Request for feature: adduser --alias
I'm picking up maintenance of sash, and I'd like to make its postinst offer
to create a root alias account "sashroot", and only offer to change the
root shell as a fallback.
The problem is that adduser doesn't support the functionality I need,
and I don't think it's appropriate to be playing around with raw passwd
file locking in a postinst.
What do other people think?
--
Raul
P.S. here's what I'm thinking of for the postinst:
#!/usr/bin/perl
#
# rewritten to favor creation of sashroot over modification of root
$passwd="*";
$home= "/root";
$gid= 0;
$count= 0;
$gcos= '';
$rootshell= '/bin/sh';
sub ask {
my ($prompt)= @_;
$prompt =~/\[(.*?)\]\s*$/;
my @options= split '/', $1;
while (1) {
print $prompt;
my $input= lc substr <>, 0, -1;
for (@options) {
return $input if $input eq lc $_;
return lc $_ if $input eq '' && ! /^[a-z]*$/;
}
my @opts= map {"`\U$_'"} @options;
print "Please answer ".(join ', ', @opts[0..$#opts-1])." or $opts[$#opts].\n";
}
}
while (@ent= getpwent) {
my ($Name, $Passwd, $Uid, $Gid, $Quota, $Comment, $Gcos, $Dir, $Shell)= @ent;
next if $Uid;
if ('/bin/sash' eq $Shell) {
if ($Passwd =~/[*]/) {
if ($Passwd eq '*LK*') { # explicitly ignore these entries
exit if $name eq "sashroot"; # presume this is intentional
next;
}
exec "/bin/passwd $Name"; # clean up after premature exit
}
exit; # presume this is intentional
}
$rootshell= $Shell if $Name eq 'root'; # in case we decide to change it
($name, $passwd, $uid, $gid, $quota, $comment, $gcos, $dir, $shell)= @ent
if $Passwd !~/[*]/; # remember for later
warn "sashroot already exists, but shell is not /bin/sash\n"
if "sashroot" eq $Name;
$count++;
}
print "The best way to use sash is to install it as a superuser login shell.\n";
if (0 == $count) {
print "Currently, there is no root login shell!\n"
} elsif (1 == $count) {
print "Currently, ${name}'s login shell is set to $shell.\n"
} else {
print "Currently, there are $count superuser shells. For example,\n";
print "${name}'s login shell is set to $shell.\n";
}
if ('y' eq ask "Shall I make a sashroot account with sash as its login shell? [Y/n] ") {
print "Creating sashroot account for superuser\n";
exec "adduser --alias --home '$home' --uid 0 --gid '$gid' sashroot";
die "can't add sashroot alias";
}
if ('y' eq ask "Shall I make sash the login shell for root? [y/N] ") {
open ROOTSHELL, ">/var/lib/sash/rootshell" or die "can't register root shell";
print ROOTSHELL "$rootshell\n" or die "can't register root shell";
exec 'chsh -s /bin/sash root';
die "can't change root shell";
}
Reply to: