# Works for sure in Ubuntu Linux, not in BSD systems (some commands used # like cut(1) have different syntax or does not exists, like chage(1)). title { Modify a user account } init { command: sleep 1 # Wait only for demo... uname=%{ARGV1} if id $uname > /dev/null 2>&1; then echo LOGIN=$uname echo COMMENT="$(grep -w $uname /etc/passwd|cut -d: -f5)" echo HOME_DIR="$(grep -w $uname /etc/passwd|cut -d: -f6)" echo SHELL="$(grep -w $uname /etc/passwd|cut -d: -f7)" echo UID="$(grep -w $uname /etc/passwd|cut -d: -f3)" echo GROUP="$(id -gn $uname)" echo GROUPS="$(id -Gn $uname | cut -d \ -f 2- | tr ' ' ',')" exp_date=$(LANG=C chage -l $uname | awk -F: '/Password expires/ { if ($2 ~ 'never') { print "-1" } else { print $2 } }') if [ ! -z "$exp_date" ]; then if [ "$exp_date" != '-1' ] then echo EXPIRE_DATE=$(date -d "$exp_date" "+%Y-%m-%d") else echo EXPIRE_DATE=$exp_date fi echo INACTIVE=$(chage -l $uname | awk -F: '/Password inactive/ { if ($2 ~ 'never') { print "-1" } else { print $2 } }') else echo "Unable to read password expiration informations." > /dev/stderr # Disable 2 fields (show them but user cannot change their value): echo CCFE_DISABLE_FIELDS=EXPIRE_DATE,INACTIVE fi lock_status=$(awk -F : -v uname=$uname " { if (\$1 == uname) { if (\$2 ~ /^\!/) { print \"YES\" } else { print \"NO\" } } } " /etc/shadow 2> /dev/null) if [ $? -ne 0 ]; then # Remove field with ID "LOCKED" from form: echo CCFE_REMOVE_FIELDS=LOCKED echo "Unable to read password lock status." > /dev/stderr else echo LOCKED=$lock_status fi else echo "Username does not exist." > /dev/stderr exit 1 # Don't post form fi exit 0 } field { id = LOGIN label = Login name len = 8 type = STRING option = -l ignore_unchgd = YES } field { id = COMMENT label = Comment len = 20 type = STRING hscroll = YES option = -c' ignore_unchgd = YES } field { id = HOME_DIR label = Home directory len = 20 type = STRING option = -d ignore_unchgd = YES } field { id = UID label = Numeric user ID type = NUMERIC len = 5 option = -u ignore_unchgd = YES } field { id = NON_UNIQUE label = Allow non-unique UID type = BOOLEAN htab = 1 option = -o } field { id = GROUP label = Initial login group len = 12 type = STRING hscroll = YES option = -g list_cmd = command:single-val:cut -d : -f 1 /etc/group | sort ignore_unchgd = YES } field { id = GROUPS label = Supplementary groups len = 20 type = STRING hscroll = YES option = -G list_cmd = command:multi-val:cut -d : -f 1 /etc/group | sort list_sep = "," ignore_unchgd = YES } field { id = APPEND label = Add the user to these supplemental group(s) type = BOOLEAN htab = 1 option = -a } field { id = SHELL label = Login shell len = 15 type = STRING hscroll = YES option = -s list_cmd = command:single-val:cat /etc/shells |grep -v ^# | sort ignore_unchgd = YES } field { id = EXPIRE_DATE label = Date when account will be disabled (YYYY-MM-DD) len = 10 type = STRING option = -e list_cmd = command:single-val:date -d '+180 days' "+%Y-%m-%d : 3 months ahead" ignore_unchgd = YES } field { id = INACTIVE label = Days account is disabled after pwd expiration len = 3 type = NUMERIC option = -f list_cmd = const:single-val:"0 : Disables the account as soon as the password has expired","-1 : Never inactives" ignore_unchgd = YES } field { id = LOCKED label = Is this user account locked? type = BOOLEAN vtab = 1 option = -L,-U } action { run(confirm): echo 'Waiting 5 seconds for demo...' ; for c in 5 4 3 2 1; do echo " $c" ; sleep 1 ; done ; usermod%{COMMENT}%{HOME_DIR}%{UID}%{NON_UNIQUE}%{GROUP}%{GROUPS}%{APPEND}%{SHELL}%{EXPIRE_DATE}%{INACTIVE}%{LOGIN}%{LOCKED} %{ARGV1} && echo "Account successfully changed." }