  jnemeth try again with the Coverity annotation
 1.109  27-May-2006  jnemeth Coverity annotation -- although memsave free()s its first argument, it
will allocate memory and assign it to its first argument, so it is neutral
Coverity CID 3229: memory leak -- failed to fclose() master in moduser()
Coverity CID 3228: memory leak -- failed to free() newname in groupmod()
 1.108  22-Mar-2006  joerg Garbage collect cc in moduser, it is only set once, but never read as
noticed by lint.
 1.107  22-Mar-2006  joerg Don't leak FILEs when flock fails. Found by Coverity (CID 1776, 1777 and
1778). Patch by Liam J. Foy, which handles one more case.
 1.106  17-Mar-2006  dmcmahill put the array bounds check _before_ accessing the array.
Coverity CID: 1479
 1.105  17-Mar-2006  dmcmahill put the array bounds check _before_ accessing the array.
Coverity CID: 1480
 1.104  23-Feb-2006  christos By popular demand don't bail out if a user's shell is not in /etc/shells.
Issue a warning instead.
 1.103  26-Jan-2006  jmmv Add a missing space in the usage message.
 1.102  14-Jan-2006  agc Use a CPP definition for "/sbin/nologin" - it's at the top of the
file.

Modify the logic in the previous but one commit - /sbin/nologin should
be considered a valid user shell, since otherwise, with the addition
of the checks for a valid user shell, useradd with a shell of
/sbin/nologin will fail.

Modify some of the code here to conform to the standards in the rest
of this file.
 1.101  13-Jan-2006  elad Add forgotten ')'.
 1.100  13-Jan-2006  christos treat /sbin/nologin specially.
 1.99  06-Jan-2006  christos Add checks for valid shell. From Liam Foy.
 1.98  25-Nov-2005  agc Be pragmatic - move user(8) to a 3-clause BSD licence.
 1.97  07-Nov-2005  christos remove asprintf and strlcpy. We don't support NetBSD1.3 and NetBSD1.4.
GC Todd's copyright, since it is not needed anymore.
 1.96  07-Nov-2005  christos More cleanups from Liam Foy:
- Fix error messages, some are completely incorrect
- Asystem prints the error message so don't bother saving errno
- Don't continue if a lock can't be obtained on /etc/group
- Just pass struct passwd * to removehomedir, not its members
Some copyright maintenance:
- Add Liam Foy.
- Move Todd's copyright higher up.
XXX: We should remove clause 3 and merge the two copyright groups.
 1.95  05-Oct-2005  christos call pw_abort() on failure (from Liam Foy)
 1.94  19-Sep-2005  rpaulo PR 22469: user.c should use "pwd.h" include file for
_PATH_USERMGMT_CONF. By rpixley@vm-netbsd-161.nominum.com.
 1.93  18-Sep-2005  agc Ensure that a consistent coding style is used.
s/1/EXIT_FAILURE/
 1.92  18-Sep-2005  christos From Liam Foy:
- Correct lenght for the username
- First character in the login name cannot be '-' (OpenBSD)
- Remove some #ifdef EXTENSIONS. find_group_info is always needed
- When printing change, if it's -1, place a correct string.
 1.91  12-Sep-2005  christos Warn if the group being removed is still the primary group of an existing
user. From Liam Foy.
 1.90  09-Sep-2005  wiz Sync group* usages with man pages.
 1.89  09-Sep-2005  wiz Sync user* usage with man pages. Bonus grammar fix in comment.
 1.88  12-Aug-2005  he Check the return value from mktime() and pass any error up.

*tp > LONG_MAX is never true, so replace that check with a test
for strtol() setting errno == ERANGE (oddly, some ports' build
swallowed this without warning).

There's no guarantee that a time_t stores the same number of bits
as a long, so check for an overflow there as well, and pass any
error up.

Discussed with christos, martin and mrg.
 1.87  12-Aug-2005  christos patch from Liam Foy to add a -F option to force a user to change her's/his
password at the next login.
 1.86  30-Jul-2005  christos The language lawyers claim that it is invalid to test a freed pointer, so
don't!
 1.85  30-Jul-2005  christos If the class was not specified, don't print a warning.
 1.84  29-Jul-2005  christos Don't make it fatal if the login class doe not exist. From Jukka Salmi.
 1.83  27-Jul-2005  peter Minor tweaks to the usage message:
- better layout for useradd.
- fix a small mistake in -u and wrap long line.
 1.82  27-Jul-2005  christos Patches from Liam Foy:

- Add new -C option to 'usermod'. This allows a quick way to temporary
lock a users account. This is similar to how FreeBSD do it using
'adduser'. This function can be very handy to administrators!
- Import a function to check if the inputted class actually exists. It
contains my modifications to test whether /etc/login.conf exists
in the first place. -OpenBSD

While I am there:

- KNF (long wrapped lines, and spaces after void casts).
- Factor out some common code.
- Fix error messages.
1. Consistently capitalize them.
2. Fix err->errx and warn->warnx inappropriate uses.
3. Use regerror where appropriate.
4. Don't call warn()/err() to report errors after you trashed errno
by calling other syscalls. Save and restore the errno instead,
or in the warn() case, call warn() first.
- Fix size_t - int, uid_t - int confusion.
- Pass lint
 1.81  20-Jul-2005  agc Commit changes from Liam J. Foy:

- system(), rmdir() sets errno, use it
- Use warnx() if strchr failed, not warn()
- Constify some arguments
- Fix cases when errx()/warnx() should be used instead of err()/warn()
due to errno not being set.

Group code:
 1.80  14-Jun-2005  agc Be consistent when deleting a non-existent group - tell if the group is
non-existent.

Problem noted by Geert Hendrickx, fix from Liam J. Foy.
 1.79  05-Apr-2005  agc Do some Common Subexpression Elimination when testing for valid characters
in login and group names.
 1.78  05-Apr-2005  peter Allow '_', '.' and '-' in group names, like in login names.
Fixes problem with groupadd(8) for _pflogd; pointed out by Jukka Salmi.

Approved by christos.
 1.77  05-Feb-2005  jmmv branches: 1.77.2;
Add the -r flag to groupadd; it can be used to specify a gid range in which
new groups should be created. This is similar to useradd's -r flag.

Closes my own PR bin/22791. Patch by URA Hiroshi with some minor changes
by me.

No objections in tech-userlevel@ for multiple days.
 1.76  02-Jul-2004  agc Now that we have SHA1 passwords, modify useradd(8) so that it will accept
an encrypted SHA1 password on the command line.
 1.75  14-Jan-2004  agc branches: 1.75.2; 1.75.4;
Add -S argument to useradd, usermod and userdel, which allows the use of
a trailing '$' character in user names.

Requested in PR 23922 by Takahiro Kambe.

Also, fix a bug in the previous fix to usermod.
 1.74  14-Jan-2004  agc Fixes from Todd Miller in PR 24070.

Revert fgetln/asprintf changes from rev 1.26 - fgetln(3) does not return
a NUL-terminated string, so using strchr(3) is inappropriate. As the entry
from the password file is a known size, there's no need to use fgetln(3),
just use fgets(3) for consistency. This also means that an inappropriate
cast to int from asprintf(3) is unneeded, which was apparently causing
problems on OpenBSD's sparc64 port - just be consistent and use snprintf(3).
 1.73  05-Jan-2004  jmmv Homogenize usage messages: make the 'usage' word all lowercase, as this seems
to be the most common practice in our tree.
 1.72  21-Oct-2003  agc Tidy up the previous isdigit(3) boolean check.
 1.71  21-Oct-2003  fvdl Don't compare an int to NULL.
 1.70  12-Jun-2003  agc Some patches from Todd C. Miller:

1. Use REG_NEWLINE, rather than matching "\n".

2. Fix a bug where rm_user_from_groups would mangle group entries in
/etc/group when the user to be removed is the only member of the group,
by using substring matches.
 1.69  14-Apr-2003  agc The "default" case usually occurs at the end of all other options, so change
it to follow convention.

Add /* NOTREACHED */ comments, per share/misc/style.
 1.68  14-Apr-2003  dsl Report usage() if getopt() returns '?'
Partial fix for bin/21146
 1.67  14-Mar-2003  jrf This addresses PR 20156. isalnum(), isdigit() and isspace() are used with
char as a parameter. On platforms with char signed by default, those are wrong.
Thanks to Christian Biere christianbiere@gmx.de for the patch he supplied.
I tested the patch and agc approved it for commit.
 1.66  03-Feb-2003  agc Add a check for the length of the login name given by the user.

Provided by Ben Collver in PR 20154
 1.65  08-Nov-2002  agc When deleting a user with preservation, use a password of
"*************" rather than a single asterisk - it's just as difficult
to hash to the longer password since the asterisk character itself is
not in its alphabet, and pwd_mkdb now thinks it's a valid DES password.
 1.64  08-Nov-2002  agc Factor out some common code.
 1.63  01-Oct-2002  itojun valid_password_length() is a boolean function, so there's no point in
having "> 0" in if clause.
 1.62  30-Sep-2002  agc Update previous to reflect reality. For blowfish passwords, the salt
can be a variable length field, so check the (fixed length) password
length, rather then the length of the whole password+salt+cipher.

Use a cipher type of "$2a" for blowfish.
 1.61  30-Sep-2002  agc Handle PR 18474 in a more safe and scalable fashion - keep a table of
password types, and their associated lengths, and check in useradd or
usermod whether the given encrypted password has the correct length.

This removes the (duplicated) hardcoded lengths which had crept in
with the last commit, and also checks the length of the given password
against the expected length.
 1.60  30-Sep-2002  itojun support MD5/blowfish password. PR 18474.
 1.59  27-Aug-2002  agc Use syslog(3) to log new users and groups, deletions of users and groups,
and modification of user and group information.

Syslog priority is LOG_INFO, facility is LOG_USER (there is no need to
do this via LOG_AUTH, since the password and group files are world
readable).

Suggested by Hubert Feyrer, after a similar facility in Linux.
 1.58  27-Aug-2002  agc Generalise the function which checks if a user is local to work for groups
as well.

Use the new function when modifying a group's information.
 1.57  07-Aug-2002  wiz Set the default password (if not specified) to a single star instead
of PasswordLength stars.
 1.56  06-Aug-2002  agc Add a function is_local_user(), and use it in moduser(), to check that
the user is not found through NIS.

Completes fix of PR 17849, from Grant Beattie (grant@netbsd.org).

Also, don't cast return type of pw_abort(3) to void, as it already is void.
 1.55  06-Aug-2002  agc Remove the /etc/ptmp file via pw_abort(3) if the pw_mkdb(3) call fails.
Addresses part of PR 17849 from Grant Beattie, grant@netbsd.org.
 1.54  20-Jul-2002  grant sweep of errx/warnx, remove unnecessary trailing \n
 1.53  08-Jul-2002  agc Remove user from supplementary groups when deleting a user and not
preserving information.

Remove BUGS section from userdel(8) accordingly.

Make this utility compile with WARNS=3 - add const-poisoning and
shadow variable name resolution.
 1.52  01-Jun-2002  grant add usermgmt.conf man page.
user -e and -f now accepts "month day year" (ala chpass(1)) and
seconds-since-epoch.
correct man pages accordingly.
 1.51  03-May-2002  agc branches: 1.51.2;
Handle multiple ranges on the command line and in the defaults file,
based on some code from Todd C. Miller, which in turn was based on a
patch from Brian Poole <raj@cerias.purdue.edu>.

Look first in any uid ranges specified on the command line, in the order
they were given on the command line, and then in any ranges specified in
the defaults file.

With thanks to Brian for nudging me a number of times to fix this.
 1.50  03-May-2002  agc Fix for skeleton directory changes to defaults file from Brian Poole
<raj@cerias.purdue.edu>

Previous behaviour as follows:

# useradd -D -k /foo/bar
group users
base_dir /home
skel_dir /foo/bar
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10200..10300
range 10600..10700
# useradd -D
group users
base_dir /home
skel_dir /etc/skel
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10200..10300
range 10600..10700
 1.49  03-May-2002  agc Fix from Brian Poole <raj@cerias.purdue.edu> for improper handling of
UID ranges. Previous behaviour is demonstrated below...

# useradd -D
group users
base_dir /home
skel_dir /etc/skel
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10200..10300
# useradd -D -r 10200..10300 -r 10400..10500
# useradd -D
group users
base_dir /home
skel_dir /etc/skel
shell /bin/csh
class
inactive 0
expire Null (unset)
range 10400..10500

The second command should have put 2 ranges back into the config file,
but it really only put one because the first range on the command line
was marked as a duplicate (but when it got to writing the config file,
it only wrote command line ranges, so the 10200 got skipped). Fix
this by initializing defrc to 0 and then only looking after defrc for
duplicate ranges.
 1.48  03-May-2002  agc Modifications from Brian Poole <raj@cerias.purdue.edu>, via OpenBSD:

+ if the cd built-in fails, don't try to copy the directory hierarchy
with pax - s/;/&&/ in a shell command
+ clean up after ourselves if a rename fails - remove the newly-created
group file.
 1.47  31-Mar-2002  agc Do the previous differently. Run through the possible ranges for uids in
the command line order, then check the default range after that, if none
has yet been found.

Prompted by Brian Poole <raj@cerias.purdue.edu>.
 1.46  05-Feb-2002  agc Search uid ranges properly, using command line ranges if provided, and
using the default range last.

Problem reported by Cillian Sharkey <cns@redbrick.dcu.ie>
 1.45  22-Oct-2001  agc + add backwards compatibility hook for old pw_mkdb() calls with no args

+ remove some unused code in a comment.

+ add F_SHELL flag in userdel

+ use a separate local declaration for a temporary variable, rather
than overloading a variable that's used for something else.
 1.44  24-Sep-2001  wiz va_{start,end} audit:
Make sure that each va_start has one and only one matching va_end,
especially in error cases.
If the va_list is used multiple times, do multiple va_starts/va_ends.
If a function gets va_list as argument, don't let it use va_end (since
it's the callers responsibility).

Improved by comments from enami and christos -- thanks!

Heimdal/krb4/KAME changes already fed back, rest to follow.

Inspired by, but not not based on, OpenBSD.
 1.43  16-Sep-2001  hubertf if creategid() fails, don't try to print system error message (use errx()
instead of err()), as all error cases in creategid() are already commented
properly from inside creategid().

This prevents funny errors like:

miyu# groupadd test2
miyu# groupadd test2
groupadd: group `test2' already exists
groupadd: can't add group: problems with /etc/group file: Inappropriate ioctl for device
 1.42  05-Sep-2001  christos PR/13874: Hubert Feyrer: Add -L class to useradd
 1.41  18-Aug-2001  ad Update for pw_mkdb() change: restrict updates to one user's records and/or
the secure database where appropriate.
 1.40  17-Aug-2001  joda (usermod): ~F_MKDIR is usually much better than !F_MKDIR in bit masks
 1.39  23-Jun-2001  itojun do not make "useradd foo -s bar" to ignore "-s bar" silently. require
exactly one username.
 1.38  19-Feb-2001  cgd convert to use getprogname()
 1.37  13-Feb-2001  lukem groupmod: ensure that the modified group has the trailing newline
 1.36  23-Dec-2000  wiz Improve handling of -l with -m, and update documentation.
Based on an idea by Alistair Crooks in bin/11707.
 1.35  23-Dec-2000  wiz Fix moving a user's home directory with 'useradd -md /new/home/dir user'.
Clarify code (newpwp was referencing the same struct as pwp).
Fixes first part of bin/11707.
 1.34  07-Dec-2000  wiz Don't try to create or move directory if only '-d' is given (man page
says '-m' is needed for that). Problem reported by Johnny C. Lam.
 1.33  04-Nov-2000  simonb Fix behaviour of 'useradd -m': it is now a fatal error if the target home
directory already exists. Previously new skel files from /etc/skel were
copied and permissions/ownerships changed even if the directory already
existed.
 1.32  01-Nov-2000  simonb Remove some debugging cruft in the removal of user home directories
accidently left in from revision 1.25.
 1.31  01-Nov-2000  simonb Run a "chmod -R u+w <newhomedir>" after copying files from skeldir.

Noted by Hubert Feyrer in private mail.
 1.30  01-Nov-2000  simonb Don't let usage messages wrap around on an 80 column terminal.

Problem noted by Hubert Feyrer in private mail.
 1.29  18-Oct-2000  assar cast pw_change (a time_t) into long and printf it as %ld
 1.28  17-Oct-2000  simonb For userinfo - if a password change or expiry time_t is 0, print "NEVER"
instead of some date around Jan 1, 1970.
 1.27  17-Oct-2000  simonb Handle -G for the useradd case (usermod was already correct). Also
show warning if a non-existant group is specified.

Patch from PR bin/11123 by David Edmondson.
 1.26  17-Oct-2000  simonb Use flags to set which parts of a passwd entry are to be changed.

Before removing the home directory of a user check that
+ the user does not have uid 0
+ the user is the owner of the directory.
and remove the files using the effective user-id of the user. Show
a warning if the directory is not removed.

Use asprintf and fgetln for some string work to remove arbitary string
length limitations.

Fixes for PRs bin/11100 and bin/11103.
 1.25  11-Oct-2000  is More format string cleanups by sommerfeld.
 1.24  01-Oct-2000  simonb Save the "preserve" value in the defaults file.
Use _PATH_CSHELL from <paths.h> instead of the string "/bin/csh".
Don't cast NULL to the pointer type being checked.
 1.23  29-Sep-2000  agc Add functionality for adding usernames to secondary groups via the
"usermod -G group user" command.

Fixes PR/11071.
 1.22  26-Sep-2000  agc Correct a pasto in moduser(), the effect of which was to replace the
contents of the GECOS comment field with the default shell name, when
a user's information was modified.
Fixes PR 11072.
 1.21  20-Sep-2000  agc If we're about to add a user whose specified home directory does
not exist, and the "-m" argument has not been specified, then output
a warning.
 1.20  16-May-2000  agc branches: 1.20.4;
Pick up the changes that make sense from OpenBSD

+ Use _PATH_GROUP and _PATH_MASTERPASSWD (from OpenBSD)
+ Use -G group1,group2,group3 for multiple groups in useradd and usermod
(pointed out by Matt Green, and also changed in OpenBSD, but done more
efficiently here)
+ is_number should not be inside #ifdef EXTENSIONS (from OpenBSD)
+ clear up yet another usage message (for user(8) and group(8)) - noticed
in passing, unknown if fixed anywhere else
 1.19  09-May-2000  agc Revert previous change, since maintenance across -current, pkgsrc and the
1.4 branch requires one set of sources.
 1.18  05-May-2000  hubertf Remove code for 1.4 backward compatibility (to be put into the package,
where it really belongs)
 1.17  14-Apr-2000  simonb Don't declare 'extern opt*' getopt variables.
 1.16  31-Mar-2000  soren Consistently move checkeuid() call to after usage() call to allow non-root
to get help. Also remove a few duplicate geteuid() calls.
 1.15  31-Mar-2000  soren Remove a few unnecessary casts.
 1.14  31-Mar-2000  soren Use char NULs.
 1.13  12-Mar-2000  jlam Make "-d homedir" option work -- home directory wasn't being set in this
case.
 1.12  07-Mar-2000  agc When adding a group, check that it doesn't already exist.
Also fix a problem with reading entries when modifying a group.

Both problems found and analysed by Thomas Klausner.
 1.11  02-Feb-2000  agc Add RCS Id and Copyright.
 1.10  31-Dec-1999  agc branches: 1.10.2;
Enhancements from Hubert Feyrer:

+ copy all files and directories in <skeldir> to new user's home
directory, not just if they begin with a '.'
+ use pax to copy files from <skeldir>, as this will allow <skeldir>
to contain directory trees as well as regular files
+ use -h arg to chown(1) in case any symlinks have been created in the
new user's home directory
+ getpwnam(3) does not set errno, so use errx(3) and warnx(3)
+ use nologin(8) in preference to false(1) when deleting users but
preserving information
+ in usage messages, specify [-r lowuid..highuid] rather than a simple
[-r range]
 1.9  24-Dec-1999  agc branches: 1.9.2;
Add new functionality, and fix some bugs and oversights:

+ Moved all internal definitions from usermgmt.h to user.c
+ Added prototypes to usermgmt.h
+ Allow defaults to be set at build time
+ Check the effective uid is 0 if any data is to be modified
+ Check all numeric uids and gids really are numeric
+ Fix a bug (reported by lenb at sasquatch.com) where new ranges were
appended to old ranges, rather than replacing them
+ Add userinfo(8) and groupinfo(8) utilities (if EXTENSIONS is
defined), whereby user and group information can be displayed. Add
manual pages for new utilities. Add front-end calling from user(8)
and group(8) accordingly.
+ Make all functions visible outside the user.c file again. User and
group manipulation may be split out into a separate shared lib in the
future
+ Split off main function into a separate main.c
+ Changed default group to be "users"
+ Changed despatch table for commands to work in a more sane manner
+ Added "default-group" target to Makefile, so that the default group
can be made easily.
 1.8  13-Dec-1999  hubertf Remove code to make this compile on 1.4.1, as requested by Luke and
Frank. We'll need to move this to pkgsrc to get it for 1.4.1.
 1.7  08-Dec-1999  lukem * cleanup the usage messages:
- put `usage' at the start of each message
- put a space between the option and arg in [-x foo]
* fix command parsing for when a two word command is invoked without
args or with an invalid second arg so that a more appropriate error
message is printed.
 1.6  08-Dec-1999  hubertf - Only use strlcpy() on systems that have it, i.e. >=1.4K. This makes
this working again on 1.4 systems.
- Revert last change to argument passing which broke "user del",
"user mod", ...
 1.5  07-Dec-1999  lukem * don't dump core if run without args
* use strlcpy() instead of homegrown strnncpy()
* sort #includes
 1.4  07-Dec-1999  lukem use (c) instead of 8bit copyright symbol...
 1.3  06-Dec-1999  simonb Fix up a few calls to usage().
 1.2  06-Dec-1999  simonb Make this compile with WARNS=1.
 1.1  06-Dec-1999  agc Add SVR4/Solaris-like useradd/usermod/userdel functionality, and
groupadd/groupmod/groupdel functionality, along with two front-end
utilities, user(8) and group(8).

Based on the addnerd package, but most of the interface has been
completely rewritten, and suggestions from simonb and mrg have been
incorporated.
 1.9.2.2  27-Dec-1999  wrstuden Pull up to last week's -current.
 1.9.2.1  24-Dec-1999  wrstuden file user.c was added on branch wrstuden-devbsize on 1999-12-27 18:38:16 +0000
 1.10.2.10  04-Nov-2000  he Pull up revisions 1.31 and 1.33 (requested by simonb):
Error out if instructed to create the home directory but it
already exists. Otherwise, recursively make files in new home
directory (i.e. newly copied skel files) writable by the owner.
 1.10.2.9  04-Nov-2000  he Revert pullup of revision 1.31 (requested by simonb):
It's not necessarily the right thing to make home directory tree
writable.
 1.10.2.8  04-Nov-2000  he Pull up revisions 1.30-1.32 (requested by simonb):
Make usage message fit in 80 columns. Recursively make new
home directory writable by the user after copying skel files.
Remove some debugging code in the removal of user home dirs.
 1.10.2.7  25-Oct-2000  he Pull up revisions 1.12,1.14-1.24,1.26-1.29 (via patch, requested by simonb):
Synchronize to current versions of the user management tool.
Fixes PR#11100, PR#11103, PR#11123 and PR#10985.
 1.10.2.6  19-Oct-2000  he Pull up revision 1.25 (requested by he):
Format string cleanup.
 1.10.2.5  12-Sep-2000  he Pull up revision 1.13 (requested by jlam):
Make the ``-d homedir'' option work. Fixes PR#10401.
 1.10.2.4  05-Jul-2000  he Apply patch (requested by he):
Make the ersatz strlcpy() conform to the official prototype.
 1.10.2.3  04-Feb-2000  he Pull up revision 1.11 (requested by agc):
Add RCS IDs and copyright.
 1.10.2.2  21-Jan-2000  he Pull up revisions 1.1-1.10 (new) (requested by agc):
Add tools to manage users and groups.
 1.10.2.1  31-Dec-1999  he file user.c was added on branch netbsd-1-4 on 2000-01-21 00:01:07 +0000
 1.20.4.9  26-Jun-2002  he Pull up revisions 1.38-1.52 (requested by grant):
Synchronize with recent developments:
o add usermgmt.conf manual page
o accept "month day year" for -e and -f option arguments of ``user''
o support multiple uid ranges
o fix skeleton directory changes
o improve error handling
o fix varargs usage
 1.20.4.8  26-Feb-2001  he Pull up revision 1.37 (requested by lukem):
Make sure that a modified group has a trailing newline.
 1.20.4.7  26-Feb-2001  he Pull up revision 1.36 (requested by wiz):
Improve handling of ``-l'' with ``-m'', and update documentation.
Fixes PR#11707.
 1.20.4.6  25-Jan-2001  jhawk Pull up revision 1.35 (requested by wiz):
Make moving a user's homedirectory with -md work correctly,
and clarify the meaning of -d in the absence of -m. Fixing PR11707
 1.20.4.5  14-Dec-2000  he Pull up revision 1.34 (requested by wiz):
Don't try to create or move directory if only ``-d'' option is
given; documentation claims ``-m'' is also required.
 1.20.4.4  05-Nov-2000  tv Pullup 1.31 and 1.33 [simonb]:
Run a "chmod -R u+w <newhomedir>" after copying files from skeldir.
Problem noted by Hubert Feyrer in private mail.

Fix behaviour of 'useradd -m': it is now a fatal error if the target home
directory already exists. Previously new skel files from /etc/skel were
copied and permissions/ownerships changed even if the directory already
existed.
 1.20.4.3  03-Nov-2000  tv Pullup 1.30 and 1.32 [simonb]:
Don't let usage messages wrap around on an 80 column terminal.
Problem noted by Hubert Feyrer in private mail.
=====
Remove some debugging cruft in the removal of user home directories
accidently left in from revision 1.25.
 1.20.4.2  20-Oct-2000  tv Pullup through 1.29 [simonb]:
Numerous cosmetic fixes and bug fixes, already discussed to be part of 1.5.
 1.20.4.1  17-Oct-2000  tv Pullup usr.sbin string format fixes [is].
See "cvs log" for explicit revision numbers per file, from sommerfeld.
 1.51.2.5  20-Oct-2003  jmc Pullup diffs between revision: 1.51.2.4 and 1.70.

Numerous bug fixes, blowfish password support.
(requested by agc in ticket #1147)
 1.51.2.4  26-Dec-2002  tron Pull up revision 1.53 (requested by he in ticket #1041):
Remove user from supplementary groups when deleting a user and not
preserving information.

Remove BUGS section from userdel(8) accordingly.

Make this utility compile with WARNS=3 - add const-poisoning and
shadow variable name resolution.
 1.51.2.3  26-Dec-2002  tron Pull up revision 1.61-1.62 (requested by he in ticket #1041):
Handle PR 18474 in a more safe and scalable fashion - keep a table of
password types, and their associated lengths, and check in useradd or
usermod whether the given encrypted password has the correct length.
This removes the (duplicated) hardcoded lengths which had crept in
with the last commit, and also checks the length of the given password
against the expected length.
 1.51.2.2  06-Dec-2002  he Pull up revision 1.60 (via patch, requested by itojun in ticket #882):
Support MD5 and blowfish password encryption. Fixes
PR#18474.
 1.51.2.1  04-Jun-2002  lukem Pull up revision 1.52 (requested by grant in ticket #134):
add usermgmt.conf man page.
user -e and -f now accepts "month day year" (ala chpass(1)) and
seconds-since-epoch.
correct man pages accordingly.
 1.75.4.2  15-Oct-2006  bouyer Pull up following revision(s) (requested by pavel in ticket #10718):
usr.sbin/user/user.c: revision 1.112
in userinfo, initialize buf (the buffer which will hold group names)
to be a null-terminated string. Otherwise, if the user is not a member
of any secondary groups, buf is completely uninitialized and userinfo
adds garbage to the list of groups printed.
 1.75.4.1  05-Jul-2005  riz branches: 1.75.4.1.2;
Pull up revision 1.80 (requested by agc in ticket #2024):
Be consistent when deleting a non-existent group - tell if the group is
non-existent.
Problem noted by Geert Hendrickx, fix from Liam J. Foy.
 1.75.4.1.2.1  15-Oct-2006  bouyer Pull up following revision(s) (requested by pavel in ticket #10718):
usr.sbin/user/user.c: revision 1.112
in userinfo, initialize buf (the buffer which will hold group names)
to be a null-terminated string. Otherwise, if the user is not a member
of any secondary groups, buf is completely uninitialized and userinfo
adds garbage to the list of groups printed.
 1.75.2.2  15-Oct-2006  bouyer Pull up following revision(s) (requested by pavel in ticket #10718):
usr.sbin/user/user.c: revision 1.112
in userinfo, initialize buf (the buffer which will hold group names)
to be a null-terminated string. Otherwise, if the user is not a member
of any secondary groups, buf is completely uninitialized and userinfo
adds garbage to the list of groups printed.
 1.75.2.1  05-Jul-2005  riz Pull up revision 1.80 (requested by agc in ticket #2024):
Be consistent when deleting a non-existent group - tell if the group is
non-existent.
Problem noted by Geert Hendrickx, fix from Liam J. Foy.
 1.77.2.4  26-Mar-2009  bouyer Pull up following revision(s) (requested by mlelstv in ticket #1998):
usr.sbin/user/user.c: revision 1.121 via patch
bin/40994: Michael van Elst: usermod -l change password so user is unable to
login. User getpwnam_r to avoid trashing result of previous call to getpwnam().
 1.77.2.3  29-Jun-2005  tron branches: 1.77.2.3.2;
Pull up revision 1.80 (requested by agc in ticket #492):
Be consistent when deleting a non-existent group - tell if the group is
non-existent.
Problem noted by Geert Hendrickx, fix from Liam J. Foy.
 1.77.2.2  13-Apr-2005  tron Pull up revision 1.79 (requested by peter in ticket #136):
Do some Common Subexpression Elimination when testing for valid characters
in login and group names.
 1.77.2.1  13-Apr-2005  tron Pull up revision 1.78 (requested by peter in ticket #136):
Allow '_', '.' and '-' in group names, like in login names.
Fixes problem with groupadd(8) for _pflogd; pointed out by Jukka Salmi.
Approved by christos.
 1.77.2.3.2.1  16-Oct-2006  ghen Pull up following revision(s) (requested by pavel in ticket #1554):
usr.sbin/user/user.c: revision 1.112
in userinfo, initialize buf (the buffer which will hold group names)
to be a null-terminated string. Otherwise, if the user is not a member
of any secondary groups, buf is completely uninitialized and userinfo
adds garbage to the list of groups printed.
 1.117.8.1  23-Mar-2008  matt sync with HEAD
 1.117.2.1  16-Mar-2009  snj Pull up following revision(s) (requested by mlelstv in ticket #1286):
usr.sbin/user/user.c: revision 1.121
bin/40994: Michael van Elst: usermod -l change password so user is unable to
login. User getpwnam_r to avoid trashing result of previous call to getpwnam().
 1.118.2.1  24-Mar-2008  keiichi sync with head.
 1.119.4.1  18-Sep-2008  wrstuden Sync with wrstuden-revivesa-base-2.
 1.120.6.1  13-May-2009  jym Sync with HEAD.

Third (and last) commit. See http://mail-index.netbsd.org/source-changes/2009/05/13/msg221222.html
 1.120.4.2  16-Oct-2009  sborrill Pull up the following revisions(s) (requested by hubertf in ticket #1096):
usr.sbin/user/user.c: revision 1.124

Fix -p flag.
- rm_eo is the first character *after* the match, so no need for a +1.
- Blowfish hashes are only 53 chars long, not 54.
 1.120.4.1  15-Mar-2009  snj branches: 1.120.4.1.4;
Pull up following revision(s) (requested by mlelstv in ticket #562):
usr.sbin/user/user.c: revision 1.121
bin/40994: Michael van Elst: usermod -l change password so user is unable to
login. User getpwnam_r to avoid trashing result of previous call to getpwnam().
 1.120.4.1.4.1  21-Apr-2010  matt sync to netbsd-5
 1.126.6.2  16-Jan-2013  yamt sync with (a bit old) head
 1.126.6.1  17-Apr-2012  yamt sync with head
 1.129.6.1  25-Feb-2013  tls resync with head
 1.131.28.1  25-Jun-2018  pgoyette Sync with HEAD
 1.131.22.1  14-Jun-2018  martin Pull up following revision(s) (requested by zafer in ticket #877):

usr.sbin/user/user.c: revision 1.132

Set default homeperm values before writing usermgmt.conf file and
honor values in it instead of ignoring it.

Fixes PR bin/40324 by Guy Yur
 1.132.2.1  13-Apr-2020  martin Mostly merge changes from HEAD upto 20200411

RSS XML Feed