PWDutils v1.01	- tools for manipulating /etc/passwd


Most of this was originally released as adduser, but a security hole big enough
to drive a Mac truck through was quickly pointed out to me by Jim Winstead.
In the original, passwords had to be passed on the command line, leaving it
open to anyone doing 'ps -ax'.  This time, passwords are read from stdin.

Steve Robbins
steve@nyongwa.cam.org
22 August 1992


This package consists of two programs, pwdutil and adduser.  The first is a
C program which simply manipulates entries in /etc/passwd.  It can add, remove,
or change any entry, as well as enable/disable logins by prepending a '*' to
the password field.

The second program, adduser, is a (BASH) shell script to make new user accounts
which has all the system-dependent bits encoded in it.  Essentially what it 
does is call pwdutil and then create all the directories and miscellaneous 
files required in setting up a user account.  It is intended to be 
straightforward to modify the shell commands for individual systems.


INSTALLATION

1.  Compile pwdutil: 'gcc pwdutil.c -o pwdutil'.  There should be no warnings
even if you compile with '-Wall'.

2.  Edit the adduser script.  I put both the programs in /usr/adm; if you 
don't, you will need to change the PWDUTIL variable.  You might change MAIL_DIR 
if you set up mail differently.  Then edit the commands after 'Setup the home 
directory...' to suit your taste.

3.  Move both pwdutil and adduser to a suitable directory (/usr/adm), and
copy the man pages to the appropriate place.


NOTES

I've included man pages that I hope are useful.  The one for adduser is pretty
lame because it is intended to be modified locally, so there isn't much I
can say about it.

Another way to disable a user's login, is to change the shell to a script
that just types out a message (explaining why access was revoked perhaps).
