From a6f5520d1ad1bfecddbd3000592f9b60e43fab33 Mon Sep 17 00:00:00 2001 From: Antonio Terceiro Date: Sun, 24 Aug 2025 10:59:07 -0300 Subject: [PATCH] newusers: allow not passing a password A possible use case for this is wanting to add subuid/subgid entries for an existing user. This change makes it possible to pass `username::::::` to newusers; the empty password will be ignored an everything else will be done. Currently this fails miserably, as PAM errors out on a empty password. Signed-off-by: Antonio Terceiro --- man/newusers.8.xml | 5 +++-- src/newusers.c | 4 +++- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/man/newusers.8.xml b/man/newusers.8.xml index e0380608c..7fff1a8c1 100644 --- a/man/newusers.8.xml +++ b/man/newusers.8.xml @@ -107,8 +107,9 @@ - This field will be encrypted and used as the new value of the - encrypted password. + If this field is not empty, + it will be encrypted + and used as the new value of the encrypted password. diff --git a/src/newusers.c b/src/newusers.c index ead83509e..1320421fc 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -1204,7 +1204,7 @@ int main (int argc, char **argv) usernames[nusers-1] = xstrdup(fields[0]); passwords[nusers-1] = xstrdup(fields[1]); #endif /* USE_PAM */ - if (add_passwd (&newpw, fields[1]) != 0) { + if (!streq(fields[1], "") && add_passwd(&newpw, fields[1]) != 0) { fprintf (stderr, _("%s: line %jd: can't update password\n"), Prog, line); @@ -1321,6 +1321,8 @@ int main (int argc, char **argv) #ifdef USE_PAM /* Now update the passwords using PAM */ for (size_t i = 0; i < nusers; i++) { + if (streq(passwords[i], "")) + continue; if (do_pam_passwd_non_interactive ("newusers", usernames[i], passwords[i]) != 0) { fprintf (stderr, _("%s: (line %jd, user %s) password not changed\n"), -- 2.47.3