#!/bin/bash
# -*- ENCODING: UTF-8 -*-

# picamug
#
# Manage users and groups.
#
# Copyright (c) 2013-2026: Alexis Puente Montiel   < pica (a) picalibre.org >
#
# Licensed according to GNU AGPL version 3.0.
#
# It is libre/free software; you can use, redistribute and/or modify it according to the terms of GNU AGPL as published by GNU, version 3.0, 19 November 2007.
#
# It is distributed in the hope that it will be useful, but without any warranty. Read GNU AGPL version 3.0 for additional details.
#
# A copy of GNU AGPL version 3.0 is available at /usr/share/doc/<software-package-name>/agpl-3.0.txt (additionally on Internet as text at https://www.gnu.org/licenses/agpl-3.0.txt and as HTML at https://www.gnu.org/licenses/agpl-3.0-standalone.html ).
#
# Note: Additionally to the official e-mails, picalibre.org is strictly the only official site for this software project, please consider using it to download, report bugs and contribute.
#
# Depends: bash, coreutils, dialog | yad | yad-pica | zenity, findutils, gawk | mawk | original-awk, grep, passwd, sed
# Recommends: menu, pica-skel, procps, x11-xkb-utils


### SCRIPT VARIABLES ########################################

CNAME="picamug"
VERSION="1.3.1"
TITLE="PicaMUG"
ICON="/usr/share/icons/picamug.png"

# Translations
if [ "$LANG" = "" ] ; then export $(cat /etc/default/locale | grep -a 'LANG=') ; fi
TEXTDOMAIN=picamug
TEXTDOMAINDIR=/usr/share/locale/

# Write errors to log
ERRORLOG="$HOME/.${CNAME}.log"
if [ -e "$ERRORLOG" ] ; then
	mv -f $ERRORLOG ${ERRORLOG}.ant
fi
if [ -e "$ERRORLOG" ] ; then rm -rf "$ERRORLOG" ; fi

for i in /etc/pica-global.dist /etc/pica-global.orig /etc/pica-global /etc/pica-global.local ~/.pica-global ~/pica-global ; do
	if [ -f "$i" ] ; then
	cat "$i"
	source "$i"
	source <(cat $i | sed -e "s/=\(YES\|Yes\|yes\|y\|SÍ\|SI\|Sí\|Si\|sí\|si\|S\|s\)/=Y/g" -e "s/=\(No\|no\|n\)/=N/g" -e "s/=\"\(YES\|Yes\|yes\|y\|SÍ\|SI\|Sí\|Si\|sí\|si\|S\|s\)\"/=Y/g" -e "s/=\"\(No\|no\|n\)\"/=N/g")
	fi
done
if [ "$DEBUG" = "Y" ] ; then
	set -xv
	DEBUG="Y"
else
	ERRORLOG="/tmp/.${CNAME}_$(id -nu).log"
	if [ -e "$ERRORLOG" ] ; then mv -f $ERRORLOG ${ERRORLOG}.ant ; fi
	if [ -e "$ERRORLOG" ] ; then rm -rf "$ERRORLOG" ; fi
fi
if [ "$DEBUG" = "" ] ; then DEBUG="N" ; fi
if [ "$DEBUG" != "N" ] ; then
exec > >(tee -a "$ERRORLOG") 2>&1
echo "$0" "$*" >> "$ERRORLOG"
echo "$CNAME" "$VERSION" >> "$ERRORLOG"
echo $(date +%Y-%m-%d_%H:%M:%S) $"Start" >> "$ERRORLOG"
echo "env:" >> "$ERRORLOG"
env >> "$ERRORLOG"
echo "set:" >> "$ERRORLOG"
set >> "$ERRORLOG"
#else
#exec 2>>"$ERRORLOG"
fi

# Description:
BDESCRIP=$"Manage users and groups."
LDESCRIP=$"$TITLE is a tool to manage users and groups."

# Documentation:
docu_info () {
echo "$CNAME ($VERSION) - $BDESCRIP"
echo 
echo $"Usage:" $CNAME [$"OPTIONS"]
echo 
echo $"Options:"
echo -e "$ODESCRIP"
echo 
echo $"'man $CNAME' for more information."
echo 
}
ODESCRIP=" -t""\t"$"Use terminal interface.""\n"" -k""\t"$"Use 'kdialog' if possible.""\n"" -y""\t"$"Use 'yad' if possible (by default in graphical sessions).""\n"" -z""\t"$"Use 'zenity' if possible.""\n"" -x""\t"$"Show help documentation."

while getopts tkyzx OPTION ; do
	case $OPTION in
		t )   T="Y" ; G="N"      ;;
		k )   SDIALOG="kdialog"  ;;
		y )   SDIALOG="yad"      ;;
		z )   SDIALOG="zenity"   ;;
		x )   docu_info ; exit 0 ;;
	esac
done


### DIALOG ########################################

#DEFAULTDIALOGLIST="yad zenity kdialog"
DEFAULTDIALOGLIST="yad zenity"

#if [ -t 0 ] ; then
if [ "$(setxkbmap 1>/dev/null 2>&1 ; echo $? )" -ne 0 ] ; then
	G="N" ; T="Y"
fi

if [ "$G" != "N" ] ; then
	
	if   [ "$SDIALOG" = "kdialog" ] ; then
		DIALOGLIST="kdialog yad zenity"
	elif [ "$SDIALOG" = "yad" ] ; then
		DIALOGLIST="yad zenity kdialog"
	elif [ "$SDIALOG" = "zenity" ] ; then
		DIALOGLIST="zenity yad kdialog"
	else
		DIALOGLIST="$DEFAULTDIALOGLIST"
	fi
	
	if [ "$DIALOGLIST" = "" ] ; then
		if [ "$DEFAULTDIALOGLIST" != "" ] ; then
			DIALOGLIST="$DEFAULTDIALOGLIST"
		else
			DIALOGLIST="yad zenity kdialog"
		fi
	fi
	
	if [ "$(command -v $DIALOGLIST)" = "" ] ; then
		G="N" ; T="Y"
	fi

fi


if [ "$G" = "N" ] ; then

	if [ "$(command -v dialog)" = "" ] ; then
		echo $"ERROR: No supported dialog is installed. $TITLE cannot continue."
		exit 1
	else
		
		DIALOG="dialog --cr-wrap --keep-window --output-fd 1"
		#DIALOG="dialog --cr-wrap --keep-window --output-fd 1 --no-lines --no-shadow"
		if [ "$TITLE" != "" ] ; then
			WICON="--backtitle $(echo $TITLE | sed 's| |-|g')"
		fi
		WTITLE="--title"
		WTEXT=""
		H="0"
		W="0"
		LH="0"
		CALENDAR="--calendar"
		DATEFORMAT="--date-format %Y-%m-%d"
		WTIME="--timebox"
		TIMEFORMAT="--time-format %H:%M:%S"
		DSEL="--dselect"
		FSEL="--fselect"
		WRITE="--inputbox"
		PREWRITE=""
		COLUMN=""
		PRINTCOLUMN1=""
		PRINTCOLUMN2=""
		HIDECOLUMN1=""
		HIDECOLUMN2=""
		#INPUTSEPARATOR="--column-separator"
		#OUTPUTSEPARATOR="--separate-output"
		MONOLIST="--menu"
		#MONOLIST="--radiolist"
		MULTIPLELIST="--separate-output --checklist"
		PRE=""
		POST="off"
		PRES=""
		POSTS="on"

		INFO="--msgbox"
		WAIT="--infobox"

		QYN="--yesno"
		QYNC="--yesno"
		WYN="--yesno"
		WCC="--yesno"
		WYNC="--yesno"
		WM="--msgbox"
		ERROR="--msgbox"

		FORM="--form"
		FORMT=""
		FORMSELPRE=""
		FORMSELPOST=""
		#FORMCALPRE=""
		#FORMCALPOST=""
		#FORMCLPRE=""
		#FORMCLPOST=""
		PRELAB1="1 1"
		POSTLAB1="1 10 999 0"
		PRELAB2="2 1"
		POSTLAB2="2 10 999 0"
		PRELAB3="3 1"
		POSTLAB3="3 10 999 0"

		YES="--yes-label"
		NO="--no-label"
		OK="--ok-label"
		CONTINUE="--ok-label"
		CANCEL="--cancel-label"
		EXTRABUTTON="--extra-button --extra-label"
	
	fi

else

	for i in $DIALOGLIST ; do

		if [ "$(command -v $i)" != "" ] ; then
	
			if [ "$i" = "yad" ] ; then
		
				if [ "$(yad --version | tail -n 1 | cut -d ' ' -f 1 | cut -d '.' -f 1)" -lt 2 ] ; then
					DIALOG="yad --center"  # --selectable-labels (bug in Yad < 2.0) https://github.com/v1cont/yad/blob/master/NEWS
				else
					DIALOG="yad --center --selectable-labels"  # --on-top
				fi
				if [ "$ICON" != "" ] ; then
					WICON="--window-icon $ICON"
				fi
				WTITLE="--title"
				WTEXT="--text"
				H=""
				if [ "$(yad --version | tail -n 1 | grep -aE ^'7.2')" != "" ] ; then
					W="--width=640"
				else
					W="--width=640 --text-width=640 --fixed"  # https://github.com/v1cont/yad/issues/107  https://github.com/v1cont/yad/issues/140
				fi
				LH=""
				CALENDAR="--calendar"
				DATEFORMAT="--date-format %Y-%m-%d"
				WTIME="--separator=\n --columns 3 --form"
				#TIMEFORMAT="--time-format %H:%M:%S"
				DSEL="--file --directory --filename"  # Deleted *-selection alias for --file in Yad 4.0
				FSEL="--file --filename"              # Deleted *-selection alias for --file in Yad 4.0
				WRITE="--entry"
				PREWRITE="--entry-text"
				COLUMN="--column="
				PRINTCOLUMN1="--print-column=01"
				PRINTCOLUMN2="--print-column=02"
				HIDECOLUMN1="--hide-column=01"
				HIDECOLUMN2="--hide-column=02"
				#INPUTSEPARATOR="--item-separator"
				#OUTPUTSEPARATOR="--separator="
				#MONOLIST="--entry"
				MONOLIST="--separator=\n --list --search-column=1 --no-headers"
				MONOLISTH="--separator=\n --list --search-column=1"
				MULTIPLELIST="--separator= --list --checklist --search-column=2 --no-headers"
				MULTIPLELISTH="--separator= --list --checklist --search-column=2"
				PRE="FALSE"
				POST=""
				PRES="TRUE"
				POSTS=""
				# standard gtk keybindings for next and previous search are ctrl+g and ctrl+shift+g while you can redefine them in gtk-keys.css for your theme  # https://github.com/v1cont/yad/issues/127
			
				INFO="--image=/usr/share/icons/picalibre/rm/play.png --button="$"OK"
				WAIT="--image=/usr/share/icons/picalibre/rm/play.png --no-buttons"
			
				QYN="--image=/usr/share/icons/picalibre/rm/question.png --button="$"Yes"":0 --button="$"No"":1"
				QYNC="--image=/usr/share/icons/picalibre/rm/question.png --button="$"Yes"":0 --button="$"No"":1 --button="$"Cancel"":1"
				WYN="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"Yes"":0 --button="$"No"":1"
				WCC="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"Continue"":0 --button="$"Cancel"":1"
				WYNC="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"Yes"":0 --button="$"No"":1 --button="$"Cancel"":1"
				WM="--image=/usr/share/icons/picalibre/rm/warning.png --button="$"OK"
				ERROR="--image=/usr/share/icons/picalibre/rm/error.png --button="$"OK"
			
				FORM="--separator=\n --form"
				FORMT="--field"
				FORMSELPRE="--field"
				FORMSELPOST=":FL"
				FORMCALPRE="--field"
				FORMCALPOST=":DT"
				FORMCLPRE="--field"
				FORMCLPOST=":CB"
				PRELAB1=""
				POSTLAB1=""
				PRELAB2=""
				POSTLAB2=""
				PRELAB3=""
				POSTLAB3=""
			
				YES="--button"
				NO="--button"
				OK="--button"
				CONTINUE="--button"
				CANCEL="--button"
				EXTRABUTTON="--button"
		
			elif [ "$i" = "zenity" ] ; then
		
				DIALOG="zenity"
				if [ "$ICON" != "" ] ; then
					WICON="--window-icon $ICON"
				fi
				WTITLE="--title"
				WTEXT="--text"
				H=""
				W="--width=640"
				LH=""
				CALENDAR="--calendar"
				DATEFORMAT="--date-format %Y-%m-%d"
				WTIME="--separator : --forms"
				#TIMEFORMAT="--time-format %H:%M:%S"
				DSEL="--file-selection --directory --filename"
				FSEL="--file-selection --filename"
				WRITE="--entry"
				PREWRITE="--entry-text"
				COLUMN="--column="
				PRINTCOLUMN1="--print-column=01"
				PRINTCOLUMN2="--print-column=02"
				HIDECOLUMN1="--hide-column=01"
				HIDECOLUMN2="--hide-column=02"
				#INPUTSEPARATOR=""
				#OUTPUTSEPARATOR="--separator=\n"
				MONOLIST="--separator=\n --list --hide-header"
				MONOLISTH="--separator=\n --list"
				MULTIPLELIST="--separator=\n --list --checklist --hide-header"
				MULTIPLELISTH="--separator=\n --list --checklist"
				PRE="FALSE"
				POST=""
				PRES="TRUE"
				POSTS=""
			
				INFO="--info"
				WAIT="--info"
			
				QYN="--question"
				QYNC="--question"
				WYN="--question"
				WCC="--question"
				WYNC="--question"
				WM="--warning"
				ERROR="--error"
			
				FORM="--forms"
				FORMT="--add-entry"
				FORMSELPRE="--add-entry"
				FORMSELPOST=""
				FORMCALPRE="--add-calendar"
				FORMCALPOST=""
				if [ "$(zenity --version | cut -d '.' -f 1 )" -ge 3 ] || [ "$(zenity --version | sed 's|\.||g')" -ge 3102 ] ; then
					FORMCLPOST="--combo-values"
					FORMCLPRE="--add-combo"
				fi
				PRELAB1=""
				POSTLAB1=""
				PRELAB2=""
				POSTLAB2=""
				PRELAB3=""
				POSTLAB3=""
			
				# Zenity <3 does not support custom buttons.
				if [ "$(zenity --version | cut -d '.' -f 1 )" -ge 3 ] ; then
					YES="--ok-label"
					NO="--cancel-label"
					OK="--ok-label"
					CONTINUE="--ok-label"
					CANCEL="--cancel-label"
					#EXTRABUTTON=""
				fi
		
#			elif [ "$i" = "kdialog" ] ; then
#		
#				# CAUTION: All 'kdialog' (TDE, KDE Plasma 4, KDE Plasma 5, KDE Plasma 6,...) are included here!
#			
#				DIALOG="kdialog"
#				if [ "$ICON" != "" ] ; then
#					WICON="--icon $ICON"
#				fi
#				WTITLE="--title"
#				WTEXT=""
#				H=""
#				W=""
#				LH=""
#				# No "--calendar" in TDE-kdialog + No "--date-format" both TDE and Plasma = There is no usable version of kdialog for calendars
#				#CALENDAR="--calendar"
#				#DATEFORMAT="--date-format %Y-%m-%d"
#				#WTIME="--timebox"
#				#TIMEFORMAT="--time-format %H:%M:%S"
#				DSEL="--getexistingdirectory"
#				FSEL="--getsavefilename"
#				#FSEL="--getopenfilename"
#				WRITE="--inputbox"
#				PREWRITE=""
#				COLUMN=""
#				PRINTCOLUMN1=""
#				PRINTCOLUMN2=""
#				HIDECOLUMN1=""
#				HIDECOLUMN2=""
#				#INPUTSEPARATOR=""
#				#OUTPUTSEPARATOR="--separate-output"
#				MONOLIST="--menu"
#				#MONOLIST="--combobox"
#				#MONOLIST="--radiolist"
#				MULTIPLELIST="--separate-output --checklist"
#				PRE=""
#				POST="off"
#				PRES=""
#				POSTS="on"
#			
#				INFO="--msgbox"
#				WAIT="--msgbox"
#			
#				QYN="--yesno"
#				QYNC="--yesnocancel"
#				WYN="--warningyesno"
#				WCC="--warningcontinuecancel"
#				WYNC="--warningyesnocancel"
#				WM="--sorry"
#				ERROR="--error"
#			
#				# No "--form" in any kdialog version
#				#FORM="--form"
#				#FORMT=""
#				#FORMSELPRE=""
#				#FORMSELPOST=""
#				#FORMCALPRE=""
#				#FORMCALPOST=""
#				#FORMCLPRE=""
#				#FORMCLPOST=""
#				#PRELAB1=""
#				#POSTLAB1=""
#				#PRELAB2=""
#				#POSTLAB2=""
#				#PRELAB3=""
#				#POSTLAB3=""
#			
#				# TDE-kdialog does not support custom buttons.
#				if [ "$(kdialog --version | grep -a Qt | grep -aEo "[0-9]" | head -n 1)" -ge 4 ] || [ "$(kdialog --version | grep -aEi kdialog | grep -aEo "[0-9]" | head -n 1)" -gt 1 ] ; then
#					YES="--yes-label"
#					NO="--no-label"
#					OK="--continue-label"
#					CONTINUE="--continue-label"
#					CANCEL="--cancel-label"
#					EXTRABUTTON="--cancel-label"
#				fi
		
			else
		
				true
		
			fi
		
		if [ "$DIALOG" != "" ] ; then break ; fi
		
		fi

	done

fi

if [ "$DIALOG" = "" ] ; then
	echo $"ERROR: No supported dialog is installed. $TITLE cannot continue."
	exit 1
fi


### ROOT CHECK ########################################

#if [ "$(cat /etc/passwd | grep -aE ^$(whoami): | cut -d ':' -f 3 )" -ne 0 ] ; then
if [ "$(id -u)" -ne 0 ] ; then
	$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"$TITLE must be launched as SuperUser.\n\nCannot continue." $H $W
	exit 1
fi
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/trinity/bin


### BASICFUN ########################################

clean () {
if [ "$DEBUG" = "Y" ] ; then set +xv ; fi
if [ -n "$NEWUSERPASS" ] ; then  sed -i "s|$NEWUSERPASS|__NEWUSERPASS__|g" $ERRORLOG  ; fi
if [ -n "$GUESTPASS"   ] ; then  sed -i "s|$GUESTPASS|__GUESTPASS__|g" $ERRORLOG  ; fi
exec > >(tee -a "$ERRORLOG") 2>&1 ; if [ "$DEBUG" = "Y" ] ; then set -xv ; fi
#rm -f
unset USER_REALPEOPLE_INFO GROUP_LIST USERNAMES_REALPEOPLE_USED SELECTED_ONE_USER USERNAMES_SOME_REALPEOPLE_USED SELECTED_SOME_USERS GROUPS_USED SELECTED_ONE_GROUP GROUPS_SOME_USED SELECTED_SOME_GROUPS NEWUSERNAME CHECK_NAMES_USED_1 CHECK_NAMES_USED_2 NEWUSERREALNAME UID_USED GID_USED FINALID PROP_UID CHECK_UID_VALIDITY CHECK_ID_1 CHECK_ID_2 NEWUSERPASS CONFIRM USERNAMES_ACTIVE_1 USERNAMES_ACTIVE_2 NEWGROUPNAME PROP_GID CHECK_GID_VALIDITY CHECK_PRIMARY_GROUP
}

check_exit () {

TAILERRORLOG=$(cat "$ERRORLOG" | grep -aE "[a-zA-Z0-9\=\[]" | tail -n 10 )

echo $(date +%Y-%m-%d_%H:%M:%S)

clean

$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"Stop due to error.\n\n$TAILERRORLOG\n" $H $W

exit 1

}

# "try again or exit" dialog window
input_error () {

echo $(date +%Y-%m-%d_%H:%M:%S)

$DIALOG $WICON $WTITLE "$TITLE" $WYN   $WTEXT $"Something went wrong.\n\nDo you want to try again?" $H $W

if [ "$?" -ne 0 ] ; then
	picamug_general
	return 1
else
	$REFUN
fi

}

return_name () {

$DIALOG $WICON $WTITLE "$TITLE" $WYN   $WTEXT $"Name already in use. Please select a different one." $H $W

if [ "$?" -ne 0 ] ; then
	picamug_general
	return 1
else
	$REFUN
fi

}

#check_name () {
#	if [ "$(echo $NEWNAME | sed "s|[a-zA-Z0-9-]||g")" != "" ] ; then input_error ; fi
#}

# architecture of the running kernel:

if [ "$(uname -mr | grep -aEi 'amd64|x86_64|x86-64' )" != "" ] ; then SYSARC="amd64" ; fi
if [ "$(uname -mr | grep -aEi 'armel|iop32x|ixp4xx|kirkwood|marvell|mv78xx0|orion5x|rpi|versatile|arm' )" != "" ] ; then SYSARC="armel" ; fi
if [ "$(uname -mr | grep -aEi 'armhf|armmp|mx5|omap|vexpress|armv' )" != "" ] ; then SYSARC="armhf" ; fi
if [ "$(uname -mr | grep -aEi 'arm64|aarch64' )" != "" ] ; then SYSARC="arm64" ; fi
if [ "$(uname -mr | grep -aEi '386|486|586|686|x86_32|x86-32' )" != "" ] ; then SYSARC="i386" ; fi
if [ "$(uname -mr | grep -aEi 'itanium|mckinley|ia64' )" != "" ] ; then SYSARC="ia64" ; fi
if [ "$(uname -mr | grep -aEi 'loong64|loongarch64' )" != "" ] ; then SYSARC="loong64" ; fi
if [ "$(uname -mr | grep -aEi 'bcm91|ip22|ip32|malta|mips|octeon' )" != "" ] ; then SYSARC="mips" ; fi
if [ "$(uname -mr | grep -aEi 'loongson|malta|mips64|octeon' )" != "" ] ; then SYSARC="mips64el" ; fi
if [ "$(uname -mr | grep -aEi 'loongson|bcm91|cobalt|malta|mips32|mipsel|octeon' )" != "" ] ; then SYSARC="mipsel" ; fi
if [ "$(uname -mr | grep -aEi 'powerpc|powerpc64|ppc|ppc64' )" != "" ] ; then SYSARC="powerpc" ; fi
if [ "$(uname -mr | grep -aEi 'powerpc64le|ppc64el|ppc64le' )" != "" ] ; then SYSARC="ppc64el" ; fi
if [ "$(uname -mr | grep -aEi 'riscv64|rv64' )" != "" ] ; then SYSARC="riscv64" ; fi
if [ "$(uname -mr | grep -aEi 's390x' )" != "" ] ; then SYSARC="s390x" ; fi
if [ "$(uname -mr | grep -aEi 'sparc' )" != "" ] ; then SYSARC="sparc" ; fi
if [ "$(uname -mr | grep -aEi 'sparc64' )" != "" ] ; then SYSARC="sparc64" ; fi


### WELCOME ########################################

clean

if [ "$WELCOME" != "N" ] ; then

$DIALOG $WICON $WTITLE "$TITLE" $INFO  $WTEXT $"Welcome to $TITLE.\n\n$TITLE is a tool to manage users and groups.\n\n$TITLE is libre/free software, licensed according to 'GNU AGPL version 3.0'.\n\nIt is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY.\n\nMore information at www.picalibre.org\n" $H $W

if [ "$?" -ne 0 ] ; then
	exit 0
fi

fi


### SEL ########################################

users_info () {
	#USER_REALPEOPLE_INFO=$(for i in $(cat /etc/passwd | awk -F ':' '{if ($3 == 0 || $3 >= 1000 && $3 != 65534) print $1}' ) ; do printf "\n""\n""$i""$(id $i)" ; done | sed 's|uid=|\nuid=|g' | sed 's| |\n|g' ; echo "\n" )
	#$DIALOG $WICON $WTITLE $"View users information" $INFO  $WTEXT "$USER_REALPEOPLE_INFO" $H $W

if [ "$G" = "N" ] ; then
	USER_REALPEOPLE_INFO=$(for i in $(cat /etc/passwd | awk -F ':' '{if ($3 == 0 || $3 >= 1000 && $3 != 65534) print $1}' ) ; do printf "$i""\t""$(id $i | tr ' ' ';')""\n" ; done)
	$DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Users:" $H $W $LH $COLUMN $COLUMN $COLUMN $COLUMN $USER_REALPEOPLE_INFO | head -n 1
else
	USER_REALPEOPLE_INFO=$(for i in $(cat /etc/passwd | awk -F ':' '{if ($3 == 0 || $3 >= 1000 && $3 != 65534) print $1}' ) ; do printf "$i""\t""$(id $i | tr ' ' '\n' | sed 's|.*=||g' | tr '\n' '\t')""\n" ; done)
	$DIALOG $WICON $WTITLE "$TITLE" $MONOLISTH $WTEXT $"Users:" $H $W $LH ${COLUMN}$"User" ${COLUMN}$"UID" ${COLUMN}$"GID" ${COLUMN}$"Groups" $USER_REALPEOPLE_INFO | head -n 1
fi
}

groups_list () {
	GROUP_LIST=$(cat /etc/group | awk -F ':' '{print $1,$3}' | sort -n -k 2)
	if [ "$G" = "N" ] ; then
		$DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Groups:" $H $W $LH $COLUMN $COLUMN $GROUP_LIST | head -n 1
	else
		$DIALOG $WICON $WTITLE "$TITLE" $MONOLISTH $WTEXT $"Groups:" $H $W $LH ${COLUMN}$"Group" ${COLUMN}$"GID" $GROUP_LIST | head -n 1
	fi
}

select_one_user_wroot () {

	USERNAMES_REALPEOPLE_USED=$(cat /etc/passwd | awk -F ':' '{if ($3 == 0 || $3 >= 1000 && $3 != 65534) print $1,$3}' )

	SELECTED_ONE_USER=$($DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Select a user:" $H $W $LH $COLUMN $COLUMN $USERNAMES_REALPEOPLE_USED | head -n 1 )

	if [ "$?" -ne 0 ] || [ "$SELECTED_ONE_USER" = "" ] ; then
	picamug_general
	return 1
	fi

}

select_one_user_noroot () {

	USERNAMES_REALPEOPLE_USED=$(cat /etc/passwd | awk -F ':' '{if ($3 >= 1000 && $3 != 65534) print $1,$3}' )

	SELECTED_ONE_USER=$($DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Select a user:" $H $W $LH $COLUMN $COLUMN $USERNAMES_REALPEOPLE_USED | head -n 1 )

	if [ "$?" -ne 0 ] || [ "$SELECTED_ONE_USER" = "" ] ; then
	picamug_general
	return 1
	fi

}

select_some_users () {

	USERNAMES_SOME_REALPEOPLE_USED=$(cat /etc/passwd | awk -F ':' '{if ($3 >= 1000 && $3 != 65534) print "'"$PRE"'",$1"\t("$3")","'"$POST"'"}' )

	SELECTED_SOME_USERS=$($DIALOG $WICON $WTITLE "$TITLE" $MULTIPLELIST $WTEXT $"Select one or more users:" $H $W $LH $COLUMN $COLUMN $COLUMN $USERNAMES_SOME_REALPEOPLE_USED | sed 's|(.*)||g' | sed 's|^TRUE||g')

	if [ "$?" -ne 0 ] || [ "$SELECTED_SOME_USERS" = "" ] ; then
	picamug_general
	return 1
	fi
}

select_one_group_nosys () {

	GROUPS_USED=$(cat /etc/group | awk -F ':' '{if ($3 >= 1000 && $3 != 65534) print $1,$3}' | sort -u )

	SELECTED_ONE_GROUP=$($DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Select a group:" $H $W $LH $COLUMN $COLUMN $GROUPS_USED | head -n 1 )

	if [ "$?" -ne 0 ] || [ "$SELECTED_ONE_GROUP" = "" ] ; then
	picamug_general
	return 1
	fi

}

select_some_groups () {

	GROUPS_SOME_USED=$(cat /etc/group | awk -F ':' '{print "'"$PRE"'",$1"\t("$3")","'"$POST"'"}' | sort -u )

	SELECTED_SOME_GROUPS=$($DIALOG $WICON $WTITLE "$TITLE" $MULTIPLELIST $WTEXT $"Select one or more groups:" $H $W $LH $COLUMN $COLUMN $COLUMN $GROUPS_SOME_USED | sed 's|(.*)||g' | sed 's|^TRUE||g')

	if [ "$?" -ne 0 ] || [ "$SELECTED_SOME_GROUPS" = "" ] ; then
	picamug_general
	return 1
	fi
}


### SCRIPT ########################################

picamug_general () {

clean

OPT=$($DIALOG $WICON $WTITLE "$TITLE" $MONOLIST $WTEXT $"Please select an option:" $H $W $LH $COLUMN $COLUMN \
$"View users information" " " \
$"Create a new user" " " \
$"Create a 'guest' user" " " \
$"Delete a user (including the content of the personal folder/directory)" " " \
$"Delete a user (but keep the content of the personal folder/directory)" " " \
$"Modify a user" " " \
$"Change a user password" " " \
$"View groups list" " " \
$"Create a new group" " " \
$"Delete a group" " " \
$"Modify a group" " " \
$"Include one or more users in the default groups" " " \
$"Include one or more users in one or more groups" " " \
$"Exclude one or more users from one or more groups" " " \
$"Close" " " \
| head -n 1 )

if [ "$?" -ne 0 ] || [ "$OPT" = "" ] ; then
	clean
	exit 0
fi

case $OPT in

$"Close" )
	clean
	exit 0
;;

$"View users information" )
	users_info
	picamug_general
;;

$"Create a new user" )

	set_username () {
	PRE_NEWUSERNAME=$($DIALOG $WICON $WTITLE $"Create a new user" $WRITE $WTEXT $"Please write the new username.\n\n(Letters and/or numbers only, hyphens and underscores are allowed as separators, but not spaces or other symbols, maximum length 32 characters.)\n" $H $W)

	if [ "$?" -ne 0 ] ; then
		picamug_general
		return 1
	fi

	NEWUSERNAME=$(echo "$PRE_NEWUSERNAME" | sed 's| ||g')

	# Check username conflict
	CHECK_NEWUSERNAME=$(cat /etc/passwd /etc/group | awk -F ':' '{print $1}' | grep -aE "^$NEWUSERNAME$")
	if [ "$CHECK_NEWUSERNAME" != "" ] ; then
		REFUN=set_username
		return_name ; return
	fi
	
	NC_NEWUSERNAME=$(printf "$NEWUSERNAME" | wc -m)
	if [ "$NC_NEWUSERNAME" -gt 32 ] ; then
		$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"The username has $NC_NEWUSERNAME characters and the maximum length is 32 characters.\n\nPlease select other username." $H $W
		set_username ; return
	fi

	if [ "$NEWUSERNAME" = "" ] ; then
		REFUN=set_username
		input_error ; return
	fi
	
	}

	set_username || return 1

	set_userfullname () {
	NEWUSERREALNAME=$($DIALOG $WICON $WTITLE $"Create a new user" $WRITE $WTEXT $"Please write the new user's full name (you can use the same as before).\n\n(Spaces are allowed.)\n" $H $W $PREWRITE "$NEWUSERNAME")

		if [ "$?" -ne 0 ] ; then
			picamug_general
			return 1
		fi

		if [ "$NEWUSERREALNAME" = "" ] ; then
			REFUN=set_userfullname
			input_error ; return
		fi
	}

	set_userfullname || return 1

	set_uid () {

	unset FINALID
	for N in {1000..9999} ; do
		CHECK_ID=$(cat /etc/passwd /etc/group | awk -F ':' '{print $3}' | grep -aE "^$N$")
		if [ "$CHECK_ID" = "" ] ; then
			FINALID="$N"
			break
		fi
	done

	$DIALOG $WICON $WTITLE $"Create a new user" $QYN   $WTEXT $"Do you want $FINALID to be the new user's UID? \n\nIt is recommended.\n" $H $W

	if [ "$?" -eq 1 ] ; then
	
		custom_uid () {
	
			PROP_UID=$($DIALOG $WICON $WTITLE $"Create a new user" $WRITE $WTEXT $"Please write the new user's UID (usually a number between 1000 and 9999).\n" $H $W)
			
			if [ "$?" -ne 0 ] ; then
				picamug_general
				return 1
			fi
		
			if [ "$PROP_UID" = "" ] ; then
				REFUN=custom_uid
				input_error ; return
			fi
		
			# Check numeric validity
			CHECK_UID_VALIDITY=$(echo "$PROP_UID" | sed "s|[0-9]||g")
			if [ "$CHECK_UID_VALIDITY" != "" ] ; then
			$DIALOG $WICON $WTITLE $"Create a new user" $ERROR $WTEXT $"$PROP_UID includes non-numeric characters.\n" $H $W
			custom_uid ; return
			fi
		
			# Check availability
			CHECK_ID=$(cat /etc/passwd /etc/group | awk -F ':' '{print $3}' | grep -aE "^$PROP_UID$")
			if [ "$CHECK_ID" != "" ] ; then
			$DIALOG $WICON $WTITLE $"Create a new user" $ERROR $WTEXT $"$PROP_UID is already in use on the system.\n" $H $W
			custom_uid ; return
			else
			FINALID=$PROP_UID
			fi
			
			# Check numerical recommendability
			if [ "$PROP_UID" -lt 1000 ] ; then
			$DIALOG $WICON $WTITLE $"Create a new user" $WYN   $WTEXT $"Figures less than 1000 are reserved for operating system needs, so it is recommended not to continue.\n\nDo you want to continue?\n" $H $W
				if [ "$?" -ne 0 ] ; then
					custom_uid ; return 1
				fi
			fi
			
		}
	
		custom_uid || return 1
	
	fi

	}

	set_uid || return 1

	set_userpass () {
	NEWUSERPASS=$($DIALOG $WICON $WTITLE $"Create a new user" $WRITE $WTEXT $"Please write a password for the new user.\n" $H $W)

		if [ "$?" -ne 0 ] ; then
			picamug_general
			return 1
		fi

		if [ "$NEWUSERPASS" = "" ] ; then
			REFUN=set_userpass
			input_error ; return
		fi
	}

	set_userpass || return 1

	$DIALOG $WICON $WTITLE $"Create a new user" $QYN   $WTEXT $"A new user with username '$NEWUSERNAME', full name '$NEWUSERREALNAME', UID '$FINALID' and password '$NEWUSERPASS' will be created if you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	groupadd -g $FINALID $NEWUSERNAME
	useradd -u $FINALID -g $FINALID -c "$NEWUSERREALNAME,,," -s $(command -v bash) -m $NEWUSERNAME
	printf "$NEWUSERPASS\n$NEWUSERPASS\n\n" | passwd $NEWUSERNAME

	# add to supplementary groups, checking first if they exist
	if [ "$(dpkg -l | grep -aEi "^ii|^hi" | awk '{print $2}' | sed "s|:.*||g" | grep -aEi "xserver-xorg|x11-session|x11-xserver|^cdm$|^console-tdm$|^edm$|^entrance$|^gdm$|^gdm3$|^kdm$|^kdm-trinity$|^lightdm$|^lxdm$|^ly$|^mdm$|^nodm$|^qingy$|^sddm$|^slim$|^tdm$|^tdm-trinity$|^wdm$|^xdm$")" != "" ] ; then
		GLIST="adm admin audio bluetooth cdrom cgroup crontab cups cupsadmin dialout dip disk fax floppy fuse input kvm lp lpadmin netdev plugdev powerdev pulse pulse-access pulse-rt qemu sambashare saned scanner ssh tape users vboxusers vlock video wireshark"
	else
		GLIST="ssh users"
	fi
	for i in $GLIST ; do
		CHECKGROUP=$(cat /etc/group | awk -F ':' '{print $1}' | grep -aE "^$i$")
		if [ "$CHECKGROUP" != "" ] ; then
			echo "$NEWUSERNAME -> $i"
			usermod -a -G $i $NEWUSERNAME
		fi
	done

	### Copy /etc/skel
	cp -a --remove-destination /etc/skel/* /etc/skel/.[!.]* /etc/skel/..?* /home/$NEWUSERNAME/
	#ls /home/ | grep -aiv 'lost+found' | while read i ; do cp -a --remove-destination /etc/skel/{,.[!.],..?}* /home/"$i"/ ; done
	if [ -e "/home/$NEWUSERNAME/.bashrcPICA" ] ; then cp -a --remove-destination /home/$NEWUSERNAME/.bashrcPICA /home/$NEWUSERNAME/.bashrc ; fi
	if [ -e "/home/$NEWUSERNAME/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml" ] ; then if [ "$SYSARC" = "amd64" ] || [ "$SYSARC" = "i386" ] || [ "$SYSARC" = "ia64" ] ; then sed -i -e '/presentation-mode/ s|false|true|g' -e '/dpms-enabled/ s|true|false|g' -e '/\("blank-on-ac"\|"dpms-on-ac-sleep"\|"dpms-on-ac-off"\)/ s|"[0-9]\+"|"0"|g' /home/$NEWUSERNAME/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml ; fi ; fi
	### Owners and permissions
	chown -R $(id -nu "$NEWUSERNAME"):$(id -ng "$NEWUSERNAME") /home/$NEWUSERNAME
	find /home/$NEWUSERNAME/ -type f | while read i ; do chmod 600 "$i" ; done
	find /home/$NEWUSERNAME/ -type d | while read i ; do chmod 700 "$i" ; done

	users_info

	# if CONFIRM:
	fi
	picamug_general
;;

$"Create a 'guest' user" )

	set_guestuser () {
	PRE_GUESTNAME=$($DIALOG $WICON $WTITLE $"Create a 'guest' user" $WRITE $WTEXT $"Please write a name for the 'guest' user.\n\n(Letters and/or numbers only, hyphens and underscores are allowed as separators, but not spaces or other symbols, maximum length 32 characters.)\n" $H $W)

	if [ "$?" -ne 0 ] ; then
		picamug_general
		return 1
	fi

	GUESTNAME=$(echo "$PRE_GUESTNAME" | sed 's| ||g')
	
	# Check username conflict
	CHECK_GUESTNAME=$(cat /etc/passwd /etc/group | awk -F ':' '{print $1}' | grep -aE "^$GUESTNAME$")
	if [ "$CHECK_GUESTNAME" != "" ] ; then
		REFUN=set_guestuser
		return_name ; return
	fi

	NC_GUESTNAME=$(printf "$GUESTNAME" | wc -m)
	if [ "$NC_GUESTNAME" -gt 32 ] ; then
		$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"The username has $NC_GUESTNAME characters and the maximum length is 32 characters.\n\nPlease select other username." $H $W
		set_guestuser ; return
	fi

	if [ "$GUESTNAME" = "" ] ; then
		REFUN=set_guestuser
		input_error ; return
	fi
	
	}

	set_guestuser || return 1

	set_uid () {

	unset FINALID
	for N in {2000..9999} ; do
		CHECK_ID=$(cat /etc/passwd /etc/group | awk -F ':' '{print $3}' | grep -aE "^$N$")
		if [ "$CHECK_ID" = "" ] ; then
			FINALID="$N"
			break
		fi
	done

	$DIALOG $WICON $WTITLE $"Create a 'guest' user" $QYN   $WTEXT $"Do you want $FINALID to be the guest user's UID? \n\nIt is recommended.\n" $H $W

	if [ "$?" -eq 1 ] ; then
	
		custom_uid () {
	
			PROP_UID=$($DIALOG $WICON $WTITLE $"Create a 'guest' user" $WRITE $WTEXT $"Please write the guest user's UID (usually a number between 1000 and 50000).\n" $H $W)
		
			if [ "$?" -ne 0 ] ; then
				picamug_general
				return 1
			fi
		
			if [ "$PROP_UID" = "" ] ; then
				REFUN=custom_uid
				input_error ; return
			fi
		
			# Check numeric validity
			CHECK_UID_VALIDITY=$(echo "$PROP_UID" | sed "s|[0-9]||g")
			if [ "$CHECK_UID_VALIDITY" != "" ] ; then
			$DIALOG $WICON $WTITLE $"Create a 'guest' user" $ERROR $WTEXT $"$PROP_UID includes non-numeric characters.\n" $H $W
			custom_uid ; return
			fi
		
			# Check availability
			CHECK_ID=$(cat /etc/passwd /etc/group | awk -F ':' '{print $3}' | grep -aE "^$PROP_UID$")
			if [ "$CHECK_ID" != "" ] ; then
			$DIALOG $WICON $WTITLE $"Create a 'guest' user" $ERROR $WTEXT $"$PROP_UID is already in use on the system.\n" $H $W
			custom_uid ; return
			else
			FINALID=$PROP_UID
			fi
			
			# Check numerical recommendability
			if [ "$PROP_UID" -lt 1000 ] ; then
			$DIALOG $WICON $WTITLE $"Create a 'guest' user" $WYN   $WTEXT $"Figures less than 1000 are reserved for operating system needs, so it is recommended not to continue.\n\nDo you want to continue?\n" $H $W
				if [ "$?" -ne 0 ] ; then
					custom_uid ; return 1
				fi
			fi
			
		}
	
		custom_uid || return 1
	
	fi

	}

	set_uid || return 1

	set_guestpass () {
	GUESTPASS=$($DIALOG $WICON $WTITLE $"Create a 'guest' user" $WRITE $WTEXT $"Please write a password for the 'guest' user.\n" $H $W)

		if [ "$?" -ne 0 ] ; then
			picamug_general
			return 1
		fi

		if [ "$GUESTPASS" = "" ] ; then
			REFUN=set_guestpass
			input_error ; return
		fi
	}

	set_guestpass || return 1

	$DIALOG $WICON $WTITLE $"Create a 'guest' user" $QYN   $WTEXT $"A 'guest' user with username '$GUESTNAME', UID '$FINALID' and password '$GUESTPASS' will be created if you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	groupadd -g $FINALID $GUESTNAME
	useradd -u $FINALID -g $FINALID -c "$GUESTNAME,,," -s $(command -v bash) -m $GUESTNAME
	printf "$GUESTPASS\n$GUESTPASS\n\n" | passwd $GUESTNAME

	# add to supplementary groups, checking first if they exist
	if [ "$(dpkg -l | grep -aEi "^ii|^hi" | awk '{print $2}' | sed "s|:.*||g" | grep -aEi "xserver-xorg|x11-session|x11-xserver|^cdm$|^console-tdm$|^edm$|^entrance$|^gdm$|^gdm3$|^kdm$|^kdm-trinity$|^lightdm$|^lxdm$|^ly$|^mdm$|^nodm$|^qingy$|^sddm$|^slim$|^tdm$|^tdm-trinity$|^wdm$|^xdm$")" != "" ] ; then
		GLIST="audio bluetooth cdrom cgroup cups dialout dip disk fax floppy fuse input kvm lp netdev plugdev powerdev pulse pulse-access pulse-rt qemu sambashare saned scanner ssh tape users vboxusers vlock video"
	else
		GLIST="ssh users"
	fi
	for i in $GLIST ; do
		CHECKGROUP=$(cat /etc/group | awk -F ':' '{print $1}' | grep -aE "^$i$")
		if [ "$CHECKGROUP" != "" ] ; then
			echo "$GUESTNAME -> $i"
			usermod -a -G $i $GUESTNAME
		fi
	done

	### Copy /etc/skel
	cp -a --remove-destination /etc/skel/* /etc/skel/.[!.]* /etc/skel/..?* /home/$GUESTNAME/
	#ls /home/ | grep -aiv 'lost+found' | while read i ; do cp -a --remove-destination /etc/skel/{,.[!.],..?}* /home/"$i"/ ; done
	if [ -e "/home/$GUESTNAME/.bashrcPICA" ] ; then cp -a --remove-destination /home/$GUESTNAME/.bashrcPICA /home/$GUESTNAME/.bashrc ; fi
	if [ -e "/home/$GUESTNAME/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml" ] ; then if [ "$SYSARC" = "amd64" ] || [ "$SYSARC" = "i386" ] || [ "$SYSARC" = "ia64" ] ; then sed -i -e '/presentation-mode/ s|false|true|g' -e '/dpms-enabled/ s|true|false|g' -e '/\("blank-on-ac"\|"dpms-on-ac-sleep"\|"dpms-on-ac-off"\)/ s|"[0-9]\+"|"0"|g' /home/$GUESTNAME/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-power-manager.xml ; fi ; fi
	### Owners and permissions
	chown -R $(id -nu "$GUESTNAME"):$(id -ng "$GUESTNAME") /home/$GUESTNAME
	find /home/$GUESTNAME/ -type f | while read i ; do chmod 666 "$i" ; done
	find /home/$GUESTNAME/ -type d | while read i ; do chmod 777 "$i" ; done
	find /home/$GUESTNAME/ -maxdepth 1 | grep -a bashrc | while read i ; do sed -i '/umask 007/ s|.*|umask 000|g' "$i" ; done

	users_info

	# if CONFIRM:
	fi
	picamug_general
;;

$"Delete a user (including the content of the personal folder/directory)" )

	select_one_user_noroot

	USERNAMES_ACTIVE_1=$(top -n 1 -b | awk '{print $2}' | sort -u | grep -aE "^$SELECTED_ONE_USER$")
	USERNAMES_ACTIVE_2=$(ps aux | awk '{print $1}' | sort -u | grep -aE "^$SELECTED_ONE_USER$")
	USERNAMES_ACTIVE_3=$(users | sed 's| |\n|g' | grep -aE "^$SELECTED_ONE_USER$")
	# don't delete active users.
	if [ "$USERNAMES_ACTIVE_1" != "" ] || [ "$USERNAMES_ACTIVE_2" != "" ] || [ "$USERNAMES_ACTIVE_3" != "" ] ; then
		$DIALOG $WICON $WTITLE $"Delete a user" $ERROR $WTEXT $"Active users cannot be deleted.\n" $H $W
	else
	
		$DIALOG $WICON $WTITLE $"Delete a user" $QYN   $WTEXT $"The user $SELECTED_ONE_USER will be deleted (including the content of the personal folder/directory) if you continue.\n\nDo you want to continue?\n" $H $W

		if [ "$?" -eq 0 ] ; then
	
		userdel -f -r $SELECTED_ONE_USER
		rm -rf /home/$SELECTED_ONE_USER
		groupdel $SELECTED_ONE_USER
	
		users_info
	
		# if CONFIRM:
		fi

	fi
	picamug_general
;;

$"Delete a user (but keep the content of the personal folder/directory)" )

	select_one_user_noroot

	USERNAMES_ACTIVE_1=$(top -n 1 -b | awk '{print $2}' | sort -u | grep -aE "^$SELECTED_ONE_USER$")
	USERNAMES_ACTIVE_2=$(ps aux | awk '{print $1}' | sort -u | grep -aE "^$SELECTED_ONE_USER$")
	USERNAMES_ACTIVE_3=$(users | sed 's| |\n|g' | grep -aE "^$SELECTED_ONE_USER$")
	# don't delete active users.
	if [ "$USERNAMES_ACTIVE_1" != "" ] || [ "$USERNAMES_ACTIVE_2" != "" ] || [ "$USERNAMES_ACTIVE_3" != "" ] ; then
		$DIALOG $WICON $WTITLE $"Delete a user" $ERROR $WTEXT $"Active users cannot be deleted.\n" $H $W
	else
	
		$DIALOG $WICON $WTITLE $"Delete a user" $QYN   $WTEXT $"The user $SELECTED_ONE_USER will be deleted (but the content of the personal folder/directory will be kept) if you continue.\n\nDo you want to continue?\n" $H $W

		if [ "$?" -eq 0 ] ; then
	
		userdel $SELECTED_ONE_USER
		groupdel $SELECTED_ONE_USER
	
		users_info
	
		# if CONFIRM:
		fi
	fi
	picamug_general
;;

$"Modify a user" )

	select_one_user_noroot

	USERNAMES_ACTIVE_1=$(top -n 1 -b | awk '{print $2}' | sort -u | grep -aE "^$SELECTED_ONE_USER$")
	USERNAMES_ACTIVE_2=$(ps aux | awk '{print $1}' | sort -u | grep -aE "^$SELECTED_ONE_USER$")
	USERNAMES_ACTIVE_3=$(users | sed 's| |\n|g' | grep -aE "^$SELECTED_ONE_USER$")
	# don't modify active users.
	if [ "$USERNAMES_ACTIVE_1" != "" ] || [ "$USERNAMES_ACTIVE_2" != "" ] || [ "$USERNAMES_ACTIVE_3" != "" ] ; then
		$DIALOG $WICON $WTITLE $"Modify a user" $ERROR $WTEXT $"Active users cannot be modified.\n" $H $W
	else
	
	set_username () {
	PRE_NEWUSERNAME=$($DIALOG $WICON $WTITLE $"Modify a user" $WRITE $WTEXT $"Please write the new username.\n\n(Letters and/or numbers only, hyphens and underscores are allowed as separators, but not spaces or other symbols, maximum length 32 characters.)\n" $H $W)

	if [ "$?" -ne 0 ] ; then
		picamug_general
		return 1
	fi

	NEWUSERNAME=$(echo "$PRE_NEWUSERNAME" | sed 's| ||g')

	# Check username conflict
	CHECK_NEWUSERNAME=$(cat /etc/passwd /etc/group | awk -F ':' '{print $1}' | grep -aE "^$NEWUSERNAME$")
	if [ "$CHECK_NEWUSERNAME" != "" ] ; then
		REFUN=set_username
		return_name ; return
	fi
	
	NC_NEWUSERNAME=$(printf "$NEWUSERNAME" | wc -m)
	if [ "$NC_NEWUSERNAME" -gt 32 ] ; then
		$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"The username has $NC_NEWUSERNAME characters and the maximum length is 32 characters.\n\nPlease select other username." $H $W
		set_username ; return
	fi

	if [ "$NEWUSERNAME" = "" ] ; then
		REFUN=set_username
		input_error ; return
	fi
	
	}

	set_username || return 1

	set_userfullname () {
	NEWUSERREALNAME=$($DIALOG $WICON $WTITLE $"Modify a user" $WRITE $WTEXT $"Please write the new full name (you can use the same as before).\n\n(Spaces are allowed.)\n" $H $W $PREWRITE "$NEWUSERNAME")

		if [ "$?" -ne 0 ] ; then
			picamug_general
			return 1
		fi

		if [ "$NEWUSERREALNAME" = "" ] ; then
			REFUN=set_userfullname
			input_error ; return
		fi
	}

	set_userfullname || return 1

	set_userpass () {
	NEWUSERPASS=$($DIALOG $WICON $WTITLE $"Modify a user" $WRITE $WTEXT $"Please write the new password.\n" $H $W)

		if [ "$?" -ne 0 ] ; then
			picamug_general
			return 1
		fi

		if [ "$NEWUSERPASS" = "" ] ; then
			REFUN=set_userpass
			input_error ; return
		fi
	}

	set_userpass || return 1

	$DIALOG $WICON $WTITLE $"Modify a user" $QYN   $WTEXT $"'$SELECTED_ONE_USER' will be modified with the new username '$NEWUSERNAME', the new full name '$NEWUSERREALNAME' and the new password '$NEWUSERPASS' if you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	groupmod -n $NEWUSERNAME $SELECTED_ONE_USER
	usermod -l $NEWUSERNAME -m -d /home/$NEWUSERNAME $SELECTED_ONE_USER
	chfn -f "$NEWUSERREALNAME" $NEWUSERNAME
	printf "$NEWUSERPASS\n$NEWUSERPASS\n\n" | passwd $NEWUSERNAME

	users_info

	# if CONFIRM:
	fi

	fi # active users
	picamug_general
;;

$"Change a user password" )

	select_one_user_wroot

	set_userpass () {
	NEWUSERPASS=$($DIALOG $WICON $WTITLE $"Change a user password" $WRITE $WTEXT $"Please write a new password for the user $SELECTED_ONE_USER.\n" $H $W)

		if [ "$?" -ne 0 ] ; then
			picamug_general
			return 1
		fi

		if [ "$NEWUSERPASS" = "" ] ; then
			REFUN=set_userpass
			input_error ; return
		fi
	}

	set_userpass || return 1

	$DIALOG $WICON $WTITLE $"Change a user password" $QYN   $WTEXT $"$SELECTED_ONE_USER's password will be changed to $NEWUSERPASS if you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	printf "$NEWUSERPASS\n$NEWUSERPASS\n\n" | passwd $SELECTED_ONE_USER

	# if CONFIRM:
	fi
	picamug_general
;;

$"View groups list" )
	groups_list
	picamug_general
;;

$"Create a new group" )

	set_groupname () {
	PRE_NEWGROUPNAME=$($DIALOG $WICON $WTITLE $"Create a new group" $WRITE $WTEXT $"Please write the new group name.\n\n(Letters and/or numbers only, hyphens and underscores are allowed as separators, but not spaces or other symbols, maximum length 32 characters.)\n" $H $W)

	if [ "$?" -ne 0 ] ; then
		picamug_general
		return 1
	fi

	NEWGROUPNAME=$(echo "$PRE_NEWGROUPNAME" | sed 's| ||g')

	# Check groupname conflict
	CHECK_NEWGROUPNAME=$(cat /etc/passwd /etc/group | awk -F ':' '{print $1}' | grep -aE "^$NEWGROUPNAME$")
	if [ "$CHECK_NEWGROUPNAME" != "" ] ; then
		REFUN=set_groupname
		return_name ; return
	fi

	NC_NEWGROUPNAME=$(printf "$NEWGROUPNAME" | wc -m)
	if [ "$NC_NEWGROUPNAME" -gt 32 ] ; then
		$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"The group name has $NC_NEWGROUPNAME characters and the maximum length is 32 characters.\n\nPlease select other group name." $H $W
		set_groupname ; return
	fi

	if [ "$NEWGROUPNAME" = "" ] ; then
		REFUN=set_groupname
		input_error ; return
	fi
	
	}

	set_groupname || return 1

	set_gid () {

	unset FINALID
	for N in {3000..9999} ; do
		CHECK_ID=$(cat /etc/passwd /etc/group | awk -F ':' '{print $3}' | grep -aE "^$N$")
		if [ "$CHECK_ID" = "" ] ; then
			FINALID="$N"
			break
		fi
	done

	$DIALOG $WICON $WTITLE $"Create a new group" $QYN   $WTEXT $"Do you want $FINALID to be the GID of the new group? \n\nIt is recommended.\n" $H $W

	if [ "$?" -eq 1 ] ; then
	
		custom_gid () {
	
			PROP_GID=$($DIALOG $WICON $WTITLE $"Create a new group" $WRITE $WTEXT $"Please write the GID of the new group (usually a number between 1000 and 9999).\n" $H $W)
		
			if [ "$?" -ne 0 ] ; then
				picamug_general
				return 1
			fi
		
			if [ "$PROP_GID" = "" ] ; then
				REFUN=custom_gid
				input_error ; return
			fi
		
			# Check numeric validity
			CHECK_GID_VALIDITY=$(echo "$PROP_GID" | sed "s|[0-9]||g")
			if [ "$CHECK_GID_VALIDITY" != "" ] ; then
			$DIALOG $WICON $WTITLE $"Create a new group" $ERROR $WTEXT $"$PROP_GID includes non-numeric characters.\n" $H $W
			custom_gid ; return
			fi
		
			# Check availability
			CHECK_ID=$(cat /etc/passwd /etc/group | awk -F ':' '{print $3}' | grep -aE "^$PROP_GID$")
			if [ "$CHECK_ID" != "" ] ; then
			$DIALOG $WICON $WTITLE $"Create a new group" $ERROR $WTEXT $"$PROP_GID is already in use on the system.\n" $H $W
			custom_gid ; return
			else
			FINALID=$PROP_GID
			fi
			
			# Check numerical recommendability
			if [ "$PROP_GID" -lt 1000 ] ; then
			$DIALOG $WICON $WTITLE $"Create a new group" $WYN   $WTEXT $"Figures less than 1000 are reserved for operating system needs, so it is recommended not to continue.\n\nDo you want to continue?\n" $H $W
				if [ "$?" -ne 0 ] ; then
					custom_gid ; return 1
				fi
			fi
			
		}
	
		custom_gid || return 1
	
	fi

	}

	set_gid || return 1


	$DIALOG $WICON $WTITLE $"Create a new group" $QYN   $WTEXT $"A new group with name '$NEWGROUPNAME' and GID '$FINALID' will be created if you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	groupadd -g $FINALID $NEWGROUPNAME

	groups_list

	# if CONFIRM:
	fi
	picamug_general
;;

$"Delete a group" )

	select_one_group_nosys

	CHECK_PRIMARY_GROUP_1=$(cat /etc/passwd | awk -F ':' '{print $1}' | grep -aE "^$SELECTED_ONE_GROUP$")
	CHECK_PRIMARY_GROUP_2=$(cat /etc/passwd | awk -F ':' '{print $4}' | grep -a $(cat /etc/group | grep -aE "^$SELECTED_ONE_GROUP": | awk -F ':' '{print $3}'))
	# don't delete primary group if the user exists
	if [ "$CHECK_PRIMARY_GROUP_1" != "" ] || [ "$CHECK_PRIMARY_GROUP_2" != "" ] ; then
		$DIALOG $WICON $WTITLE $"Delete a group" $ERROR $WTEXT $"Users' primary groups cannot be deleted.\n" $H $W
	else
	
		$DIALOG $WICON $WTITLE $"Delete a group" $QYN   $WTEXT $"The group $SELECTED_ONE_GROUP will be deleted if you continue.\n\nDo you want to continue?\n" $H $W

		if [ "$?" -eq 0 ] ; then
	
		groupdel $SELECTED_ONE_GROUP
	
		groups_list
	
		# if CONFIRM:
		fi
	fi
	picamug_general
;;

$"Modify a group" )

	select_one_group_nosys

	CHECK_PRIMARY_GROUP_1=$(cat /etc/passwd | awk -F ':' '{print $1}' | grep -aE "^$SELECTED_ONE_GROUP$")
	CHECK_PRIMARY_GROUP_2=$(cat /etc/passwd | awk -F ':' '{print $4}' | grep -a $(cat /etc/group | grep -aE "^$SELECTED_ONE_GROUP": | awk -F ':' '{print $3}'))
	# don't modify primary group if the user exists
	if [ "$CHECK_PRIMARY_GROUP_1" != "" ] || [ "$CHECK_PRIMARY_GROUP_2" != "" ] ; then
		$DIALOG $WICON $WTITLE $"Modify a group" $ERROR $WTEXT $"Users' primary groups cannot be modified in this way (it must be done by modifying the user).\n" $H $W
	else
	
	set_groupname () {
	PRE_NEWGROUPNAME=$($DIALOG $WICON $WTITLE $"Modify a group" $WRITE $WTEXT $"Please write the new group name.\n\n(Letters and/or numbers only, hyphens and underscores are allowed as separators, but not spaces or other symbols, maximum length 32 characters.)\n" $H $W)

	if [ "$?" -ne 0 ] ; then
		picamug_general
		return 1
	fi

	NEWGROUPNAME=$(echo "$PRE_NEWGROUPNAME" | sed 's| ||g')

	# Check groupname conflict
	CHECK_NEWGROUPNAME=$(cat /etc/passwd /etc/group | awk -F ':' '{print $1}' | grep -aE "^$NEWGROUPNAME$")
	if [ "$CHECK_NEWGROUPNAME" != "" ] ; then
		REFUN=set_groupname
		return_name ; return
	fi

	NC_NEWGROUPNAME=$(printf "$NEWGROUPNAME" | wc -m)
	if [ "$NC_NEWGROUPNAME" -gt 32 ] ; then
		$DIALOG $WICON $WTITLE "$TITLE" $ERROR $WTEXT $"The group name has $NC_NEWGROUPNAME characters and the maximum length is 32 characters.\n\nPlease select other group name." $H $W
		set_groupname ; return
	fi

	if [ "$NEWGROUPNAME" = "" ] ; then
		REFUN=set_groupname
		input_error ; return
	fi
	
	}

	set_groupname || return 1

	$DIALOG $WICON $WTITLE $"Modify a group" $QYN   $WTEXT $"The group $SELECTED_ONE_GROUP will be changed to $NEWGROUPNAME if you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	groupmod -n $NEWGROUPNAME $SELECTED_ONE_GROUP

	groups_list

	# if CONFIRM:
	fi

	fi # primary group
	picamug_general
;;

$"Include one or more users in the default groups" )

	select_some_users
	
	$DIALOG $WICON $WTITLE $"Include one or more users in the default groups" $QYN   $WTEXT $"The user(s):\n$SELECTED_SOME_USERS\nwill be included in the default groups if you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	for seluser in $SELECTED_SOME_USERS
	do
		if [ "$(dpkg -l | grep -aEi "^ii|^hi" | awk '{print $2}' | sed "s|:.*||g" | grep -aEi "xserver-xorg|x11-session|x11-xserver|^cdm$|^console-tdm$|^edm$|^entrance$|^gdm$|^gdm3$|^kdm$|^kdm-trinity$|^lightdm$|^lxdm$|^ly$|^mdm$|^nodm$|^qingy$|^sddm$|^slim$|^tdm$|^tdm-trinity$|^wdm$|^xdm$")" != "" ] ; then
			GLIST="adm admin audio bluetooth cdrom cgroup crontab cups cupsadmin dialout dip disk fax floppy fuse input kvm lp lpadmin netdev plugdev powerdev pulse pulse-access pulse-rt qemu sambashare saned scanner ssh tape users vboxusers vlock video wireshark"
		else
			GLIST="ssh users"
		fi
		for selgroup in $GLIST ; do
			CHECKGROUP=$(cat /etc/group | awk -F ':' '{print $1}' | grep -aE "^$selgroup$")
			if [ "$CHECKGROUP" != "" ] ; then
				echo "$seluser -> $selgroup"
				usermod -a -G $selgroup $seluser
			fi
		done
	done
	users_info
	# if CONFIRM:
	fi
	picamug_general
;;

$"Include one or more users in one or more groups" )

	select_some_users
	select_some_groups
	
	$DIALOG $WICON $WTITLE $"Include one or more users in one or more groups" $QYN   $WTEXT $"The user(s):\n$SELECTED_SOME_USERS\nwill be included in the group(s):\n$SELECTED_SOME_GROUPS\nif you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	for seluser in $SELECTED_SOME_USERS
	do
		for selgroup in $SELECTED_SOME_GROUPS
		do
			echo "$seluser -> $selgroup"
			usermod -a -G $selgroup $seluser
		done
	done
	users_info
	# if CONFIRM:
	fi
	picamug_general
;;

$"Exclude one or more users from one or more groups" )

	select_some_users
	select_some_groups
	
	$DIALOG $WICON $WTITLE $"Exclude one or more users from one or more groups" $QYN   $WTEXT $"The user(s):\n$SELECTED_SOME_USERS\nwill be excluded from the group(s):\n$SELECTED_SOME_GROUPS\nif you continue.\n\nDo you want to continue?\n" $H $W

	if [ "$?" -eq 0 ] ; then

	for seluser in $SELECTED_SOME_USERS
	do
		for selgroup in $SELECTED_SOME_GROUPS
		do
			echo "$seluser -//-> $selgroup"
			gpasswd -d $seluser $selgroup
			#deluser $seluser $selgroup
		done
	done
	users_info
	# if CONFIRM:
	fi
	picamug_general
;;

* )
	echo "OPT=$OPT"
	check_exit
;;

esac

}

picamug_general


### END ########################################

#$DIALOG $WICON $WTITLE "$TITLE" $INFO  $WTEXT $"$TITLE finished.\n\nThank you very much for using PicaLibre. Visit the website www.picalibre.org for more information.\n" $H $W

clean

exit 0
