home *** CD-ROM | disk | FTP | other *** search
/ Mac Easy 2010 May / Mac Life Ubuntu.iso / casper / filesystem.squashfs / usr / lib / user-setup / user-setup-ask < prev   
Encoding:
Text File  |  2009-04-15  |  7.3 KB  |  276 lines
  1. #!/bin/sh -e
  2.  
  3. . /usr/share/debconf/confmodule
  4.  
  5. db_capb "backup"
  6.  
  7. if [ "$1" ]; then
  8.     ROOT="$1"
  9. else
  10.     ROOT=
  11. fi
  12. export ROOT
  13.  
  14. . /usr/lib/user-setup/functions.sh
  15.  
  16. # For the convenience of heavy testers
  17. set_special_users() {
  18.     local realname
  19.     case "$fullname" in
  20.         fjp)    realname="Frans Pop" ;;
  21.         tbm)    realname="Martin Michlmayr" ;;
  22.         *)        return 1 ;;
  23.     esac
  24.     db_set passwd/user-fullname "$realname"
  25.     userdefault=$fullname
  26.     db_fset passwd/username seen true
  27.     return 0
  28. }
  29.  
  30. # Main loop starts here. Use a state machine to allow jumping back to
  31. # previous questions.
  32. STATE=0
  33. while :; do
  34.     case "$STATE" in
  35.         0)
  36.         # Ask how the password files should be set up.
  37.         db_input low passwd/shadow || true
  38.         # Ask if root should be allowed to login.
  39.         db_input medium passwd/root-login || true
  40.         ;;
  41.         1)
  42.         db_get passwd/root-login
  43.         if [ "$RET" = false ]; then
  44.             # root password will be locked
  45.             db_set passwd/root-password ""
  46.             db_set passwd/root-password-crypted "!"
  47.         elif ! root_password; then
  48.             # First check whether the root password was preseeded
  49.             # crypted to an actual password (not locked)
  50.             db_get passwd/root-password-crypted || true
  51.             if ! test "$RET" || [ "x$RET" = "x!" ]; then
  52.                 # No preseed of the root password hash
  53.                 # we will prompt the user
  54.                 db_set passwd/root-password-crypted ""
  55.                 db_input critical passwd/root-password || true
  56.                 db_input critical passwd/root-password-again || true
  57.             fi
  58.         fi
  59.         ;;
  60.         2)
  61.         db_get passwd/root-login
  62.         if [ "$RET" = false ]; then
  63.             # root password will be locked
  64.             db_set passwd/root-password-again ""
  65.         elif ! root_password; then
  66.             # First check whether the root password was preseeded crypted
  67.             db_get passwd/root-password-crypted || true
  68.             if ! test "$RET" ; then
  69.                 # Compare the two passwords, loop back if not
  70.                 # identical, or if empty.
  71.                 db_get passwd/root-password
  72.                 ROOT_PW="$RET"
  73.                 if [ -z "$ROOT_PW" ]; then
  74.                     db_fset user-setup/password-empty seen false
  75.                     db_input critical user-setup/password-empty
  76.                     db_fset passwd/root-password seen false
  77.                     db_fset passwd/root-password-again seen false
  78.                     STATE=1
  79.                     continue
  80.                 elif password_is_weak "$ROOT_PW"; then
  81.                     db_set user-setup/password-weak false
  82.                     db_fset user-setup/password-weak seen false
  83.                     db_input critical user-setup/password-weak
  84.                     # TODO would be better to extend state machine
  85.                     if ! db_go; then
  86.                         STATE=1
  87.                         continue
  88.                     fi
  89.                     db_get user-setup/password-weak || RET=
  90.                     if [ "$RET" != true ]; then
  91.                         # user doesn't want to force
  92.                         # weak password
  93.                         db_fset passwd/root-password seen false
  94.                         db_fset passwd/root-password-again seen false
  95.                         STATE=1
  96.                         continue
  97.                     fi
  98.                 fi
  99.                 db_get passwd/root-password-again
  100.                 if [ "$ROOT_PW" != "$RET" ]; then
  101.                     db_fset user-setup/password-mismatch seen false
  102.                     db_input critical user-setup/password-mismatch
  103.                     db_fset passwd/root-password seen false
  104.                     db_fset passwd/root-password-again seen false
  105.                     STATE=1
  106.                     continue
  107.                 fi
  108.                 ROOT_PW=''
  109.             fi
  110.         fi
  111.         ;;
  112.         3)
  113.         # Ask if a non-root user should be made, if there is not
  114.         # already one.
  115.         db_get passwd/root-login
  116.         if [ "$RET" = false ]; then
  117.             # always make non-root user; this user will be able
  118.             # to sudo to root
  119.             db_set passwd/make-user true
  120.         elif ! is_system_user; then
  121.             db_input medium passwd/make-user || true
  122.         fi
  123.         ;;
  124.         4)
  125.         # Prompt for user info.
  126.         db_get passwd/make-user
  127.         if [ "$RET" = true ] && ! is_system_user; then
  128.             db_input critical passwd/user-fullname || true
  129.         fi
  130.         ;;
  131.         5)
  132.         # Prompt for user info.
  133.         db_get passwd/make-user
  134.         if [ "$RET" = true ] && ! is_system_user; then
  135.             LOOP=""
  136.             db_get passwd/username
  137.             if [ -z "$RET" ]; then
  138.                 db_get passwd/user-fullname
  139.                 fullname=$RET
  140.                 if ! set_special_users; then
  141.                     userdefault=$(echo "$fullname" | \
  142.                         sed 's/ .*//' | LC_ALL=C tr A-Z a-z)
  143.                 fi
  144.                 if test -n "$userdefault" && \
  145.                     LC_ALL=C expr "$userdefault" : '[a-z][-a-z0-9]*$' >/dev/null; then
  146.                     db_set passwd/username "$userdefault"
  147.                 fi
  148.             fi
  149.             db_input critical passwd/username || true
  150.         fi
  151.         ;;
  152.         6)
  153.         # Verify user.
  154.         db_get passwd/make-user
  155.         if [ "$RET" = true ] && ! is_system_user; then
  156.             # Verify the user name, loop with message if bad.
  157.             db_get passwd/username
  158.             USER="$RET"
  159.             if ! LC_ALL=C expr "$USER" : '[a-z][-a-z0-9]*$' >/dev/null; then
  160.                 db_fset passwd/username seen false
  161.                 db_fset passwd/username-bad seen false
  162.                 db_input critical passwd/username-bad
  163.                 STATE=3
  164.                 continue
  165.             fi
  166.             
  167.             if grep -v '^#' /usr/lib/user-setup/reserved-usernames | \
  168.                grep -q "^$USER\$"; then
  169.                 db_fset passwd/username seen false
  170.                 db_fset passwd/username-reserved seen false
  171.                 db_subst passwd/username-reserved USERNAME "$USER"
  172.                 db_input critical passwd/username-reserved
  173.                 STATE=3
  174.                 continue
  175.             fi
  176.  
  177.             db_get passwd/user-password-crypted || true
  178.             if ! test "$RET" ; then
  179.                 db_input critical passwd/user-password || true
  180.                 db_input critical passwd/user-password-again || true
  181.             fi
  182.         fi
  183.         ;;
  184.         7)
  185.         db_get passwd/make-user
  186.         if [ "$RET" = true ] && ! is_system_user; then
  187.             db_get passwd/user-password-crypted || true
  188.             if ! test "$RET" ; then
  189.                 # Compare the two passwords, loop with message if not
  190.                 # identical
  191.                 db_get passwd/user-password
  192.                 USER_PW="$RET"
  193.                 db_get passwd/user-password-again
  194.                 if [ "$USER_PW" != "$RET" ]; then
  195.                     db_set passwd/user-password ""
  196.                     db_set passwd/user-password-again ""
  197.                     db_fset user-setup/password-mismatch seen false
  198.                     db_input critical user-setup/password-mismatch
  199.                     db_fset passwd/user-password seen false
  200.                     db_fset passwd/user-password-again seen false
  201.                     STATE=6
  202.                     continue
  203.                 fi
  204.                 # Loop if the password is empty, and it's not
  205.                 # specifically allowed by preseeding
  206.                 if password_is_empty "$USER_PW"; then
  207.                     db_set passwd/user-password ""
  208.                     db_set passwd/user-password-again ""
  209.                     db_fset user-setup/password-empty seen false
  210.                     db_input critical user-setup/password-empty
  211.                     db_fset passwd/user-password seen false
  212.                     db_fset passwd/user-password-again seen false
  213.                     STATE=6
  214.                     continue
  215.                 elif [ "$USER_PW" ] && password_is_weak "$USER_PW"; then
  216.                     db_set user-setup/password-weak false
  217.                     db_fset user-setup/password-weak seen false
  218.                     db_input critical user-setup/password-weak
  219.                     # TODO would be better to extend state machine
  220.                     if ! db_go; then
  221.                         STATE=6
  222.                         continue
  223.                     fi
  224.                     db_get user-setup/password-weak || RET=
  225.                     if [ "$RET" != true ]; then
  226.                         # user doesn't want to force
  227.                         # weak password
  228.                         db_set passwd/user-password ""
  229.                         db_set passwd/user-password-again ""
  230.                         db_fset passwd/user-password seen false
  231.                         db_fset passwd/user-password-again seen false
  232.                         STATE=6
  233.                         continue
  234.                     fi
  235.                 fi
  236.             fi
  237.         fi
  238.         ;;
  239.         8)
  240.         db_get passwd/username
  241.         USER="$RET"
  242.         db_get passwd/make-user
  243.         if [ "$RET" = true ] && [ ! -d "$ROOT/home/$USER" ]; then
  244.             db_input high user-setup/encrypt-home || true
  245.         fi
  246.         ;;
  247.         9)
  248.         ecryptfs_in_use=
  249.         for homedir in "$ROOT/home"/*; do
  250.             if [ -d "$homedir/.ecryptfs" ]; then
  251.                 ecryptfs_in_use=1
  252.                 break
  253.             fi
  254.         done
  255.         if [ "$ecryptfs_in_use" ] || \
  256.            (db_get user-setup/encrypt-home && [ "$RET" = true ]); then
  257.             apt-install ecryptfs-utils 2>/dev/null
  258.         fi
  259.         ;;
  260.         *)
  261.         break
  262.         ;;
  263.     esac
  264.  
  265.     if db_go; then
  266.         STATE=$(($STATE + 1))
  267.     else
  268.         STATE=$(($STATE - 1))
  269.     fi
  270.     #echo "ON STATE: $STATE"
  271. done
  272.  
  273. if [ "$STATE" = -1 ]; then
  274.     exit 10
  275. fi
  276.