/* vi: set sw=4 ts=4: */
/*
- * deluser (remove lusers from the system ;) for TinyLogin
+ * deluser/delgroup implementation for busybox
*
* Copyright (C) 1999 by Lineo, inc. and John Beppu
* Copyright (C) 1999,2000,2001 by John Beppu <beppu@codepoet.org>
- * Unified with delgroup by Tito Ragusa <farmatito@tiscali.it>
+ * Copyright (C) 2007 by Tito Ragusa <farmatito@tiscali.it>
*
- * Licensed under GPL version 2, see file LICENSE in this tarball for details.
+ * Licensed under GPLv2, see file LICENSE in this source tree.
*
*/
+#include "libbb.h"
-#include "busybox.h"
-
-/* where to start and stop deletion */
-typedef struct {
- size_t start;
- size_t stop;
-} Bounds;
-
-/* An interesting side-effect of boundary()'s
- * implementation is that the first user (typically root)
- * cannot be removed. Let's call it a feature. */
-static inline Bounds boundary(const char *buffer, const char *login)
+int deluser_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE;
+int deluser_main(int argc, char **argv)
{
- char needle[256];
- char *start;
- char *stop;
- Bounds b;
-
- snprintf(needle, 256, "\n%s:", login);
- needle[255] = 0;
- start = strstr(buffer, needle);
- if (!start) {
- b.start = 0;
- b.stop = 0;
- return b;
- }
- start++;
+ /* User or group name */
+ char *name;
+ /* Username (non-NULL only in "delgroup USER GROUP" case) */
+ char *member;
+ /* Name of passwd or group file */
+ const char *pfile;
+ /* Name of shadow or gshadow file */
+ const char *sfile;
+ /* Are we deluser or delgroup? */
+ bool do_deluser = (ENABLE_DELUSER && (!ENABLE_DELGROUP || applet_name[3] == 'u'));
- stop = strchr(start, '\n');
- b.start = start - buffer;
- b.stop = stop - buffer;
- return b;
-}
+ if (geteuid() != 0)
+ bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
-/* grep -v ^login (except it only deletes the first match) */
-/* ...in fact, I think I'm going to simplify this later */
-static void del_line_matching(const char *login, const char *filename)
-{
- char *buffer;
- FILE *passwd;
- Bounds b;
- struct stat statbuf;
+ name = argv[1];
+ member = NULL;
+ switch (argc) {
+ case 3:
+ if (!ENABLE_FEATURE_DEL_USER_FROM_GROUP || do_deluser)
+ break;
+ /* It's "delgroup USER GROUP" */
+ member = name;
+ name = argv[2];
+ /* Fallthrough */
- if ((passwd = fopen_or_warn(filename, "r"))) {
- // Remove pointless const.
- xstat((char *)filename, &statbuf);
- buffer = (char *) xmalloc(statbuf.st_size * sizeof(char));
- fread(buffer, statbuf.st_size, sizeof(char), passwd);
- fclose(passwd);
- /* find the user to remove */
- b = boundary(buffer, login);
- if (b.stop != 0) {
- /* write the file w/o the user */
- if ((passwd = fopen_or_warn(filename, "w"))) {
- fwrite(buffer, (b.start - 1), sizeof(char), passwd);
- fwrite(&buffer[b.stop], (statbuf.st_size - b.stop), sizeof(char), passwd);
- fclose(passwd);
- }
+ case 2:
+ if (do_deluser) {
+ /* "deluser USER" */
+ xgetpwnam(name); /* bail out if USER is wrong */
+ pfile = bb_path_passwd_file;
+ if (ENABLE_FEATURE_SHADOWPASSWDS)
+ sfile = bb_path_shadow_file;
} else {
- bb_error_msg("can't find '%s' in '%s'", login, filename);
+ do_delgroup:
+ /* "delgroup GROUP" or "delgroup USER GROUP" */
+ xgetgrnam(name); /* bail out if GROUP is wrong */
+ if (!member) {
+ /* "delgroup GROUP".
+ * If user with the same name exists,
+ * bail out.
+ */
+//BUG: check should be done by GID, not by matching name!
+//1. find GROUP's GID
+//2. check that /etc/passwd doesn't have lines of the form
+// user:pwd:uid:GID:...
+//3. bail out if at least one such line exists
+ if (getpwnam(name) != NULL)
+ bb_error_msg_and_die("'%s' still has '%s' as their primary group!", name, name);
+ }
+ pfile = bb_path_group_file;
+ if (ENABLE_FEATURE_SHADOWPASSWDS)
+ sfile = bb_path_gshadow_file;
}
- free(buffer);
- }
-}
-int deluser_main(int argc, char **argv)
-{
- if (argc != 2) {
- bb_show_usage();
- } else {
- if (ENABLE_DELUSER && applet_name[3] == 'u') {
- del_line_matching(argv[1], bb_path_passwd_file);
- if (ENABLE_FEATURE_SHADOWPASSWDS)
- del_line_matching(argv[1], bb_path_shadow_file);
+ /* Modify pfile, then sfile */
+ do {
+ if (update_passwd(pfile, name, NULL, member) == -1)
+ return EXIT_FAILURE;
+ if (ENABLE_FEATURE_SHADOWPASSWDS) {
+ pfile = sfile;
+ sfile = NULL;
+ }
+ } while (ENABLE_FEATURE_SHADOWPASSWDS && pfile);
+
+ if (ENABLE_DELGROUP && do_deluser) {
+ /* "deluser USER" also should try to delete
+ * same-named group. IOW: do "delgroup USER"
+ */
+//TODO: check how it actually works in upstream.
+//I suspect it is only done if group has no more members.
+ do_deluser = 0;
+ goto do_delgroup;
}
- del_line_matching(argv[1], bb_path_group_file);
- if (ENABLE_FEATURE_SHADOWPASSWDS)
- del_line_matching(argv[1], bb_path_gshadow_file);
+ return EXIT_SUCCESS;
}
- return (EXIT_SUCCESS);
+ /* Reached only if number of command line args is wrong */
+ bb_show_usage();
}
-
-/* $Id: deluser.c,v 1.4 2003/07/14 20:20:45 andersen Exp $ */
projects / platform / upstream / busybox.git / blobdiff