newusers: allow not passing a password

A possible use case for this is wanting to add subuid/subgid entries for
an existing user. This change makes it possible to pass `username::::::`
to newusers; the empty password will be ignored an everything else will
be done. Currently this fails miserably, as PAM errors out on a empty
password.

Signed-off-by: Antonio Terceiro <terceiro@debian.org>

diff --git a/man/newusers.8.xml b/man/newusers.8.xml
index e0380608c9e3d70e0a73780e545a2d217d4926d9..7fff1a8c1fb90c6c4eb7cc7edf207e8c5d530e91 100644 (file)
--- a/man/newusers.8.xml
+++ b/man/newusers.8.xml
@@ -107,8 +107,9 @@
        </term>
        <listitem>
          <para>
-           This field will be encrypted and used as the new value of the
-           encrypted password.
+           If this field is not empty,
+           it will be encrypted
+           and used as the new value of the encrypted password.
          </para>
        </listitem>
       </varlistentry>

diff --git a/src/newusers.c b/src/newusers.c
index ead83509e637120700982f0ca286606bb071cf76..1320421fca78eb99dee89f3c812629cfd779e238 100644 (file)
--- a/src/newusers.c
+++ b/src/newusers.c
@@ -1204,7 +1204,7 @@ int main (int argc, char **argv)
                usernames[nusers-1] = xstrdup(fields[0]);
                passwords[nusers-1] = xstrdup(fields[1]);
 #endif                         /* USE_PAM */
-               if (add_passwd (&newpw, fields[1]) != 0) {
+               if (!streq(fields[1], "") && add_passwd(&newpw, fields[1]) != 0) {
                        fprintf (stderr,
                                 _("%s: line %jd: can't update password\n"),
                                 Prog, line);
@@ -1321,6 +1321,8 @@ int main (int argc, char **argv)
 #ifdef USE_PAM
        /* Now update the passwords using PAM */
        for (size_t i = 0; i < nusers; i++) {
+               if (streq(passwords[i], ""))
+                       continue;
                if (do_pam_passwd_non_interactive ("newusers", usernames[i], passwords[i]) != 0) {
                        fprintf (stderr,
                                 _("%s: (line %jd, user %s) password not changed\n"),