From 93e2f66a60bf4f6838a1521692c9b60e33dda17f Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Mon, 25 Feb 2008 21:03:46 +0000
Subject: [PATCH] * NEWS, src/useradd.c, man/useradd.8.xml: Added options  
 -user-group (-U, Uflg) and --no-user-group (-N, Nflg) to replace   nflg. *
 man/login.defs.d/USERGROUPS_ENAB.xml: useradd now also uses  
 USERGROUPS_ENAB.

---
 ChangeLog                            |  9 +++++
 NEWS                                 |  4 +++
 man/login.defs.d/USERGROUPS_ENAB.xml |  6 ++--
 man/useradd.8.xml                    | 42 +++++++++++++++++++++++
 src/useradd.c                        | 51 ++++++++++++++++++++++++----
 5 files changed, 104 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 7a0eb2e9..a0387c60 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2008-02-25  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* NEWS, src/useradd.c, man/useradd.8.xml: Added options
+	--user-group (-U, Uflg) and --no-user-group (-N, Nflg) to replace
+	nflg.
+	* man/login.defs.d/USERGROUPS_ENAB.xml: useradd now also uses
+	USERGROUPS_ENAB.
+
+
 2008-02-19  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* src/groupmod.c: Add missing 'p' to the getopt_long's optstring.
diff --git a/NEWS b/NEWS
index 9814ce34..4f492ee9 100644
--- a/NEWS
+++ b/NEWS
@@ -70,6 +70,10 @@ shadow-4.1.0 -> shadow-4.1.1						UNRELEASED
   * Document the --defaults option, which was already described in the
     useradd's Usage information.
   * New option -r, --system for system accounts.
+  * New options -U, --user-group and -N, --no-user-group. These options
+    should replace nflg from the previous versions. Please set any -n
+    option to deprecated because its meaning differs from one distribution
+    to the other.
 - usermod
   * Keep the access and modification time of files when moving an user's home
     directory.
diff --git a/man/login.defs.d/USERGROUPS_ENAB.xml b/man/login.defs.d/USERGROUPS_ENAB.xml
index f44bbb29..63ffba5a 100644
--- a/man/login.defs.d/USERGROUPS_ENAB.xml
+++ b/man/login.defs.d/USERGROUPS_ENAB.xml
@@ -7,8 +7,10 @@
       the same as gid, and username is the same as the primary group name.
     <para>
     </para>
-      If set to <replaceable>yes</replaceable>, userdel will remove the
-      user's group if it contains no more members.
+      If set to <replaceable>yes</replaceable>, <command>userdel</command>
+      will remove the user's group if it contains no more members, and
+      <command>useradd</command> will create by default a group with the
+      name of the user.
     </para>
   </listitem>
 </varlistentry>
diff --git a/man/useradd.8.xml b/man/useradd.8.xml
index 12c4cfb8..c4df3f8f 100644
--- a/man/useradd.8.xml
+++ b/man/useradd.8.xml
@@ -7,8 +7,11 @@
 <!ENTITY PASS_MAX_DAYS         SYSTEM "login.defs.d/PASS_MAX_DAYS.xml">
 <!ENTITY PASS_MIN_DAYS         SYSTEM "login.defs.d/PASS_MIN_DAYS.xml">
 <!ENTITY PASS_WARN_AGE         SYSTEM "login.defs.d/PASS_WARN_AGE.xml">
+<!ENTITY SYS_GID_MAX           SYSTEM "login.defs.d/SYS_GID_MAX.xml">
+<!ENTITY SYS_UID_MAX           SYSTEM "login.defs.d/SYS_UID_MAX.xml">
 <!ENTITY UID_MAX               SYSTEM "login.defs.d/UID_MAX.xml">
 <!ENTITY UMASK                 SYSTEM "login.defs.d/UMASK.xml">
+<!ENTITY USERGROUPS_ENAB       SYSTEM "login.defs.d/USERGROUPS_ENAB.xml">
 ]>
 <refentry id='useradd.8'>
   <!--  $Id$ -->
@@ -238,6 +241,25 @@
 	  </para>
 	</listitem>
       </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-N</option>, <option>--no-user-group</option>
+	</term>
+	<listitem>
+	  <para>
+	    Do not create a group with the same name as the user, but
+	    add the user to the group specified by the <option>-g</option>
+	    option or by the GROUP variable in
+	    <filename>/etc/default/useradd</filename>.
+	  </para>
+	  <para>
+	    The default behavior (if the <option>-g</option>,
+	    <option>-N</option>, and <option>-U</option> options are not
+	    specified) is defined by the <option>USERGROUPS_ENAB</option>
+	    variable in <filename>login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
       <varlistentry>
 	<term>
 	  <option>-o</option>, <option>--non-unique</option>
@@ -287,6 +309,23 @@
 	  </para>
 	</listitem>
       </varlistentry>
+      <varlistentry>
+	<term>
+	  <option>-U</option>, <option>--user-group</option>
+	</term>
+	<listitem>
+	  <para>
+	    Create a group with the same name as the user, and
+	    add the user to this group.
+	  </para>
+	  <para>
+	    The default behavior (if the <option>-g</option>,
+	    <option>-N</option>, and <option>-U</option> options are not
+	    specified) is defined by the <option>USERGROUPS_ENAB</option>
+	    variable in <filename>login.defs</filename>.
+	  </para>
+	</listitem>
+      </varlistentry>
     </variablelist>
 
     <refsect2 id='changing_the_default_values'>
@@ -405,8 +444,11 @@
       &PASS_MAX_DAYS;
       &PASS_MIN_DAYS;
       &PASS_WARN_AGE;
+      &SYS_GID_MAX; <!-- documents also SYS_GID_MIN -->
+      &SYS_UID_MAX; <!-- documents also SYS_UID_MIN -->
       &UID_MAX; <!-- documents also UID_MIN -->
       &UMASK;
+      &USERGROUPS_ENAB;
     </variablelist>
   </refsect1>
 
diff --git a/src/useradd.c b/src/useradd.c
index 57cbdfc7..5fdc07b5 100644
--- a/src/useradd.c
+++ b/src/useradd.c
@@ -126,11 +126,12 @@ static int
     kflg = 0,			/* specify a directory to fill new user directory */
     lflg = 0,			/* do not add user to lastlog database file */
     mflg = 0,			/* create user's home directory if it doesn't exist */
-    nflg = 0,			/* create a group having the same name as the user */
+    Nflg = 0,			/* do not create a group having the same name as the user, but add the user to def_group (or the group specified with -g) */
     oflg = 0,			/* permit non-unique user ID to be specified with -u */
     rflg = 0,			/* create a system account */
     sflg = 0,			/* shell program for new account */
-    uflg = 0;			/* specify user ID for new account */
+    uflg = 0,			/* specify user ID for new account */
+    Uflg = 0;			/* create a group having the same name as the user */
 
 static int home_added;
 
@@ -633,6 +634,8 @@ static void usage (void)
 	         "                                faillog databases\n"
 	         "  -m, --create-home             create home directory for the new user\n"
 	         "                                account\n"
+	         "  -N, --no-user-group           do not create a group with the same name as\n"
+	         "                                the user\n"
 	         "  -o, --non-unique              allow create user with duplicate\n"
 	         "                                (non-unique) UID\n"
 	         "  -p, --password PASSWORD       use encrypted password for the new user\n"
@@ -640,6 +643,7 @@ static void usage (void)
 	         "  -r, --system                  create a system account\n"
 	         "  -s, --shell SHELL             the login shell for the new user account\n"
 	         "  -u, --uid UID                 force use the UID for the new user account\n"
+	         "  -U, --user-group              create a group with the same name as the user\n"
 	         "\n"), stderr);
 	exit (E_USAGE);
 }
@@ -850,15 +854,17 @@ static void process_flags (int argc, char **argv)
 			{"skel", required_argument, NULL, 'k'},
 			{"key", required_argument, NULL, 'K'},
 			{"create-home", no_argument, NULL, 'm'},
+			{"no-user-group", no_argument, NULL, 'N'},
 			{"non-unique", no_argument, NULL, 'o'},
 			{"password", required_argument, NULL, 'p'},
 			{"system", no_argument, NULL, 'r'},
 			{"shell", required_argument, NULL, 's'},
 			{"uid", required_argument, NULL, 'u'},
+			{"user-group", no_argument, NULL, 'U'},
 			{NULL, 0, NULL, '\0'}
 		};
 		while ((c =
-			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:lmMop:rs:u:",
+			getopt_long (argc, argv, "b:c:d:De:f:g:G:k:K:lmMNop:rs:u:U",
 				     long_options, NULL)) != -1) {
 			switch (c) {
 			case 'b':
@@ -998,6 +1004,9 @@ static void process_flags (int argc, char **argv)
 			case 'm':
 				mflg++;
 				break;
+			case 'N':
+				Nflg++;
+				break;
 			case 'o':
 				oflg++;
 				break;
@@ -1033,6 +1042,9 @@ static void process_flags (int argc, char **argv)
 				user_id = get_uid (optarg);
 				uflg++;
 				break;
+			case 'U':
+				Uflg++;
+				break;
 			default:
 				usage ();
 			}
@@ -1040,12 +1052,39 @@ static void process_flags (int argc, char **argv)
 		}
 	}
 
+	if (!gflg && !Nflg && ! Uflg) {
+		/* Get the settings from login.defs */
+		Uflg = getdef_bool ("USERGROUPS_ENAB");
+	}
+
 	/*
 	 * Certain options are only valid in combination with others.
 	 * Check it here so that they can be specified in any order.
 	 */
-	if ((oflg && !uflg) || (kflg && !mflg))
+	if (oflg && !uflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is ONLY allowed with the %s flag\n"),
+		         Prog, "-o", "-u");
 		usage ();
+	}
+	if (kflg && !mflg) {
+		fprintf (stderr,
+		         _("%s: %s flag is ONLY allowed with the %s flag\n"),
+		         Prog, "-k", "-m");
+		usage ();
+	}
+	if (Uflg && gflg) {
+		fprintf (stderr,
+		         _("%s: options %s and %s conflict\n"),
+		         Prog, "-U", "-g");
+		usage ();
+	}
+	if (Uflg && Nflg) {
+		fprintf (stderr,
+		         _("%s: options %s and %s conflict\n"),
+		         Prog, "-U", "-N");
+		usage ();
+	}
 
 	/*
 	 * Either -D or username is required. Defaults can be set with -D
@@ -1583,7 +1622,7 @@ int main (int argc, char **argv)
 	 * to that group, use useradd -g username username.
 	 * --bero
 	 */
-	if (!gflg) {
+	if (Uflg) {
 		if (getgrnam (user_name)) { /* local, no need for xgetgrnam */
 			fprintf (stderr,
 				 _
@@ -1630,7 +1669,7 @@ int main (int argc, char **argv)
 
 	/* do we have to add a group for that user? This is why we need to
 	 * open the group files in the open_files() function  --gafton */
-	if (!(nflg || gflg)) {
+	if (Uflg) {
 		if (find_new_gid (rflg, &user_gid, &user_id) < 0) {
 			fprintf (stderr,
 				 _("%s: can't create group\n"),