#!/bin/sh #------------------------------------------------------------------------- # # createuser-- # Utility for creating a user in the PostgreSQL database # # Portions Copyright (c) 1996-2002, PostgreSQL Global Development Group # Portions Copyright (c) 1994, Regents of the University of California # # # IDENTIFICATION # $Header: /cvsroot/pgsql/src/bin/scripts/Attic/createuser,v 1.27 2002/10/16 03:24:09 momjian Exp $ # # Note - this should NOT be setuid. # #------------------------------------------------------------------------- CMDNAME=`basename "$0"` PATHNAME=`echo "$0" | sed "s,$CMDNAME\$,,"` NewUser= SysID= CanAddUser= CanCreateDb= PwPrompt= Password= PSQLOPT= Encrypted= # blank uses default # These handle spaces/tabs in identifiers _IFS="$IFS" NL=" " # Check for echo -n vs echo \c if echo '\c' | grep -s c >/dev/null 2>&1 then ECHO_N="echo -n" ECHO_C="" else ECHO_N="echo" ECHO_C='\c' fi while [ "$#" -gt 0 ] do case "$1" in --help|-\?) usage=t break ;; # options passed on to psql --host|-h) PSQLOPT="$PSQLOPT -h $2" shift;; -h*) PSQLOPT="$PSQLOPT $1" ;; --host=*) PSQLOPT="$PSQLOPT -h `echo \"$1\" | sed 's/^--host=//'`" ;; --port|-p) PSQLOPT="$PSQLOPT -p $2" shift;; -p*) PSQLOPT="$PSQLOPT $1" ;; --port=*) PSQLOPT="$PSQLOPT -p `echo \"$1\" | sed 's/^--port=//'`" ;; # Note: These two specify the user to connect as (like in psql), # not the user you're creating. --username|-U) PSQLOPT="$PSQLOPT -U $2" shift;; -U*) PSQLOPT="$PSQLOPT $1" ;; --username=*) PSQLOPT="$PSQLOPT -U `echo \"$1\" | sed 's/^--username=//'`" ;; --password|-W) PSQLOPT="$PSQLOPT -W" ;; --echo|-e) PSQLOPT="$PSQLOPT -e" ;; --quiet|-q) PSQLOPT="$PSQLOPT -o /dev/null" ;; # options converted into SQL command --createdb|-d) CanCreateDb=t ;; --no-createdb|-D) CanCreateDb=f ;; --adduser|-a) CanAddUser=t ;; --no-adduser|-A) CanAddUser=f ;; --sysid|-i) SysID="$2" shift;; --sysid=*) SysID=`echo "$1" | sed 's/^--sysid=//'` ;; --encrypted|-E) Encrypted=t ;; --unencrypted|-N) Encrypted=f ;; -i*) SysID=`echo "$1" | sed 's/^-i//'` ;; --pwprompt|--pw|-P) PwPrompt=t ;; -*) echo "$CMDNAME: invalid option: $1" 1>&2 echo "Try '$CMDNAME --help' for more information." 1>&2 exit 1 ;; *) NewUser="$1" if [ "$#" -ne 1 ]; then echo "$CMDNAME: invalid option: $2" 1>&2 echo "Try '$CMDNAME --help' for more information." 1>&2 exit 1 fi ;; esac shift; done if [ "$usage" ]; then echo "$CMDNAME creates a new PostgreSQL user." echo echo "Usage:" echo " $CMDNAME [options] [username]" echo echo "Options:" echo " -d, --createdb User can create new databases" echo " -D, --no-createdb User cannot create databases" echo " -a, --adduser User can add new users" echo " -A, --no-adduser User cannot add new users" echo " -i, --sysid=SYSID Select sysid for new user" echo " -P, --pwprompt Assign a password to new user" echo " -E, --encrypted Encrypt stored password" echo " -N, --unencrypted Do no encrypt stored password" echo " -h, --host=HOSTNAME Database server host" echo " -p, --port=PORT Database server port" echo " -U, --username=USERNAME Username to connect as (not the one to create)" echo " -W, --password Prompt for password to connect" echo " -e, --echo Show the query being sent to the backend" echo " -q, --quiet Don't write any messages" echo echo "If one of -d, -D, -a, -A, and 'username' is not specified, you will" echo "be prompted interactively." echo echo "Report bugs to ." exit 0 fi if [ "$SysID" ]; then if [ "$SysID" != "`echo $SysID | sed 's/[^0-9]//g'`" ]; then echo "$CMDNAME: user sysid must be a positive number" 1>&2 exit 1 fi fi # Don't want to leave the user blind if he breaks # during password entry. trap 'stty echo >/dev/null 2>&1' 1 2 3 15 # Get missing user attributes if [ -z "$NewUser" ]; then $ECHO_N "Enter name of user to add: "$ECHO_C IFS="$NL" read NewUser IFS="$_IFS" [ "$?" -ne 0 ] && exit 1 fi if [ "$PwPrompt" ]; then $ECHO_N "Enter password for user \"$NewUser\": "$ECHO_C stty -echo >/dev/null 2>&1 IFS="$NL" read FirstPw IFS="$_IFS" stty echo >/dev/null 2>&1 echo $ECHO_N "Enter it again: "$ECHO_C stty -echo >/dev/null 2>&1 IFS="$NL" read SecondPw IFS="$_IFS" stty echo >/dev/null 2>&1 echo if [ "$FirstPw" != "$SecondPw" ]; then echo "Passwords didn't match." 1>&2 exit 1 fi Password="$FirstPw" fi if [ -z "$CanCreateDb" ]; then $ECHO_N "Shall the new user be allowed to create databases? (y/n) "$ECHO_C read REPLY [ "$?" -ne 0 ] && exit 1 if [ "$REPLY" = "y" -o "$REPLY" = "Y" ]; then CanCreateDb=t else CanCreateDb=f fi fi if [ -z "$CanAddUser" ]; then $ECHO_N "Shall the new user be allowed to create more new users? (y/n) "$ECHO_C read REPLY [ "$?" -ne 0 ] && exit 1 if [ "$REPLY" = "y" -o "$REPLY" = "Y" ]; then CanAddUser=t else CanAddUser=f fi fi # # build SQL command # NewUser=`echo "$NewUser" | sed 's/\"/\\\"/g'` Password=`echo "$Password" | sed 's/\"/\\\"/g'` QUERY="CREATE USER \"$NewUser\"" SUBQUERY= [ "$SysID" ] && SUBQUERY="$SUBQUERY SYSID $SysID" [ "$Encrypted" = t ] && SUBQUERY="$SUBQUERY ENCRYPTED" [ "$Encrypted" = f ] && SUBQUERY="$SUBQUERY UNENCRYPTED" [ "$Password" ] && SUBQUERY="$SUBQUERY PASSWORD '$Password'" [ "$SUBQUERY" ] && QUERY="$QUERY WITH $SUBQUERY" [ "$CanCreateDb" = t ] && QUERY="$QUERY CREATEDB" [ "$CanCreateDb" = f ] && QUERY="$QUERY NOCREATEDB" [ "$CanAddUser" = t ] && QUERY="$QUERY CREATEUSER" [ "$CanAddUser" = f ] && QUERY="$QUERY NOCREATEUSER" ${PATHNAME}psql -c "SET autocommit = 'on';$QUERY" -d template1 $PSQLOPT if [ "$?" -ne 0 ]; then echo "$CMDNAME: creation of user \"$NewUser\" failed" 1>&2 exit 1 fi exit 0