defaultshell feature.

[chiark-utils.git] / sync-accounts / sync-accounts

diff --git a/sync-accounts/sync-accounts b/sync-accounts/sync-accounts
index 6acfe4bf7e3625145761a72d63045008fca38c4a..d162c89f8727ec8fcb248246dba6d4f5119605eb 100755 (executable)
--- a/sync-accounts/sync-accounts
+++ b/sync-accounts/sync-accounts
@@ -1,5 +1,5 @@
 #!/usr/bin/perl
-# $Id: sync-accounts,v 1.9 1999-01-03 01:56:57 ian Exp $
+# $Id: sync-accounts,v 1.12 1999-01-03 02:40:50 ian Exp $
 # usage: sync-accounts [-n] [-C<config-file>] [<host> ...]
 # options:
 #   -n     do not really do anything
@@ -98,6 +98,11 @@
 #      glob-pattern for a particular group takes effect.  The default
 #      is `nogroups *'.
 #
+#  defaultshell <pathname>
+#      If, when creating an account, the remote account's shell is not
+#      available on the local system, this value will be used.  The
+#      default is /bin/sh.
+#
 # Some config file directives are per-host, and should appear before
 # any directives which actually modify accounts:
 #
@@ -161,6 +166,7 @@ use POSIX;
 $configfile= '/etc/sync-accounts';
 $def_createuser= 'sync-accounts-createuser';
 $ch_homebase= '/home';
+$ch_defaultshell= '/bin/sh';
 $defaultgid= -1; # -1 => usergroups; -2 => nousergroups
 @groupglobs= [ '.*', 0 ];
 regroupglobs();
@@ -409,7 +415,7 @@ sub syncuser ($$) {
        }
        
        @newpwent= ($lu,'x',$useuid,$usegid,$rempasswd{$ru}->[4],
-                   "$ch_homebase/$lu",$rempasswd{$ru}->[6]);
+                   "$ch_homebase/$lu",$ch_defaultshell);
        
        defined($c= open CU,"-|") or die $!;
        if (!$c) {
@@ -469,7 +475,11 @@ sub syncuser ($$) {
        copyfield('passwd',$lu,1, $rempasswd{$ru}->[1]);
     }
     copyfield('passwd',$lu,4, $rempasswd{$ru}->[4]); # comment
-    copyfield('passwd',$lu,6, $rempasswd{$ru}->[6]); # shell
+
+    $newsh= $rempasswd{$ru}->[6];
+    $oksh= $checkedshell{$newsh};
+    if (!length $oksh) { $checkedshell{$newsh}= $oksh= (-x $newsh) ? 1 : 0; }
+    copyfield('passwd',$lu,6, $newsh) if $oksh;
 
     if (!$nogroups) {
        for $e (@owngroup) {
@@ -547,13 +557,9 @@ sub finish () {
        close NF or die $!;
        system "diff -U0 /etc/$file $newfile"; $?==256 or die $?;
        if (!$no_act) {
-           if ($file eq 'shadow') {
-               system "chown root.shadow $newfile"; $? and die $?;
-               chmod 0640, $newfile or die $!;
-           } else {
-               chown 0,0, $newfile or die $!;
-               chmod 0644, $newfile or die $!;
-           }
+           (@stats= stat "/etc/$file") or die "$file: $!";
+           chown $stats[4],$stats[5], $newfile or die $!;
+           chmod $stats[2] & 07777, $newfile or die $!;
            rename $newfile, "/etc/$file" or die $!;
        }
     }
@@ -581,7 +587,7 @@ while (<CF>) {
        eval "\$ch_$1= \$2; 1;" or die $@;
     } elsif (m/^(lockpasswd|lockgroup)\s+(\S+)$/) {
        eval "\$ch_$1= \$2; 1;" or die $@;
-    } elsif (m,^(homebase)\s+(/\S+)$,) {
+    } elsif (m,^(homebase|defaultshell)\s+(/\S+)$,) {
        eval "\$ch_$1= \$2; 1;" or die $@;
     } elsif (m/^(uidmin|uidmax)\s+(\d+)$/ && $2>0) {
        eval "\$ch_$1= \$2; 1;" or die $@;