#!/usr/bin/env bash script_name="$(basename $(realpath $0))" working_dir="$(dirname $(realpath $0))" conf_file="${working_dir}/conf/${script_name%%.*}.conf" LOG_DIR="$HOME/${script_name%%.*}" log_file="${LOG_DIR}/${script_name%%.*}.$(date +%Y-%m-%d-%H%M).log" log_file_error="${LOG_DIR}/${script_name%%.*}.$(date +%Y-%m-%d-%H%M).err" # ---------- # Default values # ---------- # - shadow_file # - # - Usually a copy of '/etc/shadow' from old system # - DEFAULT_shadow_file="/root/old_system/shadow" # - user_passwd_file # - # - A file each line containing ' ' # - # - foo passwd_foo # - bar passwd_bar # - ... # - DEFAULT_user_passwd_file="/root/old_system/user_passwd.txt" # ---------- # Base Function(s) # ---------- clean_up() { # Perform program exit housekeeping blank_line exit $1 } echononl(){ if $terminal ; then echo X\\c > /tmp/shprompt$$ if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then echo -e -n " $*\\c" 1>&2 else echo -e -n " $*" 1>&2 fi rm /tmp/shprompt$$ fi } fatal(){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mFatal\033[m ] $*" else echo -e " [ Fatal ] $*" fi echo "" if $terminal ; then echo -e " \033[1mScript terminated\033[m.." else echo -e " Script terminated.." fi echo "" exit 1 } error (){ echo "" if $terminal ; then echo -e " [ \033[31m\033[1mError\033[m ] $*" else echo " [ Error ] $*" fi echo "" } warn (){ if $LOGGING || $terminal ; then echo "" if $terminal ; then echo -e " [ \033[33m\033[1mWarn\033[m ] $*" else echo " [ Warn ] $*" fi echo "" fi } info (){ if $LOGGING || $terminal ; then echo "" if $terminal ; then echo -e " [ \033[32m\033[1mInfo\033[m ] $*" else echo " [ Info ] $*" fi echo "" fi } ok (){ if $LOGGING || $terminal ; then echo "" if $terminal ; then echo -e " [ \033[32m\033[1mOk\033[m ] $*" else echo " [ Ok ] $*" fi echo "" fi } echo_done() { if $terminal ; then echo -e "\033[85G[ \033[32mdone\033[m ]" fi } echo_ok() { if $terminal ; then echo -e "\033[85G[ \033[32mok\033[m ]" fi } echo_failed(){ if $terminal ; then echo -e "\033[85G[ \033[1;31mfailed\033[m ]" fi } echo_skipped() { if $terminal ; then echo -e "\033[85G[ \033[33m\033[1mskipped\033[m ]" fi } echo_wait(){ if $terminal ; then echo -en "\033[85G[ \033[5m\033[1m...\033[m ]" fi } trim() { local var="$*" var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters echo -n "$var" } blank_line() { if $terminal ; then echo "" fi } # ---------- # - Jobhandling # ---------- # - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM # - trap clean_up SIGHUP SIGINT SIGTERM # ---------- # - Some checks .. # ---------- # - Running in a terminal? # - if [[ -t 1 ]] ; then terminal=true else terminal=false fi # ---------- # Read Configurations from $conf_file # ---------- # - Give your default values here # - if [[ -f "$conf_file" ]]; then source "$conf_file" else warn "No configuration file '$conf_file' present.\n Loading default values.." fi [[ -z "$shadow_file" ]] && shadow_file="$DEFAULT_shadow_file" [[ -z "$user_passwd_file" ]] && user_passwd_file="$DEFAULT_user_passwd_file" if [[ ! -f "$shadow_file" ]]; then fatal "Shadow file '$shadow_file' not found!" fi if [[ ! -f "$user_passwd_file" ]]; then fatal "User-Password file '$user_passwd_file' not found!" fi echononl "Create LOG directory '$HOME/${script_name%%.*}'.." mkdir -p $HOME/${script_name%%.*} > /dev/null 2>&1 if [[ $? -ne 0 ]] ; then echo_failed fatal "Cannot create LOG directory '$HOME/${script_name%%.*}'!" else echo_ok fi echononl "Copy Shadow file to '$HOME/${script_name%%.*}'.." cp -a "$shadow_file" "$HOME/${script_name%%.*}/" > /dev/null 2>&1 if [[ $? -ne 0 ]] ; then echo_failed error "Cannot copy '$shadow_file' to '$HOME/${script_name%%.*}'!" else echo_ok fi echononl "Copy User-Password file to '$HOME/${script_name%%.*}'.." cp -a "$user_passwd_file" "$HOME/${script_name%%.*}/" > /dev/null 2>&1 if [[ $? -ne 0 ]] ; then echo_failed error "Cannot copy '$user_passwd_file' to '$HOME/${script_name%%.*}'!" else echo_ok fi # ========== # - Begin Main Script # ========== # ---------- # - Headline # ---------- if $terminal ; then echo "" echo -e "\033[1m----------\033[m" echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" echo -e "\033[1m----------\033[m" fi echo "# ----------" >> $log_file echo "# - Output of script '$script_name'" >> $log_file echo "# ----------" >> $log_file # --- # - Get password hashes from system known users # --- declare -A shadow_passwd_hash_arr=() declare -A shadow_passwd_salt_arr=() while IFS=': ' read _user _pw _rest ; do [[ "$_pw" = "*" ]] && continue [[ "$_pw" = '!' ]] && continue [[ "$_user" = "root" ]] && continue [[ "$_user" = "back" ]] && continue [[ "$_user" = "sysadm" ]] && continue [[ "$_user" = "chris" ]] && continue user=$_user passwd=$_pw shadow_passwd_hash_arr["$user"]="$_pw" # - Get salt of the password hash # - salt="$(echo "$passwd" | cut -d "\$" -f3)" shadow_passwd_salt_arr["$user"]="$salt" done < "$shadow_file" # --- # - Read user passwords from file # --- declare -A given_password_arr=() while read _user _pw ; do # Ignore comment lines # [[ $_user =~ ^[[:space:]]{0,}# ]] && continue # Ignore blank lines # [[ $_user =~ ^[[:space:]]*$ ]] && continue if [[ -n "$_pw" ]]; then given_password_arr["$_user"]="$_pw" fi done < "$user_passwd_file" for _user in "${!shadow_passwd_hash_arr[@]}"; do #[[ "$_user" != "test" ]] && continue blank_line echo "" >> $log_file echo "user: $_user - password: ${given_password_arr["$_user"]}" >> $log_file if [[ "${shadow_passwd_hash_arr["$_user"]}" = "$(mkpasswd -m SHA-512 ${given_password_arr["$_user"]} ${shadow_passwd_salt_arr["$_user"]})" ]] ; then echononl "Create user '$_user' with Password '${given_password_arr["$_user"]}'.." /root/bin/admin-stuff/add_new_user.sh $_user ${given_password_arr["$_user"]} > /dev/null 2>&1 #/root/bin/admin-stuff/add_new_user.sh $_user EadG:lwer > /dev/null 2>&1 if [[ $? -ne 0 ]] ; then echo_failed echo "" >> $log_file_error echo " [ Error ]: Adding System User '$_user' failed" >> $log_file echo "[ Error ]: Adding System User '$_user' failed" >> $log_file_error else echo_ok echo " [ ok ]: System User '$_user' with password '${given_password_arr["$_user"]}' added." >> $log_file fi echononl "Add User to samba.." (echo "${shadow_passwd_hash_arr["$_user"]}"; echo "${shadow_passwd_hash_arr["$_user"]}") | smbpasswd -s -a $_user > /dev/null 2>&1 if [[ $? -ne 0 ]] ; then echo_failed echo "" >> $log_file_error echo " [ Error ]: Adding Samba user '$_user' failed." >> $log_file echo "[ Error ]: Adding Samba user '$_user' failed." >> $log_file_error else echo_ok echo " [ ok ]: Samba User '$_user' with password '${given_password_arr["$_user"]}' added." >> $log_file fi else error "Passwords for user '$_user' DOES NOT MATCH. User NOT added to system and samba!" echo " [ Error ]: Passwords for user '$_user' DOES NOT MATCH. User NOT added to system and samba!" >> $log_file echo "" >> $log_file_error echo "[ Error ]: Passwords for user '$_user' DOES NOT MATCH. User NOT added to system and samba!" >> $log_file_error fi done clean_up 0