1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright (c) 2013 Gary Mills
  23  *
  24  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  25  * Use is subject to license terms.
  26  */
  27 
  28 /*      Copyright (c) 1984, 1986, 1987, 1988, 1989 AT&T     */
  29 /*        All Rights Reserved   */
  30 
  31 /*
  32  * Copyright (c) 2013 RackTop Systems.
  33  */
  34 
  35 #include        <sys/types.h>
  36 #include        <sys/stat.h>
  37 #include        <sys/param.h>
  38 #include        <stdio.h>
  39 #include        <stdlib.h>
  40 #include        <ctype.h>
  41 #include        <limits.h>
  42 #include        <string.h>
  43 #include        <userdefs.h>
  44 #include        <errno.h>
  45 #include        <project.h>
  46 #include        <unistd.h>
  47 #include        <user_attr.h>
  48 #include        <libcmdutils.h>
  49 #include        "users.h"
  50 #include        "messages.h"
  51 #include        "userdisp.h"
  52 #include        "funcs.h"
  53 
  54 /*
  55  *  useradd [-u uid [-o] | -g group | -G group [[, group]...]
  56  *              | -d dir [-m [-z|Z]]
  57  *              | -s shell | -c comment | -k skel_dir | -b base_dir] ]
  58  *              [ -A authorization [, authorization ...]]
  59  *              [ -P profile [, profile ...]]
  60  *              [ -K key=value ]
  61  *              [ -R role [, role ...]] [-p project [, project ...]] login
  62  *  useradd -D [ -g group ] [ -b base_dir | -f inactive | -e expire |
  63  *              -s shell | -k skel_dir ]
  64  *              [ -A authorization [, authorization ...]]
  65  *              [ -P profile [, profile ...]] [ -K key=value ]
  66  *              [ -R role [, role ...]] [-p project [, project ...]] login
  67  *
  68  *      This command adds new user logins to the system.  Arguments are:
  69  *
  70  *      uid - an integer
  71  *      group - an existing group's integer ID or char string name
  72  *      dir - home directory
  73  *      shell - a program to be used as a shell
  74  *      comment - any text string
  75  *      skel_dir - a skeleton directory
  76  *      base_dir - a directory
  77  *      login - a string of printable chars except colon(:)
  78  *      authorization - One or more comma separated authorizations defined
  79  *                      in auth_attr(4).
  80  *      profile - One or more comma separated execution profiles defined
  81  *                in prof_attr(4)
  82  *      role - One or more comma-separated role names defined in user_attr(4)
  83  *      project - One or more comma-separated project names or numbers
  84  *
  85  */
  86 
  87 extern struct userdefs *getusrdef();
  88 extern void dispusrdef();
  89 
  90 static void cleanup();
  91 
  92 extern int check_perm(), valid_expire();
  93 extern int putusrdef(), valid_uid();
  94 extern int call_passmgmt(), edit_group(), create_home();
  95 extern int edit_project();
  96 extern int **valid_lgroup();
  97 extern projid_t **valid_lproject();
  98 extern void update_def(struct userdefs *);
  99 extern void import_def(struct userdefs *);
 100 extern int get_default_zfs_flags();
 101 
 102 static uid_t uid;                       /* new uid */
 103 static char *logname;                   /* login name to add */
 104 static struct userdefs *usrdefs;        /* defaults for useradd */
 105 
 106 char *cmdname;
 107 
 108 static char homedir[ PATH_MAX + 1 ];    /* home directory */
 109 static char gidstring[32];              /* group id string representation */
 110 static gid_t gid;                       /* gid of new login */
 111 static char uidstring[32];              /* user id string representation */
 112 static char *uidstr = NULL;             /* uid from command line */
 113 static char *base_dir = NULL;           /* base_dir from command line */
 114 static char *group = NULL;              /* group from command line */
 115 static char *grps = NULL;               /* multi groups from command line */
 116 static char *dir = NULL;                /* home dir from command line */
 117 static char *shell = NULL;              /* shell from command line */
 118 static char *comment = NULL;            /* comment from command line */
 119 static char *skel_dir = NULL;           /* skel dir from command line */
 120 static long inact;                      /* inactive days */
 121 static char *inactstr = NULL;           /* inactive from command line */
 122 static char inactstring[10];            /* inactivity string representation */
 123 static char *expirestr = NULL;          /* expiration date from command line */
 124 static char *projects = NULL;           /* project id's from command line */
 125 
 126 static char *usertype = NULL;   /* type of user, either role or normal */
 127 
 128 typedef enum {
 129         BASEDIR = 0,
 130         SKELDIR,
 131         SHELL
 132 } path_opt_t;
 133 
 134 
 135 static void valid_input(path_opt_t, const char *);
 136 
 137 int
 138 main(argc, argv)
 139 int argc;
 140 char *argv[];
 141 {
 142         int ch, ret, mflag = 0, oflag = 0, Dflag = 0;
 143         int zflag = 0, Zflag = 0, **gidlist = NULL;
 144         projid_t **projlist = NULL;
 145         char *ptr;                      /* loc in a str, may be set by strtol */
 146         struct group *g_ptr;
 147         struct project p_ptr;
 148         char mybuf[PROJECT_BUFSZ];
 149         struct stat statbuf;            /* status buffer for stat */
 150         int warning;
 151         int busy = 0;
 152         char **nargv;                   /* arguments for execvp of passmgmt */
 153         int argindex;                   /* argument index into nargv */
 154         int zfs_flags = 0;                      /* create_home flags */
 155 
 156         cmdname = argv[0];
 157 
 158         if (geteuid() != 0) {
 159                 errmsg(M_PERM_DENIED);
 160                 exit(EX_NO_PERM);
 161         }
 162 
 163         opterr = 0;                     /* no print errors from getopt */
 164         usertype = getusertype(argv[0]);
 165 
 166         change_key(USERATTR_TYPE_KW, usertype);
 167 
 168         while ((ch = getopt(argc, argv,
 169                     "b:c:Dd:e:f:G:g:k:mzZop:s:u:A:P:R:K:")) != EOF)
 170                 switch (ch) {
 171                 case 'b':
 172                         base_dir = optarg;
 173                         break;
 174 
 175                 case 'c':
 176                         comment = optarg;
 177                         break;
 178 
 179                 case 'D':
 180                         Dflag++;
 181                         break;
 182 
 183                 case 'd':
 184                         dir = optarg;
 185                         break;
 186 
 187                 case 'e':
 188                         expirestr = optarg;
 189                         break;
 190 
 191                 case 'f':
 192                         inactstr = optarg;
 193                         break;
 194 
 195                 case 'G':
 196                         grps = optarg;
 197                         break;
 198 
 199                 case 'g':
 200                         group = optarg;
 201                         break;
 202 
 203                 case 'k':
 204                         skel_dir = optarg;
 205                         break;
 206 
 207                 case 'm':
 208                         mflag++;
 209                         break;
 210 
 211                 case 'o':
 212                         oflag++;
 213                         break;
 214 
 215                 case 'p':
 216                         projects = optarg;
 217                         break;
 218 
 219                 case 's':
 220                         shell = optarg;
 221                         break;
 222 
 223                 case 'u':
 224                         uidstr = optarg;
 225                         break;
 226 
 227                 case 'Z':
 228                         Zflag++;
 229                         break;
 230 
 231                 case 'z':
 232                         zflag++;
 233                         break;
 234 
 235                 case 'A':
 236                         change_key(USERATTR_AUTHS_KW, optarg);
 237                         break;
 238 
 239                 case 'P':
 240                         change_key(USERATTR_PROFILES_KW, optarg);
 241                         break;
 242 
 243                 case 'R':
 244                         if (is_role(usertype)) {
 245                                 errmsg(M_ARUSAGE);
 246                                 exit(EX_SYNTAX);
 247                         }
 248                         change_key(USERATTR_ROLES_KW, optarg);
 249                         break;
 250 
 251                 case 'K':
 252                         change_key(NULL, optarg);
 253                         break;
 254 
 255                 default:
 256                 case '?':
 257                         if (is_role(usertype))
 258                                 errmsg(M_ARUSAGE);
 259                         else
 260                                 errmsg(M_AUSAGE);
 261                         exit(EX_SYNTAX);
 262                 }
 263 
 264         if (((!mflag) && (zflag || Zflag)) || (zflag && Zflag) ||
 265             (mflag > 1 && (zflag || Zflag))) {
 266                 if (is_role(usertype))
 267                         errmsg(M_ARUSAGE);
 268                 else
 269                         errmsg(M_AUSAGE);
 270                 exit(EX_SYNTAX);
 271         }
 272 
 273 
 274         /* get defaults for adding new users */
 275         usrdefs = getusrdef(usertype);
 276 
 277         if (Dflag) {
 278                 /* DISPLAY mode */
 279 
 280                 /* check syntax */
 281                 if (optind != argc) {
 282                         if (is_role(usertype))
 283                                 errmsg(M_ARUSAGE);
 284                         else
 285                                 errmsg(M_AUSAGE);
 286                         exit(EX_SYNTAX);
 287                 }
 288 
 289                 if (uidstr != NULL || oflag || grps != NULL ||
 290                     dir != NULL || mflag || comment != NULL) {
 291                         if (is_role(usertype))
 292                                 errmsg(M_ARUSAGE);
 293                         else
 294                                 errmsg(M_AUSAGE);
 295                         exit(EX_SYNTAX);
 296                 }
 297 
 298                 /* Group must be an existing group */
 299                 if (group != NULL) {
 300                         switch (valid_group(group, &g_ptr, &warning)) {
 301                         case INVALID:
 302                                 errmsg(M_INVALID, group, "group id");
 303                                 exit(EX_BADARG);
 304                                 /*NOTREACHED*/
 305                         case TOOBIG:
 306                                 errmsg(M_TOOBIG, "gid", group);
 307                                 exit(EX_BADARG);
 308                                 /*NOTREACHED*/
 309                         case RESERVED:
 310                         case UNIQUE:
 311                                 errmsg(M_GRP_NOTUSED, group);
 312                                 exit(EX_NAME_NOT_EXIST);
 313                         }
 314                         if (warning)
 315                                 warningmsg(warning, group);
 316 
 317                         usrdefs->defgroup = g_ptr->gr_gid;
 318                         usrdefs->defgname = g_ptr->gr_name;
 319 
 320                 }
 321 
 322                 /* project must be an existing project */
 323                 if (projects != NULL) {
 324                         switch (valid_project(projects, &p_ptr, mybuf,
 325                             sizeof (mybuf), &warning)) {
 326                         case INVALID:
 327                                 errmsg(M_INVALID, projects, "project id");
 328                                 exit(EX_BADARG);
 329                                 /*NOTREACHED*/
 330                         case TOOBIG:
 331                                 errmsg(M_TOOBIG, "projid", projects);
 332                                 exit(EX_BADARG);
 333                                 /*NOTREACHED*/
 334                         case UNIQUE:
 335                                 errmsg(M_PROJ_NOTUSED, projects);
 336                                 exit(EX_NAME_NOT_EXIST);
 337                         }
 338                         if (warning)
 339                                 warningmsg(warning, projects);
 340 
 341                         usrdefs->defproj = p_ptr.pj_projid;
 342                         usrdefs->defprojname = p_ptr.pj_name;
 343                 }
 344 
 345                 /* base_dir must be an existing directory */
 346                 if (base_dir != NULL) {
 347                         valid_input(BASEDIR, base_dir);
 348                         usrdefs->defparent = base_dir;
 349                 }
 350 
 351                 /* inactivity period is an integer */
 352                 if (inactstr != NULL) {
 353                         /* convert inactstr to integer */
 354                         inact = strtol(inactstr, &ptr, 10);
 355                         if (*ptr || inact < 0) {
 356                                 errmsg(M_INVALID, inactstr,
 357                                     "inactivity period");
 358                                 exit(EX_BADARG);
 359                         }
 360 
 361                         usrdefs->definact = inact;
 362                 }
 363 
 364                 /* expiration string is a date, newer than today */
 365                 if (expirestr != NULL) {
 366                         if (*expirestr) {
 367                                 if (valid_expire(expirestr, (time_t *)0)
 368                                     == INVALID) {
 369                                         errmsg(M_INVALID, expirestr,
 370                                             "expiration date");
 371                                         exit(EX_BADARG);
 372                                 }
 373                                 usrdefs->defexpire = expirestr;
 374                         } else
 375                                 /* Unset the expiration date */
 376                                 usrdefs->defexpire = "";
 377                 }
 378 
 379                 if (shell != NULL) {
 380                         valid_input(SHELL, shell);
 381                         usrdefs->defshell = shell;
 382                 }
 383                 if (skel_dir != NULL) {
 384                         valid_input(SKELDIR, skel_dir);
 385                         usrdefs->defskel = skel_dir;
 386                 }
 387                 update_def(usrdefs);
 388 
 389                 /* change defaults for useradd */
 390                 if (putusrdef(usrdefs, usertype) < 0) {
 391                         errmsg(M_UPDATE, "created");
 392                         exit(EX_UPDATE);
 393                 }
 394 
 395                 /* Now, display */
 396                 dispusrdef(stdout, (D_ALL & ~D_RID), usertype);
 397                 exit(EX_SUCCESS);
 398 
 399         }
 400 
 401         /* ADD mode */
 402 
 403         /* check syntax */
 404         if (optind != argc - 1 || (skel_dir != NULL && !mflag)) {
 405                 if (is_role(usertype))
 406                         errmsg(M_ARUSAGE);
 407                 else
 408                         errmsg(M_AUSAGE);
 409                 exit(EX_SYNTAX);
 410         }
 411 
 412         logname = argv[optind];
 413         switch (valid_login(logname, (struct passwd **)NULL, &warning)) {
 414         case INVALID:
 415                 errmsg(M_INVALID, logname, "login name");
 416                 exit(EX_BADARG);
 417                 /*NOTREACHED*/
 418 
 419         case NOTUNIQUE:
 420                 errmsg(M_USED, logname);
 421                 exit(EX_NAME_EXISTS);
 422                 /*NOTREACHED*/
 423 
 424         case LONGNAME:
 425                 errmsg(M_TOO_LONG, logname);
 426                 exit(EX_BADARG);
 427                 /*NOTREACHED*/
 428         }
 429 
 430         if (warning)
 431                 warningmsg(warning, logname);
 432         if (uidstr != NULL) {
 433                 /* convert uidstr to integer */
 434                 errno = 0;
 435                 uid = (uid_t)strtol(uidstr, &ptr, (int)10);
 436                 if (*ptr || errno == ERANGE) {
 437                         errmsg(M_INVALID, uidstr, "user id");
 438                         exit(EX_BADARG);
 439                 }
 440 
 441                 switch (valid_uid(uid, NULL)) {
 442                 case NOTUNIQUE:
 443                         if (!oflag) {
 444                                 /* override not specified */
 445                                 errmsg(M_UID_USED, uid);
 446                                 exit(EX_ID_EXISTS);
 447                         }
 448                         break;
 449                 case RESERVED:
 450                         errmsg(M_RESERVED, uid);
 451                         break;
 452                 case TOOBIG:
 453                         errmsg(M_TOOBIG, "uid", uid);
 454                         exit(EX_BADARG);
 455                         break;
 456                 }
 457 
 458         } else {
 459 
 460                 if (findnextuid(DEFRID+1, MAXUID, &uid) != 0) {
 461                         errmsg(M_INVALID, "default id", "user id");
 462                         exit(EX_ID_EXISTS);
 463                 }
 464         }
 465 
 466         if (group != NULL) {
 467                 switch (valid_group(group, &g_ptr, &warning)) {
 468                 case INVALID:
 469                         errmsg(M_INVALID, group, "group id");
 470                         exit(EX_BADARG);
 471                         /*NOTREACHED*/
 472                 case TOOBIG:
 473                         errmsg(M_TOOBIG, "gid", group);
 474                         exit(EX_BADARG);
 475                         /*NOTREACHED*/
 476                 case RESERVED:
 477                 case UNIQUE:
 478                         errmsg(M_GRP_NOTUSED, group);
 479                         exit(EX_NAME_NOT_EXIST);
 480                         /*NOTREACHED*/
 481                 }
 482 
 483                 if (warning)
 484                         warningmsg(warning, group);
 485                 gid = g_ptr->gr_gid;
 486 
 487         } else gid = usrdefs->defgroup;
 488 
 489         if (grps != NULL) {
 490                 if (!*grps)
 491                         /* ignore -G "" */
 492                         grps = (char *)0;
 493                 else if (!(gidlist = valid_lgroup(grps, gid)))
 494                         exit(EX_BADARG);
 495         }
 496 
 497         if (projects != NULL) {
 498                 if (! *projects)
 499                         projects = (char *)0;
 500                 else if (! (projlist = valid_lproject(projects)))
 501                         exit(EX_BADARG);
 502         }
 503 
 504         /* if base_dir is provided, check its validity; otherwise default */
 505         if (base_dir != NULL)
 506                 valid_input(BASEDIR, base_dir);
 507         else
 508                 base_dir = usrdefs->defparent;
 509 
 510         if (dir == NULL) {
 511                 /* set homedir to home directory made from base_dir */
 512                 (void) sprintf(homedir, "%s/%s", base_dir, logname);
 513 
 514         } else if (REL_PATH(dir)) {
 515                 errmsg(M_RELPATH, dir);
 516                 exit(EX_BADARG);
 517 
 518         } else
 519                 (void) strcpy(homedir, dir);
 520 
 521         if (mflag) {
 522                 /* Does home dir. already exist? */
 523                 if (stat(homedir, &statbuf) == 0) {
 524                         /* directory exists - don't try to create */
 525                         mflag = 0;
 526 
 527                         if (check_perm(statbuf, uid, gid, S_IXOTH) != 0)
 528                                 errmsg(M_NO_PERM, logname, homedir);
 529                 }
 530         }
 531         /*
 532          * if shell, skel_dir are provided, check their validity.
 533          * Otherwise default.
 534          */
 535         if (shell != NULL)
 536                 valid_input(SHELL, shell);
 537         else
 538                 shell = usrdefs->defshell;
 539 
 540         if (skel_dir != NULL)
 541                 valid_input(SKELDIR, skel_dir);
 542         else
 543                 skel_dir = usrdefs->defskel;
 544 
 545         if (inactstr != NULL) {
 546                 /* convert inactstr to integer */
 547                 inact = strtol(inactstr, &ptr, 10);
 548                 if (*ptr || inact < 0) {
 549                         errmsg(M_INVALID, inactstr, "inactivity period");
 550                         exit(EX_BADARG);
 551                 }
 552         } else inact = usrdefs->definact;
 553 
 554         /* expiration string is a date, newer than today */
 555         if (expirestr != NULL) {
 556                 if (*expirestr) {
 557                         if (valid_expire(expirestr, (time_t *)0) == INVALID) {
 558                                 errmsg(M_INVALID, expirestr, "expiration date");
 559                                 exit(EX_BADARG);
 560                         }
 561                         usrdefs->defexpire = expirestr;
 562                 } else
 563                         /* Unset the expiration date */
 564                         expirestr = (char *)0;
 565 
 566         } else expirestr = usrdefs->defexpire;
 567 
 568         import_def(usrdefs);
 569 
 570         /* must now call passmgmt */
 571 
 572         /* set up arguments to  passmgmt in nargv array */
 573         nargv = malloc((30 + nkeys * 2) * sizeof (char *));
 574         argindex = 0;
 575         nargv[argindex++] = PASSMGMT;
 576         nargv[argindex++] = "-a";       /* add */
 577 
 578         if (comment != NULL) {
 579                 /* comment */
 580                 nargv[argindex++] = "-c";
 581                 nargv[argindex++] = comment;
 582         }
 583 
 584         /* flags for home directory */
 585         nargv[argindex++] = "-h";
 586         nargv[argindex++] = homedir;
 587 
 588         /* set gid flag */
 589         nargv[argindex++] = "-g";
 590         (void) sprintf(gidstring, "%u", gid);
 591         nargv[argindex++] = gidstring;
 592 
 593         /* shell */
 594         nargv[argindex++] = "-s";
 595         nargv[argindex++] = shell;
 596 
 597         /* set inactive */
 598         nargv[argindex++] = "-f";
 599         (void) sprintf(inactstring, "%ld", inact);
 600         nargv[argindex++] = inactstring;
 601 
 602         /* set expiration date */
 603         if (expirestr != NULL) {
 604                 nargv[argindex++] = "-e";
 605                 nargv[argindex++] = expirestr;
 606         }
 607 
 608         /* set uid flag */
 609         nargv[argindex++] = "-u";
 610         (void) sprintf(uidstring, "%u", uid);
 611         nargv[argindex++] = uidstring;
 612 
 613         if (oflag) nargv[argindex++] = "-o";
 614 
 615         if (nkeys > 1)
 616                 addkey_args(nargv, &argindex);
 617 
 618         /* finally - login name */
 619         nargv[argindex++] = logname;
 620 
 621         /* set the last to null */
 622         nargv[argindex++] = NULL;
 623 
 624         /* now call passmgmt */
 625         ret = PEX_FAILED;
 626         /*
 627          * If call_passmgmt fails for any reason other than PEX_BADUID, exit
 628          * is invoked with an appropriate error message. If PEX_BADUID is
 629          * returned, then if the user specified the ID, exit is invoked
 630          * with an appropriate error message. Otherwise we try to pick a
 631          * different ID and try again. If we run out of IDs, i.e. no more
 632          * users can be created, then -1 is returned and we terminate via exit.
 633          * If PEX_BUSY is returned we increment a count, since we will stop
 634          * trying if PEX_BUSY reaches 3. For PEX_SUCCESS we immediately
 635          * terminate the loop.
 636          */
 637         while (busy < 3 && ret != PEX_SUCCESS) {
 638                 switch (ret = call_passmgmt(nargv)) {
 639                 case PEX_SUCCESS:
 640                         break;
 641                 case PEX_BUSY:
 642                         busy++;
 643                         break;
 644                 case PEX_HOSED_FILES:
 645                         errmsg(M_HOSED_FILES);
 646                         exit(EX_INCONSISTENT);
 647                         break;
 648 
 649                 case PEX_SYNTAX:
 650                 case PEX_BADARG:
 651                         /* should NEVER occur that passmgmt usage is wrong */
 652                         if (is_role(usertype))
 653                                 errmsg(M_ARUSAGE);
 654                         else
 655                                 errmsg(M_AUSAGE);
 656                         exit(EX_SYNTAX);
 657                         break;
 658 
 659                 case PEX_BADUID:
 660                         /*
 661                          * The uid has been taken. If it was specified by a
 662                          * user, then we must fail. Otherwise, keep trying
 663                          * to get a good uid until we run out of IDs.
 664                          */
 665                         if (uidstr != NULL) {
 666                                 errmsg(M_UID_USED, uid);
 667                                 exit(EX_ID_EXISTS);
 668                         } else {
 669                                 if (findnextuid(DEFRID+1, MAXUID, &uid) != 0) {
 670                                         errmsg(M_INVALID, "default id",
 671                                             "user id");
 672                                         exit(EX_ID_EXISTS);
 673                                 }
 674                                 (void) sprintf(uidstring, "%u", uid);
 675                         }
 676                         break;
 677 
 678                 case PEX_BADNAME:
 679                         /* invalid loname */
 680                         errmsg(M_USED, logname);
 681                         exit(EX_NAME_EXISTS);
 682                         break;
 683 
 684                 default:
 685                         errmsg(M_UPDATE, "created");
 686                         exit(ret);
 687                         break;
 688                 }
 689         }
 690         if (busy == 3) {
 691                 errmsg(M_UPDATE, "created");
 692                 exit(ret);
 693         }
 694 
 695         /* add group entry */
 696         if ((grps != NULL) && edit_group(logname, (char *)0, gidlist, 0)) {
 697                 errmsg(M_UPDATE, "created");
 698                 cleanup(logname);
 699                 exit(EX_UPDATE);
 700         }
 701 
 702         /* update project database */
 703         if ((projects != NULL) &&
 704             edit_project(logname, (char *)NULL, projlist, 0)) {
 705                 errmsg(M_UPDATE, "created");
 706                 cleanup(logname);
 707                 exit(EX_UPDATE);
 708         }
 709 
 710         /* create home directory */
 711         if (mflag) {
 712                 zfs_flags = get_default_zfs_flags();
 713 
 714                 if (zflag || mflag > 1)
 715                         zfs_flags |= MANAGE_ZFS;
 716                 else if (Zflag)
 717                         zfs_flags &= ~MANAGE_ZFS;
 718                 ret = create_home(homedir, skel_dir, uid, gid, zfs_flags);
 719         }
 720         if (ret != EX_SUCCESS) {
 721                 (void) edit_project(logname, (char *)NULL, (projid_t **)NULL,
 722                     0);
 723                 (void) edit_group(logname, (char *)0, (int **)0, 1);
 724                 cleanup(logname);
 725                 exit(EX_HOMEDIR);
 726         }
 727 
 728         return (ret);
 729 }
 730 
 731 static void
 732 cleanup(logname)
 733 char *logname;
 734 {
 735         char *nargv[4];
 736 
 737         nargv[0] = PASSMGMT;
 738         nargv[1] = "-d";
 739         nargv[2] = logname;
 740         nargv[3] = NULL;
 741 
 742         switch (call_passmgmt(nargv)) {
 743         case PEX_SUCCESS:
 744                 break;
 745 
 746         case PEX_SYNTAX:
 747                 /* should NEVER occur that passmgmt usage is wrong */
 748                 if (is_role(usertype))
 749                         errmsg(M_ARUSAGE);
 750                 else
 751                         errmsg(M_AUSAGE);
 752                 break;
 753 
 754         case PEX_BADUID:
 755                 /* uid is used - shouldn't happen but print message anyway */
 756                 errmsg(M_UID_USED, uid);
 757                 break;
 758 
 759         case PEX_BADNAME:
 760                 /* invalid loname */
 761                 errmsg(M_USED, logname);
 762                 break;
 763 
 764         default:
 765                 errmsg(M_UPDATE, "created");
 766                 break;
 767         }
 768 }
 769 
 770 /* Check the validity for shell, base_dir and skel_dir */
 771 
 772 void
 773 valid_input(path_opt_t opt, const char *input)
 774 {
 775         struct stat     statbuf;
 776 
 777         if (REL_PATH(input)) {
 778                 errmsg(M_RELPATH, input);
 779                 exit(EX_BADARG);
 780         }
 781         if (stat(input, &statbuf) == -1) {
 782                 errmsg(M_INVALID, input, "path");
 783                 exit(EX_BADARG);
 784         }
 785         if (opt == SHELL) {
 786                 if (!S_ISREG(statbuf.st_mode) ||
 787                     (statbuf.st_mode & 0555) != 0555) {
 788                         errmsg(M_INVALID, input, "shell");
 789                         exit(EX_BADARG);
 790                 }
 791         } else {
 792                 if (!S_ISDIR(statbuf.st_mode)) {
 793                         errmsg(M_INVALID, input, "directory");
 794                         exit(EX_BADARG);
 795                 }
 796         }
 797 }