diff --git a/add_new_user.sh b/add_new_user.sh index 9e527ef..16163ab 100755 --- a/add_new_user.sh +++ b/add_new_user.sh @@ -97,7 +97,7 @@ if $password_needed ; then # - webadmin # - - if [[ "$user_name" = 'sysadm' ]]; then + if [[ "$user_name" = 'webadmin' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$P1UvKv/0\\\$0hWHiUXQTrNl5SFf52iAY1qDYsJFhjHaVC6F6BuvazcNXkzjAcnuX5PMml5DLh4tyFpqVdPpCyAyd92YypNbu/:\2#" /etc/shadow # - sysadm @@ -135,6 +135,12 @@ if $password_needed ; then elif [[ "$user_name" = 'chris' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$RWYCSssQ\\\$mtcJJELuc3.onwAhyVk4zdFLGaKw.XNfpM/mEZEJfZIyZZwUApwgoMcWkly7dwv0X4FpJVQ.oxJNnitHp7Ar70:\2#" /etc/shadow + + # - wadmin + # - + elif [[ "$user_name" = 'wadmin' ]]; then + perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$vaVNOPYp\\\$RbV6/phKDZRSa4TQGlJVOF/HQqyxAK7BeQmir8Kr8pwy7ATlHGvcPzJkuldNNp4O4t2q3EJRW2uVpjsng4ZhH1:\2#" /etc/shadow + # - root # - elif [[ "$user_name" = 'root' ]]; then @@ -220,7 +226,7 @@ fi chmod 700 ${home_dir}/.ssh chown -R ${user_name}:${user_name} ${home_dir}/.ssh -if [[ "$user_name" = 'sysadm' ]] || [[ "$user_name" = 'chris' ]] ; then +if [[ "$user_name" = 'sysadm' ]] || [[ "$user_name" = 'chris' ]] || [[ "$user_name" = 'wadmin' ]] ; then usermod -a -G sudo ${user_name} fi #ls -al ${home_dir}/.ssh diff --git a/conf/set_permissions.conf.sample b/conf/set_permissions.conf.sample new file mode 100644 index 0000000..e55dd71 --- /dev/null +++ b/conf/set_permissions.conf.sample @@ -0,0 +1,17 @@ +# --------------------------------------------- +# - Settings for script set_permissions.sh +# --------------------------------------------- + +# - dir_permissions +# - +# - Recursive set Permissions (group and file- and directory-mode) +# - +# - Multiple options are possible. Use semicolon separated list. +# - +# - Usage: +# - dir_permissions=":::;[:::];[.." +# - +# - Example: +# - dir_permissions="/data/samba/transfer:buero:664:2775;/data/samba/verwaltung:intern:660:2770" +# - +#dir_permissions="" diff --git a/set_directory_permissions.sh b/set_directory_permissions.sh index 13e5c6b..6c50040 100755 --- a/set_directory_permissions.sh +++ b/set_directory_permissions.sh @@ -1,5 +1,6 @@ #!/usr/bin/env bash +script_name="$(basename $(realpath $0))" working_dir="$(dirname $(realpath $0))" conf_file="${working_dir}/conf/set_directory_permissions.conf" @@ -107,6 +108,8 @@ else fi +warn "Script '$script_name' is deprecated. Use 'set_permissions.sh' instead." + # ------------- # - Read Configurations from $conf_file # ------------- diff --git a/set_permissions.sh b/set_permissions.sh new file mode 100755 index 0000000..98f23e6 --- /dev/null +++ b/set_permissions.sh @@ -0,0 +1,222 @@ +#!/usr/bin/env bash + +# --- +# - Replaces script set_directory_permissions.sh +# --- + +script_name="$(basename $(realpath $0))" +working_dir="$(dirname $(realpath $0))" + +conf_file="${working_dir}/conf/${script_name%%.*}.conf" + +LOCK_DIR="/tmp/set_directory_permissions.LOCK" + + +# ------------- +# - Some functions +# ------------- + +clean_up() { + + # Perform program exit housekeeping + rm -rf "$LOCK_DIR" + exit $1 +} + +echononl(){ + if $terminal ; then + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n "$*\\c" 1>&2 + else + echo -e -n "$*" 1>&2 + fi + rm /tmp/shprompt$$ + fi +} + +fatal(){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mFatal\033[m ]: $*" + echo "" + echo -e " \033[31m\033[1mScript was terminated\033[m!" + else + echo " [ Fatal ]: $*" + echo "" + echo " Script was terminated...." + fi + echo "" + clean_up 1 +} + +error (){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mError\033[m ]: $*" + else + echo "[ Error ]: $*" + fi + echo "" +} + +warn (){ + echo "" + if $terminal ; then + echo -e " [ \033[33m\033[1mWarning\033[m ]: $*" + else + echo "[ Warning ]: $*" + fi + echo "" +} +info (){ + + if $terminal ; then + echo "" + echo -e " [ \033[32m\033[1mInfo\033[m ]: $*" + echo "" + fi +} + +echo_done() { + if $terminal ; then + echo -e "\033[75G[ \033[32mdone\033[m ]" + fi +} +echo_failed(){ + if $terminal && $LOGGING ; then + echo -e "\033[75G[ \033[1;31mfailed\033[m ]" + fi +} +echo_skipped() { + if $terminal && $LOGGING ; then + echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]" + fi +} + +trim() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + echo -n "$var" +} + + +# ------------- +# - Running in a terminal? +# ------------- + +if [[ -t 1 ]] ; then + terminal=true +else + terminal=false +fi + + +# ------------- +# - Read Configurations from $conf_file +# ------------- + +if [[ ! -f "$conf_file" ]]; then + fatal " Configuration file '$(basename ${conf_file})' not found!" +else + source "$conf_file" +fi + +[[ -z "$(trim $dir_permissions)" ]] && fatal "No directory given!" + + +# ------------- +# - Job is already running? +# ------------- + +# - If job already runs, stop execution.. +# - +if mkdir "$LOCK_DIR" 2> /dev/null ; then + + ## - Remove lockdir when the script finishes, or when it receives a signal + trap clean_up SIGHUP SIGINT SIGTERM + +else + + datum="$(date +"%d.%m.%Y %H:%M")" + + msg=" [ Error ]: A previos instance of '$(basename $0)' seems already be running.\n\n Exiting now.." + + error "A previos instance of the script '$(basename $0)' seems already be running." + + exit 1 + +fi + +IFS=';' +for _dir_perm in $dir_permissions ; do + + # - Allow parameter setting like: + # - + # - dir_permissions=" + # - :::; + # - ::: + # - " + # - + _dir_perm="$(trim $_dir_perm)" + [[ -z "$_dir_perm" ]] && continue + + IFS=':' read -a _dir_perm_arr <<< "${_dir_perm}" + + base_dir="${_dir_perm_arr[0]}" + if [[ -z "$(trim "$base_dir")" ]]; then + error "Directory not given!" + continue + fi + if [[ ! -d "$base_dir" ]]; then + error "Cannot find directory '$base_dir'" + continue + fi + + group="${_dir_perm_arr[1]}" + if [[ -z "$(trim "$group")" ]]; then + error "Group not given!" + continue + fi + if ! $(getent group | grep -i -E -q "^${group}:") ; then + error "Group '$group' does not exist!" + fi + + file_perm="${_dir_perm_arr[2]}" + if [[ -z "$(trim "$file_perm")" ]]; then + error "File permissions not given!" + continue + fi + + dir_perm="${_dir_perm_arr[3]}" + if [[ -z "$(trim "$dir_perm")" ]]; then + error "Directory permissions not given!" + continue + fi + + info "Set Permisions on \033[1m${base_dir}\033[m: Group:\033[1m${group}\033[m Perimissions: \033[1m${dir_perm}/${file_perm}\033[m .." + + chmod $dir_perm $base_dir + chgrp $group $base_dir + + while IFS='' read -r -d '' filename ; do + + [[ -f "$filename" ]] && ( chmod $file_perm "$filename"; chgrp $group "$filename") + [[ ! -d "$filename" ]] && continue + + [[ "$filename" =~ .Trash ]] && continue + [[ "$filename" = "lost+found" ]] && continue + + chmod $dir_perm "$filename" ; chgrp $group "$filename" + + find "$filename" ! -group $group -exec chgrp -R $group {} \; + find "$filename" -type d ! -perm $dir_perm -exec chmod -R $dir_perm {} \; + find "$filename" -type f ! -perm $file_perm -exec chmod -R $file_perm {} \; + + + done < <(find $base_dir -mindepth 1 -maxdepth 1 -print0) + +done + +clean_up 0 diff --git a/supported-files/user_templates/wadmin/.ssh/authorized_keys2 b/supported-files/user_templates/wadmin/.ssh/authorized_keys2 new file mode 100644 index 0000000..66cea2e --- /dev/null +++ b/supported-files/user_templates/wadmin/.ssh/authorized_keys2 @@ -0,0 +1,7 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCyWbdnjnN/xfy1F6kPbsRXp8zvJEh8uHfTZuZKyaRV/iRuhsvqRiDB+AhUAlIaPwgQ8itaI6t5hijD+sZf+2oXXbNy3hkOHTrCDKCoVAWfMRKPuA1m8RqS4ZXXgayaeCzVnPEq6UrC5z0wO/XBwAktT37RRSQ/Hq2zCHy36NQEQYrhF3+ytX7ayb10pJAMVGRctYmr5YnLEVMSIREbPxZTNc80H1zqNPVJwYZhl8Ox61U4MoNhJmJwbKWPRPZsJpbTh9W2EU37tdwRBVQP6yxhua3TR6C7JnNPVY0IK23BYlNtQEDY4PHcIuewkamEWpP0+jhEjtwy1TqjRPdU/y+2uQjC6FSOVMsSPxgd8mw4cSsfp+Ard7P+YOevUXD81+jFZ3Wz0PRXbWMWAm2OCe7n8jVvkXMz+KxSYtrsvKNw1WugJq1z//bJNMTK6ISWpqaXDevGYQRJJ8dPbMmbey40WpS5CA/l29P7fj/cOl59w3LZGshrMOm7lVz9qysVV0ylfE3OpfKCGitkpY0Asw4lSkuLHoNZnDo6I5/ulRuKi6gsLk27LO5LYS8Zm1VOis/qHk1Gg1+QY47C4RzdTUxlU1CGesPIiQ1uUX2Z4bD7ebTrrOuEFcmNs3Wu5nif21Qq0ELEWhWby6ChFrbFHPn+hWlDwNM0Nr11ftwg0+sqVw== root@luna +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC5IhVprsvVOcFPbZzD9xR0nCjZ/9qVG6RhLJ7QBSts81nRvLwnmvcMBHSf5Rfaigey7Ff5dLHfJnxRE0KDATn6n2yd/5mXpn2GAA8hDVfhdsmsb5U7bROjZNr8MmIUrP7c3msUGx1FtvzhwxtyvIWOFQpWx+W5biBa6hFjIxT1pkUJqe6fclp7xbGYKZiqZRBS4qKG5CpKnisuOYDsqYPND+OkU+PShoxGVzp1JywIVze7qeKv6GyYbRA9SP9Np+5Mit6B21Io4zOI81c2Rz6sPX7mwEAQEs7iCm2hzG8qJws45Lb4ERqDkVEVhGNUyHjHgGebS1sZx1mLExdurXlPm1l/EamkncDFDCutHXtLP7lsFFiym7fKUjSEgiiLmyu5Xm+mwZvesKa1FYNaeiFWfYZpCJrNzIk+ffs+mgg3kmL4Sd4Ooy7jXPX+WJe5Xyh1KLU/+Wj2TVrhN+LbmupYAti/Wgd3DA1v601svmG82aLmyJRtKC0rGMePH3kDbtqU72kYpzI8mXERe1TIQ00Z77kQBR/7BF/9y5/0YmYDcXt1wNCoSie+mzz3xYcEdLAc7T+DhYpd4M6VgWnuz/exzRzhQwoSdEKkEED8CpEoBrEWEiMdrlElGmlkVomLU7P9i9j1rshX/pAq0asnqeSoPdC3vNbU3keiJQnhIHECvw== chris@luna +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqy6ddUTgh5gbIBbu6WkO5Rm6wje1N+fEOmdNzBlfzpGngj0+94ONpR/dZyIECGFexz5ofizo8XdlGKMR97e9PLXrQXQ6CFO8+vFAwMx8Cs/T0Rx8B5tNl7UWiQ5bDmXPFForuDw7hJetWC5p0yK6+FHqhLDuYQ7qu/fQWneCiZDePmaLtxOaME6AAGJqwn+cqaRvfs0ZN1XRSH4KMk/S8re/+8txOB+uUIeTUkhz5LICcbeTdAWZdnGiNqudmKDGTOV4PZOmxqjtwK+aofqE/ua+x+08C58+Am0yClT0WFup/UmChnf50URApvnXwiJOmW3g+7k5tPRmEMnNglovksTurbKpKdTMVaTfwbVUe03//+/bI92PTH3fSIlmDpXAiolZ22WiGro6LVrx0e9E8a9b4MWOSYLUm19r7pL1gGagBNZcRssp2/9b2T/13SQ8qcFSpA1+B2C8jYgPUW2pxck5S+AK8KZ+nBDWmb44B8xecsmgu61jUTwLMsgjKck85IsVXlYWjHmfros9ni5Hj/0x+poqXB+g5Plww9Ua7iLhFOrz/zBOnUjcoC/dj3scJ9gFAcOV946lYdSQLUlc05mBSzejBbzN05UCSHX7MIcs8XcDFpLvPSzMyqscaS8CSRwbDFRScz6ArFTU9BJp8dYhbhHg6qufqwOy0KS9lPw== wadmin@wolf-x1 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCUKGOmy5G56p/QlxQXUiHY7Q+Z//d0krczl+rcJhQrnbKcA6jpT2X9Al3Yrnvp5liz9DeliTCulZuI5xccC5kVSJqCXhN68ybBJhazBExVihLQkGxHrnnLl7n35EX1cmCN9H2p5HsxxFIJ1YfwK1/JmiuIK6BlnYtuns6iSg4bs1BqgL7x1T1ZeghX/us47L9DNmqLuZAaZUXGANo5X1x1vrQL9iMS7J8U1ljvk4PoxxVl3yWNkA16REFWnU8FrEUAEs5ReS5mXFFcKA8eBCpDs2aweaMxORjgct7wvzoT11VqW9Fgt8yRfRHEEi44T4YqjiPd0jeymdkBpnaGEX7W71M0Ifemcob9tPfRcvm36gVV2cACpwtLy+hslVEn7KvRdLTctGXTOzG95mBvZlggKeKwtsgc9OyxRxHb5DBKDE+2cvcM+LNbEpdCl/2Z03jZJbjl7hqt9O1mt4Fdwe+Cntq0g/NjrVN7envWL0M+5A8dh1QwPyGuk+pDqqbCZBFrT+SxsTLzgxXbmLA1LMZgFoszHsXBXhJvnsXF/SrQa+fw/U4uoIAoVmQ8Rh+qBAc7Ca4iENfcZHvB6OQ5WZXEiNQYxSGRSjvdQc8voXBuQBJwPTCScly3a7hpLqC5Qx70wKtRp4jvCVDb2sZiKOR8d/3ljmAPgYycH7DYUubMQ== wolle@wolf-mint +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDSwqi8XhpwFWjtxC99MyGbt6E41C92Tv3ZVZPZ5eFNuyGY+RzTAF3PYymBWOPcM6cPQYihNLzjWEGOJccA2qac4Vu0sPQKu2njuiydN7vfHUZ9lvQuita7/uuwCRYDbHyVF5mSeqEKC5bOMIyanMpYghkH975Uzm2LSGtgT8u3/wEfizt3WpthCcAfVO8kU7wiMoikJcW249kBUGJxIqKrs8zJZC+6/OmnRmkgc9JlNvBTdGi9zhCSLJ7pEbuOjFMmjFTHpDRYHR6XhYsfImAPM4N3GOfRn9Cx/jTEV9sO7IoFRXwMgE1obuEntCzWAfUQJC/8HGS7sGUVHUfE3loz wadmin@ga13wks03 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDU3CKlzfIIz78Yg9YBX/F0a3v1ku+VsAOxrFilpN8oRYOqLmwM02yUGIkyBuKha4PyiRqUjlwzKtG9IMs86IxHYJ/08Ky8BA0DSdep+7lxJkF4NDu11G7mfPlbyKwsM+m7uLqUklpZPc7AZ8MG6yUvNINJZ9LAvI5kivnJvornNHuXNSL/lCHKPvQmSrzOPoG/E0OitFYz/HIxAFYWaxaBeA/ucP/P4ClV5ti21Raux8U7U+vQnm4WUeVkeAFssBF/IRp+8GdWQETKgLd5skiDpTCZezQkjVjHtCIqMFDJzzGNGxr4XUEs0b944HdWo+oQgNtITVPi9JGCgr/syoEVWPJ/tYMfBtI8P+y4TKA814vJy6DG3ljNecg06vpLFTC7TyZbpekTfap+CXVWfX8sz88sn5Vz8XBNqK2jFNC8K8jRB5QOEj5HjkmCqUKhUWKU5YN8MqHDEIE6z9FBEUF0xTcSHkvWvc/qO9y7lfDUeSHxfp3N0mT1Mf99+1ZExsuObOsC3IEg8q7E1H/Ot2AQp8h0jLDXGnu/X+Bzra1+tYQ1m60L1Yevv2wRfIh9orjpnh9h6Vb9pQ5cklchJJepWMET9sYRBzbEjI9S2uiG26DAfDakrrZCeymmFmU5SGoRl1VCmqPRIcF/Kd59tVE8ezKcovwtQfSAZkn7+2PfQw== wadmin@ga-st-lsx1 +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDURB9apq7KnPEAMEmCw02nzW6PeZe/Ve4K8RX0RpJEaDI7iwD82k6p7f8Vsl1xBJ8jfIwWEtxkg/P98m1UVoGuB/gVSLAUQrPInGv9EXRpyuy++daC6nKMtWSmLdSVVb5aaUzkloNiwbi+kz0xKjAIs3407VKuaGXLvi0xk5DO64QC34ZWYi2BvkWqEbmxK9yfCRKuP8zkeQO3kZKb2g3DzkXmZZKC0ueuUMvLjevrPAV4KVEwYTBwQgXMQIwP2omKQ/X1LJRJ6prq6DjOGBPddCOeCf+bJgmrk6t+ZmMpSGaUjt7TInyaVrs4vki9jBXJtk8YFNcOE5UVHB8RwjO3W7LG5S1IWg7Aj31OgxLXakr8tFJfCyK36nhRtxqFN62++0iXc0GVPLq8vRZN43QfoNwKGyQBCZVLC67XZ4gBDiZ0nHzqpBjnnO5zGhmv8hYIoGBSPpc433rliK2G8RGLzuQBo+gAmvNyNc9AfD2+v0Ucj7Y1w5uiH/N1IpKz9FQlL4+XGO59vRtrdYUdflTnlBiSF5vh4aL5P3kJPhUtupJ9/Qme6SAfvifwh1zH037wzo1zL+px6b6nLkUemD8gChCqOddJWwqjAbo5ILXJlUbhoIwtDM8ZYo28+/geEkEuD6CJLixqeLs1MgBidwX6W/RrTYU615gGXppcGFomOw== wadmin@ga-st-lsx1