$OpenBSD: patch-src_user_c,v 1.11 2011/12/02 20:07:26 ajacoutot Exp $
--- src/user.c.orig	Mon Oct 17 21:30:21 2011
+++ src/user.c	Fri Dec  2 21:01:04 2011
@@ -48,7 +48,7 @@
 #include "user-glue.h"
 #include "util.h"
 
-#define ICONDIR LOCALSTATEDIR "/lib/AccountsService/icons"
+#define ICONDIR LOCALSTATEDIR "/db/AccountsService/icons"
 
 enum {
         PROP_0,
@@ -432,7 +432,12 @@ account_type_from_pwent (struct passwd *pwent)
 {
         struct group *grp;
         gid_t wheel;
+#ifndef __OpenBSD__
         gid_t *groups;
+#else
+        gid_t groups[NGROUPS_MAX + 1];
+#endif
+
         gint ngroups;
         gint i;
 
@@ -448,16 +453,28 @@ account_type_from_pwent (struct passwd *pwent)
         }
         wheel = grp->gr_gid;
 
+#ifdef __OpenBSD__
+        ngroups = sizeof(groups) / sizeof(gid_t);
+        if (getgrouplist (pwent->pw_name, pwent->pw_gid, groups, &ngroups) == -1) {
+                g_warning ("too many groups");
+                return ACCOUNT_TYPE_STANDARD;
+        }
+#else
         ngroups = get_user_groups (pwent->pw_name, pwent->pw_gid, &groups);
+#endif
 
         for (i = 0; i < ngroups; i++) {
                 if (groups[i] == wheel) {
+#ifndef __OpenBSD__
                         g_free (groups);
+#endif
                         return ACCOUNT_TYPE_ADMINISTRATOR;
                 }
         }
 
+#ifndef __OpenBSD__
         g_free (groups);
+#endif
 
         return ACCOUNT_TYPE_STANDARD;
 }
@@ -565,12 +582,21 @@ user_local_update_from_pwent (User          *user,
                 passwd = spent->sp_pwdp;
 #endif
 
+#ifdef __OpenBSD__
+        if (g_str_has_suffix (user->shell, "-") == 1) {
+                locked = TRUE;
+        }
+        else {
+                locked = FALSE;
+        }
+#else
         if (passwd && passwd[0] == '!') {
                 locked = TRUE;
         }
         else {
                 locked = FALSE;
         }
+#endif
 
         if (user->locked != locked) {
                 user->locked = locked;
@@ -694,7 +720,7 @@ save_extra_data (User *user)
         error = NULL;
         data = g_key_file_to_data (keyfile, NULL, &error);
         if (error == NULL) {
-                filename = g_build_filename ("/var/lib/AccountsService/users",
+                filename = g_build_filename ("/var/db/AccountsService/users",
                                              user->user_name,
                                              NULL);
                 g_file_set_contents (filename, data, -1, &error);
@@ -715,9 +741,10 @@ move_extra_data (const gchar *old_name,
         gchar *old_filename;
         gchar *new_filename;
 
-        old_filename = g_build_filename ("/var/lib/AccountsService/users",
+        old_filename = g_build_filename ("/var/db/AccountsService/users",
                                          old_name, NULL);
-        new_filename = g_build_filename ("/var/lib/AccountsService/users",
+
+        new_filename = g_build_filename ("/var/db/AccountsService/users",
                                          new_name, NULL);
 
         g_rename (old_filename, new_filename);
@@ -1572,17 +1599,33 @@ user_change_locked_authorized_cb (Daemon              
 {
         gboolean locked = GPOINTER_TO_INT (data);
         GError *error;
+#ifndef __OpenBSD__
         gchar *argv[5];
-
+#else
+        gchar *argv[6];
+        gchar *lockshell, *nolockshell;
+        lockshell = g_strjoin (NULL, user->shell, "-", NULL);
+        nolockshell = g_strdup (user->shell);
+        if (nolockshell[strlen(nolockshell) - 1] == '-')
+               nolockshell[strlen(nolockshell)-1] = '\0';
+#endif
         if (user->locked != locked) {
                 sys_log (context,
                          "%s account of user '%s' (%d)",
                          locked ? "locking" : "unlocking", user->user_name, user->uid);
                 argv[0] = "/usr/sbin/usermod";
+#ifdef __OpenBSD__
+                argv[1] = "-s";
+                argv[2] = locked ? lockshell : nolockshell;
+                argv[3] = "--";
+                argv[4] = user->user_name;
+                argv[5] = NULL;
+#else
                 argv[1] = locked ? "-L" : "-U";
                 argv[2] = "--";
                 argv[3] = user->user_name;
                 argv[4] = NULL;
+#endif
 
                 error = NULL;
                 if (!spawn_with_login_uid (context, argv, &error)) {
@@ -1591,6 +1634,11 @@ user_change_locked_authorized_cb (Daemon              
                         return;
                 }
 
+#ifdef __OpenBSD__
+                g_free (lockshell);
+                g_free (nolockshell);
+#endif
+
                 user->locked = locked;
 
                 g_signal_emit (user, signals[CHANGED], 0);
@@ -1627,13 +1675,23 @@ user_change_account_type_authorized_cb (Daemon        
 {
         gint account_type = GPOINTER_TO_INT (data);
         GError *error;
+#ifndef __OpenBSD__
         gid_t *groups;
+#else
+        gid_t groups[NGROUPS_MAX + 1];
+        struct group *obsdgrp;
+#endif
         gint ngroups;
         GString *str;
         gid_t wheel;
         struct group *grp;
         gint i;
+#ifndef __OpenBSD__
         gchar *argv[6];
+#else
+        gchar *argv[8];
+	gchar *class;
+#endif
 
         if (user->account_type != account_type) {
                 sys_log (context,
@@ -1647,31 +1705,65 @@ user_change_account_type_authorized_cb (Daemon        
                 }
                 wheel = grp->gr_gid;
 
+#ifdef __OpenBSD__
+                ngroups = sizeof(groups) / sizeof(gid_t);
+                if (getgrouplist (user->user_name, user->gid, groups, &ngroups) == -1) {
+                        g_warning ("too many groups");
+                        account_type = ACCOUNT_TYPE_STANDARD;
+                }
+#else
                 ngroups = get_user_groups (user->user_name, user->gid, &groups);
+#endif
 
                 str = g_string_new ("");
                 for (i = 0; i < ngroups; i++) {
                         if (groups[i] == wheel)
                                 continue;
+
+#ifdef __OpenBSD__
+                        obsdgrp = getgrgid(groups[i]);
+                        g_string_append_printf (str, "%s,", obsdgrp->gr_name);
+#else
                         g_string_append_printf (str, "%d,", groups[i]);
+#endif
                 }
                 switch (account_type) {
                 case ACCOUNT_TYPE_ADMINISTRATOR:
+#ifdef __OpenBSD__
+                        g_string_append_printf (str, "%s", "wheel");
+                        class = "staff";
+#else
                         g_string_append_printf (str, "%d", wheel);
+#endif
                         break;
                 default:
                         /* remove excess comma */
                         g_string_truncate (str, str->len - 1);
+#ifdef __OpenBSD__
+                        class = "";
+#endif
                 }
 
+#ifndef __OpenBSD__
                 g_free (groups);
+#endif
 
                 argv[0] = "/usr/sbin/usermod";
+#ifdef __OpenBSD__
+                argv[1] = "-S";
+                argv[2] = str->str;
+                argv[3] = "-L";
+                argv[4] = class;
+                argv[5] = "--";
+                argv[6] = user->user_name;
+                argv[7] = NULL;
+#else
                 argv[1] = "-G";
                 argv[2] = str->str;
                 argv[3] = "--";
                 argv[4] = user->user_name;
                 argv[5] = NULL;
+#endif
 
                 g_string_free (str, FALSE);
 
@@ -1779,10 +1871,18 @@ user_change_password_mode_authorized_cb (Daemon       
                 }
                 else if (user->locked) {
                         argv[0] = "/usr/sbin/usermod";
+#ifdef __OpenBSD__
+                        argv[1] = "-s";
+                        argv[2] = g_strndup (user->shell, sizeof(user->shell));
+                        argv[3] = "--";
+                        argv[4] = user->user_name;
+                        argv[5] = NULL;
+#else
                         argv[1] = "-U";
                         argv[2] = "--";
                         argv[3] = user->user_name;
                         argv[4] = NULL;
+#endif
 
                         error = NULL;
                         if (!spawn_with_login_uid (context, argv, &error)) {
