diff -urN shadow-4.0.6.orig/lib/getdef.c shadow-4.0.6/lib/getdef.c --- shadow-4.0.6.orig/lib/getdef.c 2004-11-18 15:47:10.965296168 +0100 +++ shadow-4.0.6/lib/getdef.c 2004-11-18 21:45:00.695401080 +0100 @@ -112,6 +112,10 @@ { "SYSLOG_SG_ENAB", NULL }, { "SYSLOG_SU_ENAB", NULL }, #endif + { "SYS_GID_MAX", NULL }, + { "SYS_GID_MIN", NULL }, + { "SYS_UID_MAX", NULL }, + { "SYS_UID_MIN", NULL }, { "TTYGROUP", NULL }, { "TTYPERM", NULL }, { "TTYTYPE_FILE", NULL }, diff -urN shadow-4.0.6.orig/man/groupadd.8 shadow-4.0.6/man/groupadd.8 --- shadow-4.0.6.orig/man/groupadd.8 2004-11-18 15:47:10.923302552 +0100 +++ shadow-4.0.6/man/groupadd.8 2004-11-18 21:45:00.695401080 +0100 @@ -30,7 +30,7 @@ groupadd \- Create a new group .SH SYNOPSIS .TP 6 -\fBgroupadd\fR [\fB-g\fI gid \fR[\fB-o\fR]] [\fB-f\fR] \fIgroup\fR +\fBgroupadd\fR [\fB-g\fI gid \fR[\fB-o\fR]] [\fB-f\fR] [\fB-r\fR] \fIgroup\fR .SH DESCRIPTION The \fBgroupadd\fR command creates a new group account using the values specified on the command line and the default values from the system. The @@ -41,6 +41,9 @@ This option causes to just exit with success status if the specified group already exists. With \fB-g\fR, if specified gid already exists, other (unique) gid is chosen (i.e. \fB-g\fR is turned off). +.IP "\fB-r\fR" +This flag is used to create a system group, with gid lower than usual +(chosen between SYS_GID_MIN and SYS_GID_MAX). .IP "\fB-g\fR \fIgid\fR" The numerical value of the group's ID. This value must be unique, unless the \fB-o\fR option is used. The value must be non-negative. The default is to diff -urN shadow-4.0.6.orig/man/pl/groupadd.8 shadow-4.0.6/man/pl/groupadd.8 --- shadow-4.0.6.orig/man/pl/groupadd.8 2004-11-18 15:47:10.946299056 +0100 +++ shadow-4.0.6/man/pl/groupadd.8 2004-11-18 21:45:00.696400928 +0100 @@ -30,7 +30,7 @@ .SH NAZWA groupadd - twrz now grup .SH SKADNIA -\fBgroupadd\fR [\fB-g\fR \fIgid\fR [\fB-o\fR]] [\fB-f\fR] \fIgrupa\fR +\fBgroupadd\fR [\fB-g\fR \fIgid\fR [\fB-o\fR]] [\fB-f\fR] [\fB-r\fR] \fIgrupa\fR .SH OPIS Polecenie \fBgroupadd\fR tworzy nowe konto grupy posugujc si wartociami podanymi w wierszu polece i domylnymi wartociami z systemu. @@ -43,6 +43,10 @@ podana groupa ju istnieje. Z opcj \fB-g\fR, jeli podany gid ju istnieje, wybierany jest inny (unikalny) gid (czyli \fB-g\fR jest wyczane). .TP +.BI -r +Ta opcja suy do zakadania grup systemowych, z identyfikatorami niszymi +ni zwykle (wybieranymi z przedziau od SYS_GID_MIN do SYS_GID_MAX). +.TP .BI -g " gid" Numeryczna warto identyfikatora grupy. Warto ta musi by niepowtarzalna, chyba e uyto opcji \fB-o\fR. Warto ID grupy nie moe by ujemna. Domylnie diff -urN shadow-4.0.6.orig/man/pl/useradd.8 shadow-4.0.6/man/pl/useradd.8 --- shadow-4.0.6.orig/man/pl/useradd.8 2004-11-18 15:47:10.949298600 +0100 +++ shadow-4.0.6/man/pl/useradd.8 2004-11-18 21:45:00.697400776 +0100 @@ -112,12 +112,9 @@ .IP "\fB-p \fIpasswd\fR" Zakodowane haso w postaci zwracanej przez \fBcrypt\fR(3). Domylnym dziaaniem jest blokowanie konta. -.\" .IP \fB-r\fR -.\" Tworzenie konta systemowego. Ta opcja pozwala na utworzenie konta o UID -.\" niszym ni UID_MIN zdefiniowane w fI/etc/login.defs\fR. O ile nie poda si -.\" dodatkowo opcji \fB-m\fR nie jest tworzony katalog domowy dla tak tworzonego -.\" uytkownika niezalenie od tego czy tworzenie katalogu jest ustawione czy -.\" nie w \fI/etc/login.defs\fR. +.IP \fB-r\fR +Tworzenie konta systemowego, z identyfikatorem niszym ni zwykle +(wybieranym z przedziau od SYS_UID_MIN do SYS_UID_MAX). .IP "\fB-s \fIpowoka\fR" Nazwa powoki (shell) uytkownika. Ustawienie tego pola na puste powoduje, e system wybierze domyln powok logowania. diff -urN shadow-4.0.6.orig/man/useradd.8 shadow-4.0.6/man/useradd.8 --- shadow-4.0.6.orig/man/useradd.8 2004-11-18 15:47:10.926302096 +0100 +++ shadow-4.0.6/man/useradd.8 2004-11-18 21:45:00.697400776 +0100 @@ -38,7 +38,7 @@ .br [[\fB-M\fR] \fB-m\fR [\fB-k\fR \fIskeleton_dir\fR]] [\fB-o\fR] [\fB-p\fR \fIpasswd\fR] .br -[\fB-s\fR \fIshell\fR] [\fB-u\fR \fIuid\fR] \fIlogin\fR +[\fB-r\fR] [\fB-s\fR \fIshell\fR] [\fB-u\fR \fIuid\fR] \fIlogin\fR .TP 8 \fBuseradd\fR \fB-D\fR [\fB-g\fI default_group\fR] [\fB-b\fI default_home\fR] .br @@ -98,6 +98,9 @@ .IP "\fB-p \fIpasswd\fR" The encrypted password, as returned by \fBcrypt\fR(3). The default is to disable the account. +.IP "\fB-r\fR" +This flag is used to create a system account, with uid lower than +usual (chosen between SYS_UID_MIN and SYS_UID_MAX). .IP "\fB-s\fR \fIshell\fR" The name of the user's login shell. The default is to leave this field blank, which causes the system to select the default login shell. diff -urN shadow-4.0.6.orig/po/cs.po shadow-4.0.6/po/cs.po --- shadow-4.0.6.orig/po/cs.po 2004-11-18 15:47:10.872310304 +0100 +++ shadow-4.0.6/po/cs.po 2004-11-18 21:45:00.699400472 +0100 @@ -793,8 +793,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Použití: groupadd [-g gid [-o]] [-f] skupina\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Použití: groupadd [-g gid [-o]] [-f] [-r] skupina\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1804,8 +1804,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p heslo] jméno\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p heslo] [-r] jméno\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/de.po shadow-4.0.6/po/de.po --- shadow-4.0.6.orig/po/de.po 2004-11-18 15:47:10.873310152 +0100 +++ shadow-4.0.6/po/de.po 2004-11-18 21:45:00.700400320 +0100 @@ -792,8 +792,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Syntax: groupadd [-g gid [-o]] [-f] Gruppe\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Syntax: groupadd [-g gid [-o]] [-f] [-r] Gruppe\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1802,8 +1802,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p Kennwort] Name\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p Kennwort] [-r] Name\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/el.po shadow-4.0.6/po/el.po --- shadow-4.0.6.orig/po/el.po 2004-11-18 15:47:10.874310000 +0100 +++ shadow-4.0.6/po/el.po 2004-11-18 21:45:00.702400016 +0100 @@ -800,8 +800,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Χρήση: groupadd [-g gid [-o]] [-f] ομάδα\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Χρήση: groupadd [-g gid [-o]] [-f] [-r] ομάδα\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1823,8 +1823,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p συνθηματικό] όνομα\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p συνθηματικό] [-r] όνομα\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/fr.po shadow-4.0.6/po/fr.po --- shadow-4.0.6.orig/po/fr.po 2004-11-18 15:47:10.877309544 +0100 +++ shadow-4.0.6/po/fr.po 2004-11-18 21:45:00.703399864 +0100 @@ -795,8 +795,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Usage: groupadd [-g gid [-o]] [-f] groupe\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Usage: groupadd [-g gid [-o]] [-f] [-r] groupe\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1804,8 +1804,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p mot-de-passe] nom\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p mot-de-passe] [-r] nom\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/ja.po shadow-4.0.6/po/ja.po --- shadow-4.0.6.orig/po/ja.po 2004-11-18 15:47:10.879309240 +0100 +++ shadow-4.0.6/po/ja.po 2004-11-18 21:45:00.704399712 +0100 @@ -794,8 +794,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "使用法: groupadd [-g グループID [-o]] [-f] グループ\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "使用法: groupadd [-g グループID [-o]] [-f] [-r] グループ\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1793,8 +1793,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p パスワード] ユーザ名\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p パスワード] [-r] ユーザ名\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/ko.po shadow-4.0.6/po/ko.po --- shadow-4.0.6.orig/po/ko.po 2004-11-18 15:47:10.880309088 +0100 +++ shadow-4.0.6/po/ko.po 2004-11-18 21:45:00.706399408 +0100 @@ -792,8 +792,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "사용법: groupadd [-g GID [-o]] [-f] 그룹명\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "사용법: groupadd [-g GID [-o]] [-f] [-r] 그룹명\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1800,8 +1800,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p 열쇠글] 이름\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p 열쇠글] [-r] 이름\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/pl.po shadow-4.0.6/po/pl.po --- shadow-4.0.6.orig/po/pl.po 2004-11-18 15:47:10.882308784 +0100 +++ shadow-4.0.6/po/pl.po 2004-11-18 21:45:00.707399256 +0100 @@ -795,8 +795,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Użycie: groupadd [-g gid [-o]] [-f] grupa\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Użycie: groupadd [-g gid [-o]] [-f] [-r] grupa\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1805,8 +1805,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p hasło] nazwa\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p hasło] [-r] nazwa\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/ru.po shadow-4.0.6/po/ru.po --- shadow-4.0.6.orig/po/ru.po 2004-11-18 15:47:10.883308632 +0100 +++ shadow-4.0.6/po/ru.po 2004-11-18 21:45:00.708399104 +0100 @@ -786,8 +786,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Запуск: groupadd [-g gid [-o]] [-f] группа\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Запуск: groupadd [-g gid [-o]] [-f] [-r] группа\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1792,8 +1792,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p пароль] имя\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p пароль] [-r] имя\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/sv.po shadow-4.0.6/po/sv.po --- shadow-4.0.6.orig/po/sv.po 2004-11-18 15:47:10.884308480 +0100 +++ shadow-4.0.6/po/sv.po 2004-11-18 21:45:00.710398800 +0100 @@ -790,8 +790,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Användning: groupadd [-g gid [-o]] [-f] grupp\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Användning: groupadd [-g gid [-o]] [-f] [-r] grupp\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1795,8 +1795,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p passwd] namn\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p passwd] [-r] namn\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/po/uk.po shadow-4.0.6/po/uk.po --- shadow-4.0.6.orig/po/uk.po 2004-11-18 15:47:10.886308176 +0100 +++ shadow-4.0.6/po/uk.po 2004-11-18 21:45:00.711398648 +0100 @@ -795,8 +795,8 @@ #: src/groupadd.c:102 #, c-format -msgid "Usage: groupadd [-g gid [-o]] [-f] group\n" -msgstr "Використовуйте: groupadd [-g gid [-o]] [-f] група\n" +msgid "Usage: groupadd [-g gid [-o]] [-f] [-r] group\n" +msgstr "Використовуйте: groupadd [-g gid [-o]] [-f] [-r] група\n" #: src/groupadd.c:168 src/groupadd.c:193 src/groupmod.c:180 src/groupmod.c:229 #: src/useradd.c:937 src/usermod.c:533 src/usermod.c:676 @@ -1805,8 +1805,8 @@ #: src/useradd.c:728 #, c-format -msgid " [-p passwd] name\n" -msgstr " [-p пароль] ім'я\n" +msgid " [-p passwd] [-r] name\n" +msgstr " [-p пароль] [-r] ім'я\n" #: src/useradd.c:730 #, c-format diff -urN shadow-4.0.6.orig/src/groupadd.c shadow-4.0.6/src/groupadd.c --- shadow-4.0.6.orig/src/groupadd.c 2004-11-18 15:47:10.972295104 +0100 +++ shadow-4.0.6/src/groupadd.c 2004-11-18 21:45:59.462467128 +0100 @@ -72,6 +72,7 @@ static int oflg = 0; /* permit non-unique group ID to be specified with -g */ static int gflg = 0; /* ID value for the new group */ static int fflg = 0; /* if group already exists, do nothing and exit(0) */ +static int rflg = 0; /* add system group (with lower gid) */ #ifdef NDBM extern int gr_dbm_mode; @@ -99,7 +100,7 @@ static void usage (void) { - fprintf (stderr, _("Usage: groupadd [-g gid [-o]] [-f] group\n")); + fprintf (stderr, _("Usage: groupadd [-g gid [-o]] [-f] [-r] group\n")); exit (E_USAGE); } @@ -225,9 +226,13 @@ const struct group *grp; gid_t gid_min, gid_max; - gid_min = getdef_unum ("GID_MIN", 100); - gid_max = getdef_unum ("GID_MAX", 60000); - + if (!rflg) { + gid_min = getdef_unum ("GID_MIN", 500); + gid_max = getdef_unum ("GID_MAX", 60000); + } else { + gid_min = getdef_unum ("SYS_GID_MIN", 10); + gid_max = getdef_unum ("SYS_GID_MAX", 499); + } /* * Start with some GID value if the user didn't provide us with * one already. @@ -334,7 +339,7 @@ char *cp; int arg; - while ((arg = getopt (argc, argv, "og:O:f")) != EOF) { + while ((arg = getopt (argc, argv, "og:O:fr")) != EOF) { switch (arg) { case 'g': gflg++; @@ -349,6 +354,12 @@ fail_exit (E_BAD_ARG); } break; + case 'r': + /* + * create system group + */ + rflg++; + break; case 'o': oflg++; break; diff -urN shadow-4.0.6.orig/src/useradd.c shadow-4.0.6/src/useradd.c --- shadow-4.0.6.orig/src/useradd.c 2004-11-18 15:47:10.975294648 +0100 +++ shadow-4.0.6/src/useradd.c 2004-11-18 21:45:00.713398344 +0100 @@ -72,10 +72,10 @@ /* * These defaults are used if there is no defaults file. */ -static gid_t def_group = 100; +static gid_t def_group = 1000; static const char *def_gname = "other"; -static const char *def_home = "/home"; -static const char *def_shell = ""; +static const char *def_home = "/home/users"; +static const char *def_shell = "/dev/null"; static const char *def_template = SKEL_DIR; static const char *def_create_mail_spool = "no"; @@ -89,7 +89,7 @@ #define VALID(s) (strcspn (s, ":\n") == strlen (s)) static const char *user_name = ""; -static const char *user_pass = "!"; +static const char *user_pass = "!!"; static uid_t user_id; static gid_t user_gid; static const char *user_comment = ""; @@ -123,6 +123,7 @@ mflg = 0, /* create user's home directory if it doesn't exist */ nflg = 0, /* create a group having the same name as the user */ oflg = 0, /* permit non-unique user ID to be specified with -u */ + rflg = 0, /* create system account (wuth lower uid) */ sflg = 0, /* shell program for new account */ uflg = 0; /* specify user ID for new account */ @@ -725,7 +726,7 @@ #ifdef SHADOWPWD fprintf (stderr, _(" [-f inactive] [-e expire]\n")); #endif - fprintf (stderr, _(" [-p passwd] name\n")); + fprintf (stderr, _(" [-p passwd] [-r] name\n")); fprintf (stderr, _(" useradd -D [-g group] [-b base] [-s shell]\n")); #ifdef SHADOWPWD @@ -973,9 +974,13 @@ const struct passwd *pwd; uid_t uid_min, uid_max; - uid_min = getdef_unum ("UID_MIN", 100); - uid_max = getdef_unum ("UID_MAX", 60000); - + if (!rflg) { + uid_min = getdef_unum ("UID_MIN", 500); + uid_max = getdef_unum ("UID_MAX", 60000); + } else { + uid_min = getdef_unum ("SYS_UID_MIN", 1); + uid_max = getdef_unum ("SYS_UID_MAX", 499); + } /* * Start with some UID value if the user didn't provide us with * one already. @@ -1056,9 +1061,9 @@ char *cp; #ifdef SHADOWPWD -#define FLAGS "A:Du:og:G:d:s:c:mk:p:f:e:b:O:M" +#define FLAGS "A:Du:og:G:d:s:c:mk:p:f:e:b:O:Mr" #else -#define FLAGS "A:Du:og:G:d:s:c:mk:p:b:O:M" +#define FLAGS "A:Du:og:G:d:s:c:mk:p:b:O:Mr" #endif while ((arg = getopt (argc, argv, FLAGS)) != EOF) { #undef FLAGS @@ -1077,6 +1082,9 @@ def_home = optarg; bflg++; break; + case 'r': /* create system account */ + rflg++; + break; case 'c': if (!VALID (optarg)) { fprintf (stderr,