struct Libcrown

Overview

Safe High level API to manipulate users, groups and passwords from /etc/passwd, /etc/group and /etc/shadow.

It's highly recommended to use this wrapper for any manipulation. #users, #groups and #passwords getters have to be considered read-only.

require "libcrown"

# Root permissions are needed
libcrown = Libcrown.new

# Add a new group
libcrown.add_group Libcrown::Group.new("new_group"), 100_u32

# Add a new user with `new_group` as its main group
new_user = Libcrown::User.new(
  name: "new_user",
  gid: 100_u32,
  gecos_comment: "This is a newly created user",
  home_directory: "/home/new_user",
  login_shell: "/bin/sh",
)
libcrown.add_user new_user

# Save the modifications to the disk
libcrown.write

Defined in:

password_state.cr
libcrown.cr

Constructors

Class Method Summary

Instance Method Summary

Constructor Detail

def self.new(shadow_file : Path? = Path["/etc/shadow"], passwd_file : Path? = Path["/etc/passwd"], group_file : Path? = Path["/etc/group"]) #

Requires root permissions to read the shadow file and write passwd and group files As non-root, to only read passwd and group files

libcrown = Libcrown.new nil

[View source]
def self.new(shadow : String = "", passwd : String = "", group : String = "") #

Parse shadow, passwd and group files from strings.


[View source]

Class Method Detail

def self.validate_name(name : String) : Nil #

Validates a name for use as user or group name.


[View source]

Instance Method Detail

def add_group(group_entry : Group, gid : UInt32 = available_gid) : UInt32 #

Add a new group.


[View source]
def add_group_member(uid : UInt32, gid : UInt32) : Set(String) #

Adds/ensure an user is member of the group. Not needed if the group is the main one of the user.


[View source]
def add_user(user_entry : User, uid : UInt32 = available_uid, password_entry : Password = Password.new) : UInt32 #

Adds a new user along, to an existing group.


[View source]
def available_gid(start : UInt32 = 0_u32) : UInt32 #

Returns the first available gid.


[View source]
def available_id(start : UInt32 = 0_u32) : UInt32 #

Finds the first available user and group id.


[View source]
def available_uid(start : UInt32 = 0_u32) : UInt32 #

Returns the first available uid.


[View source]
def build_group : String #

Builds #groups to group.


[View source]
def build_passwd : String #

Builds #users to passwd.


[View source]
def build_shadow : String #

Builds #passwords to shadow.


[View source]
def change_password(uid : UInt32, password : Password) : Password #

Change the user's password entry.


[View source]
def check_available_gid(id : UInt32) : UInt32 #

Raise if the gid is taken.


[View source]
def check_available_group(name : String) : String #

Raise if the group name is taken.


[View source]
def check_available_id(id : UInt32) : UInt32 #

Raise if an id is taken.


[View source]
def check_available_name(name : String) : String #

Raise if the name is taken.


[View source]
def check_available_uid(id : UInt32) : UInt32 #

Raise if the uid is taken.


[View source]
def check_available_user(name : String) : String #

Raise if the user name is taken.


[View source]
def del_group(gid : UInt32) : Group? #

Deletes a group.


[View source]
def del_group_member(uid : UInt32, gid : UInt32) : Set(String) #

Delete?/ensure an user isn't a member of the group.


[View source]
def del_user(uid : UInt32, del_group : Bool = false) : User? #

Delete an user and optionally with its main group, returns the deleted User.


[View source]
def get_password(uid : UInt32) : Password #

Get the user's password entry.


[View source]
def group_file : Path? #

Group file, commonly stored in /etc/group.


[View source]
def groups : Hash(UInt32, Group) #

System groups. Modifying it directly is unsafe.


[View source]
def passwd_file : Path? #

User file, commonly stored in /etc/passwd.


[View source]
def passwords : Hash(String, Password) #

User's passwords. Modifying it directly is unsafe.


[View source]
def shadow_file : Path? #

Password file, commonly stored in /etc/shadow.


[View source]
def to_gid(name : String, &block) #

Yields each gid matching the name.


[View source]
def to_gid(name : String) : UInt32 #

Returns an gid matching the name, else raise.


[View source]
def to_gid?(name : String) : UInt32? #

Returns an gid matching the name, if any.


[View source]
def to_uid(name : String, &block) #

Yields each uid matching the name.


[View source]
def to_uid(name : String) : UInt32 #

Returns an uid matching the name, else raise.


[View source]
def to_uid?(name : String) : UInt32? #

Returns an uid matching the name, if any.


[View source]
def user_group_member?(uid : UInt32, gid : UInt32) : Bool #

Returns true if the user is a member of the group or if the group is primary one of the user.


[View source]
def users : Hash(UInt32, User) #

System users. Modifying it directly is unsafe.


[View source]
def write : Nil #

Save the state by writing the files to the file system.


[View source]