#!perl

# Note: This script is a CLI interface
# and generated automatically using App::GenPericmdScript version 0.13

our $DATE = '2015-09-03'; # DATE
our $DIST = 'App-upf'; # DIST
our $VERSION = '0.04'; # VERSION

use 5.010001;
use strict;
use warnings;

use Perinci::CmdLine::Any;

Perinci::CmdLine::Any->new(
    url => "/Unix/Passwd/File/",
    subcommands => {
        "add-delete-user-groups" => {
                                        summary => "Add or delete user from one or several groups",
                                        url => "/Unix/Passwd/File/add_delete_user_groups",
                                    },
        "add-group"              => { summary => "Add a new group", url => "/Unix/Passwd/File/add_group" },
        "add-user"               => { summary => "Add a new user", url => "/Unix/Passwd/File/add_user" },
        "add-user-to-group"      => {
                                        summary => "Add user to a group",
                                        url => "/Unix/Passwd/File/add_user_to_group",
                                    },
        "delete-group"           => {
                                        summary => "Delete a group",
                                        url => "/Unix/Passwd/File/delete_group",
                                    },
        "delete-user"            => { summary => "Delete a user", url => "/Unix/Passwd/File/delete_user" },
        "delete-user-from-group" => {
                                        summary => "Delete user from a group",
                                        url => "/Unix/Passwd/File/delete_user_from_group",
                                    },
        "get-group"              => {
                                        summary => "Get group details by group name or gid",
                                        url => "/Unix/Passwd/File/get_group",
                                    },
        "get-max-gid"            => {
                                        summary => "Get maximum GID used",
                                        url => "/Unix/Passwd/File/get_max_gid",
                                    },
        "get-max-uid"            => {
                                        summary => "Get maximum UID used",
                                        url => "/Unix/Passwd/File/get_max_uid",
                                    },
        "get-user"               => {
                                        summary => "Get user details by username or uid",
                                        url => "/Unix/Passwd/File/get_user",
                                    },
        "get-user-groups"        => {
                                        summary => "Return groups which the user belongs to",
                                        url => "/Unix/Passwd/File/get_user_groups",
                                    },
        "group-exists"           => {
                                        summary => "Check whether group exists",
                                        url => "/Unix/Passwd/File/group_exists",
                                    },
        "is-member"              => {
                                        summary => "Check whether user is member of a group",
                                        url => "/Unix/Passwd/File/is_member",
                                    },
        "list-groups"            => {
                                        summary => "List Unix groups in group file",
                                        url => "/Unix/Passwd/File/list_groups",
                                    },
        "list-users"             => {
                                        summary => "List Unix users in passwd file",
                                        url => "/Unix/Passwd/File/list_users",
                                    },
        "list-users-and-groups"  => {
                                        summary => "List Unix users and groups in passwd/group files",
                                        url => "/Unix/Passwd/File/list_users_and_groups",
                                    },
        "modify-group"           => {
                                        summary => "Modify an existing group",
                                        url => "/Unix/Passwd/File/modify_group",
                                    },
        "modify-user"            => {
                                        summary => "Modify an existing user",
                                        url => "/Unix/Passwd/File/modify_user",
                                    },
        "set-user-groups"        => {
                                        summary => "Set the groups that a user is member of",
                                        url => "/Unix/Passwd/File/set_user_groups",
                                    },
        "set-user-password"      => {
                                        summary => "Set user's password",
                                        url => "/Unix/Passwd/File/set_user_password",
                                    },
        "user-exists"            => {
                                        summary => "Check whether user exists",
                                        url => "/Unix/Passwd/File/user_exists",
                                    },
    },
)->run;

# ABSTRACT: Manipulate /etc/{passwd,shadow,group,gshadow} entries
# PODNAME: upf

__END__

=pod

=encoding UTF-8

=head1 NAME

upf - Manipulate /etc/{passwd,shadow,group,gshadow} entries

=head1 VERSION

This document describes version 0.04 of upf (from Perl distribution App-upf), released on 2015-09-03.

=head1 SYNOPSIS

Usage:

 % upf add-delete-user-groups [options] <user>
 % upf add-group [options] <group>
 % upf add-user [options] <user>
 % upf add-user-to-group [options] <user> <group>
 % upf delete-group [options] <group>
 % upf delete-user [options] <user>
 % upf delete-user-from-group [options] <user> <group>
 % upf get-group [options]
 % upf get-max-gid [options]
 % upf get-max-uid [options]
 % upf get-user [options]
 % upf get-user-groups [options] <user>
 % upf group-exists [options]
 % upf is-member [options] <user> <group>
 % upf list-groups [options]
 % upf list-users [options]
 % upf list-users-and-groups [options]
 % upf modify-group [options] <group>
 % upf modify-user [options] <user>
 % upf set-user-groups [options] <user> <groups>...
 % upf set-user-password [options] <user> <pass>
 % upf user-exists [options]

=head1 SUBCOMMANDS

=head2 B<add-delete-user-groups>

Add or delete user from one or several groups.

This can be used to reduce several C<add_user_to_group()> and/or
C<delete_user_from_group()> calls to a single call. So:

 add_delete_user_groups(user=>'u',add_to=>['a','b'],delete_from=>['c','d']);

is equivalent to:

 add_user_to_group     (user=>'u', group=>'a');
 add_user_to_group     (user=>'u', group=>'b');
 delete_user_from_group(user=>'u', group=>'c');
 delete_user_from_group(user=>'u', group=>'d');

except that C<add_delete_user_groups()> does it in one pass.


=head2 B<add-group>

Add a new group.

=head2 B<add-user>

Add a new user.

=head2 B<add-user-to-group>

Add user to a group.

=head2 B<delete-group>

Delete a group.

=head2 B<delete-user>

Delete a user.

=head2 B<delete-user-from-group>

Delete user from a group.

=head2 B<get-group>

Get group details by group name or gid.

Either C<group> OR C<gid> must be specified.

The function is not dissimilar to Unix's C<getgrnam()> or C<getgrgid()>.


=head2 B<get-max-gid>

Get maximum GID used.

=head2 B<get-max-uid>

Get maximum UID used.

=head2 B<get-user>

Get user details by username or uid.

Either C<user> OR C<uid> must be specified.

The function is not dissimilar to Unix's C<getpwnam()> or C<getpwuid()>.


=head2 B<get-user-groups>

Return groups which the user belongs to.

=head2 B<group-exists>

Check whether group exists.

=head2 B<is-member>

Check whether user is member of a group.

=head2 B<list-groups>

List Unix groups in group file.

=head2 B<list-users>

List Unix users in passwd file.

=head2 B<list-users-and-groups>

List Unix users and groups in passwd/group files.

This is basically C<list_users()> and C<list_groups()> combined, so you can get
both data in a single call. Data is returned in an array. Users list is in the
first element, groups list in the second.


=head2 B<modify-group>

Modify an existing group.

Specify arguments to modify corresponding fields. Unspecified fields will not be
modified.


=head2 B<modify-user>

Modify an existing user.

Specify arguments to modify corresponding fields. Unspecified fields will not be
modified.


=head2 B<set-user-groups>

Set the groups that a user is member of.

=head2 B<set-user-password>

Set user's password.

=head2 B<user-exists>

Check whether user exists.

=head1 OPTIONS

C<*> marks required options.

=head2 Common options

=over

=item B<--config-path>=I<filename>

Set path to configuration file.

Can be specified multiple times.

=item B<--config-profile>=I<s>

Set configuration profile to use.

=item B<--etc-dir>=I<s>

Specify location of passwd files.

Default value:

 "/etc"

=item B<--format>=I<s>

Choose output format, e.g. json, text.

Default value:

 undef

=item B<--help>, B<-h>, B<-?>

Display help message and exit.

=item B<--json>

Set output format to json.

=item B<--naked-res>

When outputing as JSON, strip result envelope.

Default value:

 0

By default, when outputing as JSON, the full enveloped result is returned, e.g.:

    [200,"OK",[1,2,3],{"func.extra"=>4}]

The reason is so you can get the status (1st element), status message (2nd
element) as well as result metadata/extra result (4th element) instead of just
the result (3rd element). However, sometimes you want just the result, e.g. when
you want to pipe the result for more post-processing. In this case you can use
`--naked-res` so you just get:

    [1,2,3]


=item B<--no-config>

Do not use any configuration file.

=item B<--no-env>

Do not read environment for default options.

=item B<--subcommands>

List available subcommands.

=item B<--version>, B<-v>

Display program's version and exit.

=back

=head2 Options for subcommand add-delete-user-groups

=over

=item B<--add-to-json>=I<unix_group>

List of group names to add the user as member of (JSON-encoded).

See C<--add-to>.

=item B<--add-to>=I<unix_group>

List of group names to add the user as member of.

Default value:

 []

Can be specified multiple times.

=item B<--delete-from-json>=I<unix_group>

List of group names to remove the user as member of (JSON-encoded).

See C<--delete-from>.

=item B<--delete-from>=I<unix_group>

List of group names to remove the user as member of.

Default value:

 []

Can be specified multiple times.

=item B<--user>=I<unix_user>*

=back

=head2 Options for subcommand add-group

=over

=item B<--backup>

Whether to backup when modifying files.

Backup is written with `.bak` extension in the same directory. Unmodified file
will not be backed up. Previous backup will be overwritten.


=item B<--gid>=I<i>

Pick a specific new GID.

Adding a new group with duplicate GID is allowed.


=item B<--group>=I<s>*

=item B<--max-gid>=I<i>

Pick a range for new GID.

Default value:

 65535

If a free GID between `min_gid` and `max_gid` is not found, error 412 is
returned.


=item B<--members-json>=I<s>

Fill initial members (JSON-encoded).

See C<--members>.

=item B<--members>=I<s>

Fill initial members.

=item B<--min-gid>=I<i>

Pick a range for new GID.

Default value:

 1000

If a free GID between `min_gid` and `max_gid` is not found, error 412 is
returned.


=back

=head2 Options for subcommand add-user

=over

=item B<--backup>

Whether to backup when modifying files.

Backup is written with `.bak` extension in the same directory. Unmodified file
will not be backed up. Previous backup will be overwritten.


=item B<--encpass>=I<s>

Encrypted password.

=item B<--expire-date>=I<i>

The date of expiration of the account, expressed as the number of days since Jan 1, 1970.

=item B<--gecos>=I<s>

Usually, it contains the full username.

=item B<--gid>=I<i>

Pick a specific GID when creating group.

Duplicate GID is allowed.


=item B<--group>=I<unix_group>

Select primary group (default is group with same name as user).

Normally, a user's primary group with group with the same name as user, which
will be created if does not already exist. You can pick another group here,
which must already exist (and in this case, the group with the same name as user
will not be created).


=item B<--home>=I<s>

User's home directory.

=item B<--last-pwchange>=I<i>

The date of the last password change, expressed as the number of days since Jan 1, 1970..

=item B<--max-gid>=I<i>

Pick a range for GID when creating group.

=item B<--max-pass-age>=I<i>

The number of days after which the user will have to change her password.

=item B<--max-uid>=I<i>

Pick a range for new UID.

Default value:

 65535

If a free UID between `min_uid` and `max_uid` is not found, error 412 is
returned.


=item B<--min-gid>=I<i>

Pick a range for GID when creating group.

=item B<--min-pass-age>=I<i>

The number of days the user will have to wait before she will be allowed to change her password again.

=item B<--min-uid>=I<i>

Pick a range for new UID.

Default value:

 1000

If a free UID between `min_uid` and `max_uid` is not found, error 412 is
returned.


=item B<--pass-inactive-period>=I<i>

The number of days after a password has expired (see max_pass_age) during which the password should still be accepted (and user should update her password during the next login).

=item B<--pass-warn-period>=I<i>

The number of days before a password is going to expire (see max_pass_age) during which the user should be warned.

=item B<--pass>=I<s>

Password, generally should be "x" which means password is encrypted in shadow.

=item B<--shell>=I<s>

User's shell.

=item B<--uid>=I<i>

Pick a specific new UID.

Adding a new user with duplicate UID is allowed.


=item B<--user>=I<s>*

=back

=head2 Options for subcommand add-user-to-group

=over

=item B<--group>=I<unix_group>*

=item B<--user>=I<unix_user>*

=back

=head2 Options for subcommand delete-group

=over

=item B<--backup>

Whether to backup when modifying files.

Backup is written with `.bak` extension in the same directory. Unmodified file
will not be backed up. Previous backup will be overwritten.


=item B<--group>=I<unix_group>*

=back

=head2 Options for subcommand delete-user

=over

=item B<--backup>

Whether to backup when modifying files.

Backup is written with `.bak` extension in the same directory. Unmodified file
will not be backed up. Previous backup will be overwritten.


=item B<--user>=I<unix_user>*

=back

=head2 Options for subcommand delete-user-from-group

=over

=item B<--group>=I<unix_group>*

=item B<--user>=I<unix_user>*

=back

=head2 Options for subcommand get-group

=over

=item B<--gid>=I<unix_gid>

=item B<--group>=I<unix_user>

=item B<--without-field-names>

By default, a hashref is returned containing field names and its values, e.g.
`{group=>"titin", pass=>"x", gid=>500, ...}`. With `with_field_names=>0`, an
arrayref is returned instead: `["titin", "x", 500, ...]`.


=back

=head2 Options for subcommand get-user

=over

=item B<--uid>=I<unix_uid>

=item B<--user>=I<unix_user>

=item B<--without-field-names>

By default, a hashref is returned containing field names and its values, e.g.
`{user=>"titin", pass=>"x", uid=>500, ...}`. With `with_field_names=>0`, an
arrayref is returned instead: `["titin", "x", 500, ...]`.


=back

=head2 Options for subcommand get-user-groups

=over

=item B<--detail>

If true, return all fields instead of just group names.

=item B<--user>=I<unix_user>*

=item B<--without-field-names>

By default, when `detail=>1`, a hashref is returned for each entry containing
field names and its values, e.g. `{group=>"titin", pass=>"x", gid=>500, ...}`.
With `with_field_names=>0`, an arrayref is returned instead: `["titin", "x",
500, ...]`.


=back

=head2 Options for subcommand group-exists

=over

=item B<--gid>=I<unix_gid>

=item B<--group>=I<unix_group>

=back

=head2 Options for subcommand is-member

=over

=item B<--group>=I<unix_group>*

=item B<--user>=I<unix_user>*

=back

=head2 Options for subcommand list-groups

=over

=item B<--detail>

If true, return all fields instead of just group names.

=item B<--without-field-names>

By default, when `detail=>1`, a hashref is returned for each entry containing
field names and its values, e.g. `{group=>"titin", pass=>"x", gid=>500, ...}`.
With `with_field_names=>0`, an arrayref is returned instead: `["titin", "x",
500, ...]`.


=back

=head2 Options for subcommand list-users

=over

=item B<--detail>

If true, return all fields instead of just usernames.

=item B<--without-field-names>

By default, when `detail=>1`, a hashref is returned for each entry containing
field names and its values, e.g. `{user=>"titin", pass=>"x", uid=>500, ...}`.
With `with_field_names=>0`, an arrayref is returned instead: `["titin", "x",
500, ...]`.


=back

=head2 Options for subcommand list-users-and-groups

=over

=item B<--detail>

If true, return all fields instead of just names.

=item B<--without-field-names>

=back

=head2 Options for subcommand modify-group

=over

=item B<--admins>=I<s>

It must be a comma-separated list of user names, or empty.

=item B<--backup>

Whether to backup when modifying files.

Backup is written with `.bak` extension in the same directory. Unmodified file
will not be backed up. Previous backup will be overwritten.


=item B<--encpass>=I<s>

Encrypted password.

=item B<--gid>=I<unix_gid>

Numeric group ID.

=item B<--group>=I<unix_group>*

Group name.

=item B<--members>=I<s>

List of usernames that are members of this group, separated by commas.

=item B<--pass>=I<s>

Password, generally should be "x" which means password is encrypted in gshadow.

=back

=head2 Options for subcommand modify-user

=over

=item B<--backup>

Whether to backup when modifying files.

Backup is written with `.bak` extension in the same directory. Unmodified file
will not be backed up. Previous backup will be overwritten.


=item B<--encpass>=I<s>

Encrypted password.

=item B<--expire-date>=I<i>

The date of expiration of the account, expressed as the number of days since Jan 1, 1970.

=item B<--gecos>=I<s>

Usually, it contains the full username.

=item B<--gid>=I<unix_gid>

Numeric primary group ID for this user.

=item B<--home>=I<s>

User's home directory.

=item B<--last-pwchange>=I<i>

The date of the last password change, expressed as the number of days since Jan 1, 1970..

=item B<--max-pass-age>=I<i>

The number of days after which the user will have to change her password.

=item B<--min-pass-age>=I<i>

The number of days the user will have to wait before she will be allowed to change her password again.

=item B<--pass-inactive-period>=I<i>

The number of days after a password has expired (see max_pass_age) during which the password should still be accepted (and user should update her password during the next login).

=item B<--pass-warn-period>=I<i>

The number of days before a password is going to expire (see max_pass_age) during which the user should be warned.

=item B<--shell>=I<s>

User's shell.

=item B<--uid>=I<unix_uid>

Numeric user ID.

=item B<--user>=I<unix_user>*

User (login) name.

=back

=head2 Options for subcommand set-user-groups

=over

=item B<--groups-json>=I<unix_group>

List of group names that user is member of (JSON-encoded).

See C<--groups>.

=item B<--groups>=I<unix_group>*

List of group names that user is member of.

Default value:

 []

Aside from this list, user will not belong to any other group.


Can be specified multiple times.

=item B<--user>=I<unix_user>*

=back

=head2 Options for subcommand set-user-password

=over

=item B<--backup>

Whether to backup when modifying files.

Backup is written with `.bak` extension in the same directory. Unmodified file
will not be backed up. Previous backup will be overwritten.


=item B<--pass>=I<s>*

=item B<--user>=I<unix_user>*

=back

=head2 Options for subcommand user-exists

=over

=item B<--uid>=I<unix_uid>

=item B<--user>=I<unix_user>

=back

=head1 COMPLETION

This script has shell tab completion capability with support for several
shells.

=head2 bash

To activate bash completion for this script, put:

 complete -C upf upf

in your bash startup (e.g. C<~/.bashrc>). Your next shell session will then
recognize tab completion for the command. Or, you can also directly execute the
line above in your shell to activate immediately.

It is recommended, however, that you install L<shcompgen> which allows you to
activate completion scripts for several kinds of scripts on multiple shells.
Some CPAN distributions (those that are built with
L<Dist::Zilla::Plugin::GenShellCompletion>) will even automatically enable shell
completion for their included scripts (using C<shcompgen>) at installation time,
so you can immadiately have tab completion.

=head2 tcsh

To activate tcsh completion for this script, put:

 complete upf 'p/*/`upf`/'

in your tcsh startup (e.g. C<~/.tcshrc>). Your next shell session will then
recognize tab completion for the command. Or, you can also directly execute the
line above in your shell to activate immediately.

It is also recommended to install C<shcompgen> (see above).

=head2 other shells

For fish and zsh, install C<shcompgen> as described above.

=head1 ENVIRONMENT

=head2 UPF_OPT => str

Specify additional command-line options

=head1 CONFIGURATION FILE

This script can read configuration file, which by default is searched at C<~/.config/upf.conf>, C<~/upf.conf> or C</etc/upf.conf> (can be changed by specifying C<--config-path>). All found files will be read and merged.

To disable searching for configuration files, pass C<--no-config>.

Configuration file is in the format of L<IOD>, which is basically INI with some extra features. Section names map to subcommand names. 

You can put multiple profiles in a single file by using section names like C<[profile=SOMENAME]> or C<[SUBCOMMAND_NAME profile=SOMENAME]>. Those sections will only be read if you specify the matching C<--config-profile SOMENAME>.

List of available configuration parameters:

=head2 Common for all subcommands

 etc_dir (see --etc-dir)
 format (see --format)
 naked_res (see --naked-res)

=head2 For subcommand 'add-delete-user-groups'

 add_to (see --add-to)
 delete_from (see --delete-from)
 user (see --user)

=head2 For subcommand 'add-group'

 backup (see --backup)
 gid (see --gid)
 group (see --group)
 max_gid (see --max-gid)
 members (see --members)
 min_gid (see --min-gid)

=head2 For subcommand 'add-user'

 backup (see --backup)
 encpass (see --encpass)
 expire_date (see --expire-date)
 gecos (see --gecos)
 gid (see --gid)
 group (see --group)
 home (see --home)
 last_pwchange (see --last-pwchange)
 max_gid (see --max-gid)
 max_pass_age (see --max-pass-age)
 max_uid (see --max-uid)
 min_gid (see --min-gid)
 min_pass_age (see --min-pass-age)
 min_uid (see --min-uid)
 pass (see --pass)
 pass_inactive_period (see --pass-inactive-period)
 pass_warn_period (see --pass-warn-period)
 shell (see --shell)
 uid (see --uid)
 user (see --user)

=head2 For subcommand 'add-user-to-group'

 group (see --group)
 user (see --user)

=head2 For subcommand 'delete-group'

 backup (see --backup)
 group (see --group)

=head2 For subcommand 'delete-user'

 backup (see --backup)
 user (see --user)

=head2 For subcommand 'delete-user-from-group'

 group (see --group)
 user (see --user)

=head2 For subcommand 'get-group'

 gid (see --gid)
 group (see --group)
 with_field_names (see --without-field-names)

=head2 For subcommand 'get-max-gid'


=head2 For subcommand 'get-max-uid'


=head2 For subcommand 'get-user'

 uid (see --uid)
 user (see --user)
 with_field_names (see --without-field-names)

=head2 For subcommand 'get-user-groups'

 detail (see --detail)
 user (see --user)
 with_field_names (see --without-field-names)

=head2 For subcommand 'group-exists'

 gid (see --gid)
 group (see --group)

=head2 For subcommand 'is-member'

 group (see --group)
 user (see --user)

=head2 For subcommand 'list-groups'

 detail (see --detail)
 with_field_names (see --without-field-names)

=head2 For subcommand 'list-users'

 detail (see --detail)
 with_field_names (see --without-field-names)

=head2 For subcommand 'list-users-and-groups'

 detail (see --detail)
 with_field_names (see --without-field-names)

=head2 For subcommand 'modify-group'

 admins (see --admins)
 backup (see --backup)
 encpass (see --encpass)
 gid (see --gid)
 group (see --group)
 members (see --members)
 pass (see --pass)

=head2 For subcommand 'modify-user'

 backup (see --backup)
 encpass (see --encpass)
 expire_date (see --expire-date)
 gecos (see --gecos)
 gid (see --gid)
 home (see --home)
 last_pwchange (see --last-pwchange)
 max_pass_age (see --max-pass-age)
 min_pass_age (see --min-pass-age)
 pass_inactive_period (see --pass-inactive-period)
 pass_warn_period (see --pass-warn-period)
 shell (see --shell)
 uid (see --uid)
 user (see --user)

=head2 For subcommand 'set-user-groups'

 groups (see --groups)
 user (see --user)

=head2 For subcommand 'set-user-password'

 backup (see --backup)
 pass (see --pass)
 user (see --user)

=head2 For subcommand 'user-exists'

 uid (see --uid)
 user (see --user)

=head1 FILES

~/.config/upf.conf

~/upf.conf

/etc/upf.conf

=head1 HOMEPAGE

Please visit the project's homepage at L<https://metacpan.org/release/App-upf>.

=head1 SOURCE

Source repository is at L<https://github.com/perlancar/perl-App-upf>.

=head1 BUGS

Please report any bugs or feature requests on the bugtracker website L<https://rt.cpan.org/Public/Dist/Display.html?Name=App-upf>

When submitting a bug or request, please include a test-file or a
patch to an existing test-file that illustrates the bug or desired
feature.

=head1 AUTHOR

perlancar <perlancar@cpan.org>

=head1 COPYRIGHT AND LICENSE

This software is copyright (c) 2015 by perlancar@cpan.org.

This is free software; you can redistribute it and/or modify it under
the same terms as the Perl 5 programming language system itself.

=cut