1 #!/bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 # Use is subject to license terms. 24 # 25 26 PATH="/usr/bin:/usr/sbin:${PATH}" 27 export PATH 28 29 while read src dest 30 do 31 if [ ! -f $dest ] ; then 32 cp $src $dest 33 else 34 # 35 # 2.1 version of this file had a trailing blank 36 # in the nobody entry. Remove it. 37 # 38 # 2.6 & earlier versions had an smtp entry; remove it. 39 # 40 # The NFS nobody users get better GECOS entries. 41 sed -e 's/^\(nobody:.*:\) $/\1/' \ 42 -e '/^smtp:/d' \ 43 -e '/^nobody:/s/:Nobody:/:NFS Anonymous Access User:/' \ 44 -e '/^nobody4:/s/:SunOS\ 4\.x\ Nobody:/:SunOS 4.x NFS Anonymous Access User:/;' \ 45 $dest > /tmp/d.$$ 46 cp /tmp/d.$$ $dest 47 rm -f /tmp/d.$$ 48 49 # 50 # s10 is changing root's group back to 0: 51 # 52 sed -e 's/^root:\([^:]*\):0:1:/root:\1:0:0:/' \ 53 $dest > /tmp/d.$$ 54 cp /tmp/d.$$ $dest 55 rm -f /tmp/d.$$ 56 57 # 58 # Add the 'nobody' user from 4.x so that people don't 59 # assign it to a regular user and confuse themselves 60 # 61 NOBODY4_LINE="nobody4:x:65534:65534:SunOS 4.x NFS Anoymous Access User:/:" 62 if grep "^nobody4:" $dest 2>&1 >/dev/null; then 63 : 64 else 65 printf '/^noaccess:x\na\n%s\n.\nw\nq\n' \ 66 "$NOBODY4_LINE" | ed -s $dest > /dev/null 67 fi 68 69 # 70 # Add the 'smmsp' user for sendmail 8.12 71 # 72 SMMSP_LIN="smmsp:x:25:25:SendMail Message Submission Program:/:" 73 if grep "$SMMSP_LIN" $dest 2>&1 >/dev/null; then 74 : 75 else 76 printf '/^nobody4:x\na\n%s\n.\nw\nq\n' \ 77 "$SMMSP_LIN" | ed -s $dest > /dev/null 78 fi 79 80 # 81 # Add the 'gdm' user if it doesn't exist. 82 # 83 GDM_LINE="gdm:x:50:50:GDM Reserved UID:/:" 84 cur_name=`awk -F: '$3 == 50 { print $1 }' $dest` 85 if [ ! -z "$cur_name" -a "$cur_name" != "gdm" ]; then 86 echo "ERROR: Reserved UID 50 already assigned" \ 87 "to '$cur_name'" >> /tmp/CLEANUP 88 elif grep "$GDM_LINE" $dest 2>&1 >/dev/null; then 89 : 90 else 91 printf '/^listen:x\na\n%s\n.\nw\nq\n' \ 92 "$GDM_LINE" | ed -s $dest > /dev/null 93 fi 94 95 # 96 # Add the 'webservd' user if it doesn't exist. 97 # 98 WEBSERVD_LIN="webservd:x:80:80:WebServer Reserved UID:/:" 99 cur_name=`awk -F: '$3 == 80 { print $1 }' $dest` 100 if [ ! -z "$cur_name" -a "$cur_name" != "webservd" ]; then 101 echo "ERROR: Reserved UID 80 already assigned" \ 102 "to '$cur_name'" >> /tmp/CLEANUP 103 elif grep "$WEBSERVD_LIN" $dest 2>&1 >/dev/null; then 104 : 105 else 106 printf '/^gdm:x\na\n%s\n.\nw\nq\n' \ 107 "$WEBSERVD_LIN" | ed -s $dest > /dev/null 108 fi 109 110 # 111 # Add the 'postgres' user if it doesn't exist. 112 # 113 POSTGRES_LIN="postgres:x:90:90:PostgreSQL Reserved UID:/:/usr/bin/pfksh" 114 cur_name=`awk -F: '$3 == 90 { print $1 }' $dest` 115 cur_id=`awk -F: '$1 == "postgres" { print $3 }' $dest` 116 if [ ! -z "$cur_name" -a "$cur_name" != "postgres" ]; then 117 echo "ERROR: Reserved UID 90 already assigned" \ 118 "to '$cur_name'" >> /tmp/CLEANUP 119 elif [ ! -z "$cur_id" -a "$cur_id" != "90" ]; then 120 echo "NOTE: postgres username already assigned" \ 121 "to id '$cur_id'" >> /tmp/CLEANUP 122 elif grep "$POSTGRES_LIN" $dest 2>&1 >/dev/null; then 123 : 124 else 125 printf '/^webservd:x\na\n%s\n.\nw\nq\n' \ 126 "$POSTGRES_LIN" | ed -s $dest > /dev/null 127 fi 128 129 # 130 # Add the 'mysql' user if it doesn't exist. 131 # 132 MYSQL_LIN="mysql:x:70:70:MySQL Reserved UID:/:" 133 cur_name=`awk -F: '$3 == 70 { print $1 }' $dest` 134 cur_id=`awk -F: '$1 == "mysql" { print $3 }' $dest` 135 if [ ! -z "$cur_name" -a "$cur_name" != "mysql" ]; then 136 echo "ERROR: Reserved UID 70 already assigned" \ 137 "to '$cur_name'" >> /tmp/CLEANUP 138 elif [ ! -z "$cur_id" -a "$cur_id" != "70" ]; then 139 echo "NOTE: mysql username already assigned" \ 140 "to id '$cur_id'" >> /tmp/CLEANUP 141 elif grep "$MYSQL_LIN" $dest 2>&1 >/dev/null; then 142 : 143 else 144 printf '/^postgres:x\na\n%s\n.\nw\nq\n' \ 145 "$MYSQL_LIN" | ed -s $dest > /dev/null 146 fi 147 148 # 149 # Add the 'svctag' user if it doesn't exist. 150 # 151 SVCTAG_LIN="svctag:x:95:12:Service Tag UID:/:" 152 cur_name=`awk -F: '$3 == 95 { print $1 }' $dest` 153 cur_id=`awk -F: '$1 == "svctag" { print $3 }' $dest` 154 if [ ! -z "$cur_name" -a "$cur_name" != "svctag" ]; then 155 echo "ERROR: Reserved UID 95 already assigned" \ 156 "to '$cur_name'" >> /tmp/CLEANUP 157 elif [ ! -z "$cur_id" -a "$cur_id" != "95" ]; then 158 echo "NOTE: svctag username already assigned" \ 159 "to id '$cur_id'" >> /tmp/CLEANUP 160 elif grep "$SVCTAG_LIN" $dest 2>&1 >/dev/null; then 161 : 162 else 163 printf '/^postgres:x\na\n%s\n.\nw\nq\n' \ 164 "$SVCTAG_LIN" | ed -s $dest > /dev/null 165 fi 166 167 # 168 # Add the 'dladm' user if it doesn't exist. 169 # 170 DLADM_LIN="dladm:x:15:3:Datalink Admin:/:" 171 cur_name=`awk -F: '$3 == 15 { print $1 }' $dest` 172 if [ ! -z "$cur_name" -a "$cur_name" != "dladm" ]; then 173 echo "ERROR: Reserved UID 15 already assigned" \ 174 "to '$cur_name'" >> /tmp/CLEANUP 175 elif grep "$DLADM_LIN" $dest 2>&1 >/dev/null; then 176 : 177 else 178 printf '/^nuucp:x\na\n%s\n.\nw\nq\n' \ 179 "$DLADM_LIN" | ed -s $dest > /dev/null 180 fi 181 182 # 183 # Add the 'xvm' user if it doesn't exist. 184 # 185 XVM_LIN="xvm:x:60:60:xVM User:/:" 186 cur_name=`awk -F: '$3 == 60 { print $1 }' $dest` 187 cur_id=`awk -F: '$1 == "xvm" { print $3 }' $dest` 188 if [ ! -z "$cur_name" -a "$cur_name" != "xvm" ]; then 189 echo "ERROR: Reserved UID 60 already assigned" \ 190 "to '$cur_name'" >> /tmp/CLEANUP 191 elif [ ! -z "$cur_id" -a "$cur_id" != "60" ]; then 192 echo "NOTE: xvm username already assigned" \ 193 "to id '$cur_id'" >> /tmp/CLEANUP 194 elif grep "$XVM_LIN" $dest 2>&1 >/dev/null; then 195 : 196 else 197 printf '/^gdm:x\na\n%s\n.\nw\nq\n' \ 198 "$XVM_LIN" | ed -s $dest > /dev/null 199 fi 200 # 201 # Add the 'openldap' user if it doesn't exist. 202 # 203 OPENLDAP_LIN="openldap:x:75:75:OpenLDAP User:/:" 204 cur_name=`awk -F: '$3 == 75 { print $1 }' $dest` 205 cur_id=`awk -F: '$1 == "openldap" { print $3 }' $dest` 206 if [ ! -z "$cur_name" -a "$cur_name" != "openldap" ]; then 207 echo "ERROR: Reserved UID 75 already assigned" \ 208 "to '$cur_name'" >> /tmp/CLEANUP 209 elif [ ! -z "$cur_id" -a "$cur_id" != "75" ]; then 210 echo "NOTE: openldap username already assigned" \ 211 "to id '$cur_id'" >> /tmp/CLEANUP 212 elif grep "$OPENLDAP_LIN" $dest 2>&1 >/dev/null; then 213 : 214 else 215 printf '/^mysql:x\na\n%s\n.\nw\nq\n' \ 216 "$OPENLDAP_LIN" | ed -s $dest > /dev/null 217 fi 218 219 # 220 # Add the 'zfssnap' user if it doesn't exist. 221 # 222 ZSNAP_LIN="zfssnap:x:51:12:ZFS Automatic Snapshots Reserved UID:/:/usr/bin/pfsh" 223 cur_name=`awk -F: '$3 == 51 { print $1 }' $dest` 224 cur_id=`awk -F: '$1 == "zfssnap" { print $3 }' $dest` 225 if [ ! -z "$cur_name" -a "$cur_name" != "zfssnap" ]; then 226 echo "ERROR: Reserved UID 51 already assigned" \ 227 "to '$cur_name'" >> /tmp/CLEANUP 228 elif [ ! -z "$cur_id" -a "$cur_id" != "51" ]; then 229 echo "NOTE: zfssnap username already assigned" \ 230 "to id '$cur_id'" >> /tmp/CLEANUP 231 elif grep "$ZSNAP_LIN" $dest 2>&1 > /dev/null; then 232 : 233 else 234 printf '/^gdm:x\na\n%s\n.\nw\nq\n' \ 235 "$ZSNAP_LIN" | ed -s $dest > /dev/null 236 fi 237 fi 238 done 239 240 exit 0 241