--- loncom/Attic/lcuseradd	2005/04/07 22:27:52	1.36
+++ loncom/Attic/lcuseradd	2005/07/29 17:33:18	1.38
@@ -6,7 +6,7 @@
 #             with adding a user with filesystem privileges (e.g. author)
 #
 #
-# $Id: lcuseradd,v 1.36 2005/04/07 22:27:52 albertel Exp $
+# $Id: lcuseradd,v 1.38 2005/07/29 17:33:18 raeburn Exp $
 ###
 
 ###############################################################################
@@ -109,7 +109,8 @@ use File::Find;
 # (12,"Error. Something went wrong with the addition of user ".
 #     "\"$safeusername\"."),
 # (13,"Error. Password mismatch."),
-# (14, "Error filename is invalid")
+# (14, "Error filename is invalid"),
+# (15, "Error. Could not add home directory.")
 
 # ------------------------------------------------------------- Initializations
 # Security
@@ -241,43 +242,32 @@ print "enabling root\n" unless $noprint;
 # ---------------------------------- Start running script with root permissions
 &enable_root_capability;
 
-# ------------------- Add user and make www a member of the user-specific group
+# ------------------- Add group and user, and make www a member of the group
+# -- Add group
+
+print "adding group: $safeusername \n" unless $noprint;
+my $status = system('/usr/sbin/groupadd', $safeusername);
+if ($status) {
+    print "Error.  Something went wrong with the addition of group ".
+          "\"$safeusername\".\n" unless $noprint;
+    print "Final status of groupadd = $status\n";
+    unlink('/tmp/lock_lcpasswd');
+    &Exit(12);
+}
+my $gid = getgrnam($safeusername);
+                                                                                
 # -- Add user
 
 print "adding user: $safeusername \n" unless $noprint;
-my $status = system('/usr/sbin/useradd','-c','LON-CAPA user',$safeusername);
+my $status = system('/usr/sbin/useradd','-c','LON-CAPA user','-g',$gid,$safeusername);
 if ($status) {
     print "Error.  Something went wrong with the addition of user ".
 	  "\"$safeusername\".\n" unless $noprint;
-    print "Final status of useradd = $status";
-    unlink('/tmp/lock_lcpasswd');
-    &Exit(12);
-}
-my ($dmy1, $dmy2, $uid, $gid) = getpwnam($safeusername);
-my ($group) = getgrgid($gid);
-if (! $group) {
-    print "Error. The primary group of user \"$safeusername\" could not be".
-          "determined.\n" unless $noprint;
-    system("/usr/sbin/userdel -r $safeusername");
+    system("/usr/sbin/groupdel $safeusername");
+    print "Final status of useradd = $status\n";
     unlink('/tmp/lock_lcpasswd');
     &Exit(12);
 }
-if ($group != $safeusername) {
-   $status = system("/usr/sbin/groupadd -g $uid $safeusername");
-   if (! $status) {
-      $status = system("/usr/sbin/usermod -g $uid $safeusername");
-      if ($status) {
-         system("/usr/sbin/groupdel $safeusername");
-      }
-   }
-   if ($status) {
-      print "Error.  Something went wrong with the addition of user ".
-            "\"$safeusername\".\n" unless $noprint;
-      system("/usr/sbin/userdel -r $safeusername");
-      unlink('/tmp/lock_lcpasswd');
-      &Exit(12);
-   }
-}
 
 print "Done adding user\n" unless $noprint;
 # Make www a member of that user group.
@@ -289,7 +279,7 @@ chomp $groups; $groups=~s/^\S+\s+\:\s+//
 my @grouplist=split(/\s+/,$groups);
 my @ugrouplist=grep {!/www|$safeusername/} @grouplist;
 my $gl=join(',',(@ugrouplist,$safeusername));
-print "Putting user in its own group\n" unless $noprint;
+print "Putting www in user's group\n" unless $noprint;
 if (system('/usr/sbin/usermod','-G',$gl,'www')) {
     print "Error. Could not make www a member of the group ".
 	  "\"$safeusername\".\n" unless $noprint;
@@ -319,17 +309,26 @@ if ($?) {
 ($>,$<)=($wwwid,0);
 &enable_root_capability;
 
-# -- Don't add public_html... that can be added either by the user
-#    or by lchtmldir when the user is granted an authorship role.
+# Check if home directory exists for user
+# If not, create one.
+if (!-e "/home/$safeusername") {
+    if (!mkdir("/home/$safeusername",0710)) {
+        print "Error. Could not add home directory for ".
+          "\"$safeusername\".\n" unless $noprint;
+        unlink('/tmp/lock_lcpasswd');
+        &Exit(15);
+    }
+}
 
 # ------------------------------ Make final modifications to the user directory
 # -- Add a public_html file with a stand-in index.html file
 
- system('/bin/chmod','-R','0660',"/home/$safeusername");
-system('/bin/chmod','0710',"/home/$safeusername");
-mkdir "/home/$safeusername/public_html",0755;
-open OUT,">/home/$safeusername/public_html/index.html";
-print OUT<<END;
+if (-d "/home/$safeusername") {
+    system('/bin/chmod','-R','0660',"/home/$safeusername");
+    system('/bin/chmod','0710',"/home/$safeusername");
+    mkdir "/home/$safeusername/public_html",0755;
+    open OUT,">/home/$safeusername/public_html/index.html";
+    print OUT<<END;
 <html>
 <head>
 <title>$safeusername</title>
@@ -341,6 +340,7 @@ print OUT<<END;
 </html>
 END
 close OUT;
+}
 
 #
 #   In order to allow the loncapa daemons appropriate access
@@ -480,6 +480,10 @@ sub set_public_html_permissions {
 sub Exit {
     my ($code) = @_;		# Status code.
 
+    # TODO: Ensure the error file is owned/deletable by www:www:
+
+    &disable_root_capability();	# We run unprivileged to write the error file.
+
     print "Exiting with status $code error file is $error_file\n" unless $noprint;
     if($error_file) {
 	open(FH, ">$error_file");