#!/usr/bin/env bash script_name="$(basename $(realpath $0))" working_dir="$(dirname $(realpath $0))" conf_file="${working_dir}/conf/${script_name%%.*}.conf" LOCK_DIR="/tmp/$(basename $0).$$.LOCK" log_file="${LOCK_DIR}/${script_name%%.*}.log" # ------------- # --- Some Variables # ------------- replace_files=".bashrc .bash_logout .profile .vimrc" templates_base_dir="${working_dir}/supported-files/user_templates" templates_all_dir="${templates_base_dir}/all" sudo_users=" alex alis c3po chris ckubu defa dolphin eris erik hedwig ilker ilker-sudo init jason jumpy localadmin marcus marsupilami nd-admin sysadm wadmin xmatti " # ------------- # --- Some functions # ------------- clean_up() { # Perform program exit housekeeping rm -rf "$LOCK_DIR" blank_line exit $1 } blank_line() { if $terminal ; then echo "" fi } # - Check if a given array (parameter 2) contains a given string (parameter 1) # - containsElement () { local e for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done return 1 } # ---------- # - Jobhandling # ---------- # - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM # - trap clean_up SIGHUP SIGINT SIGTERM # - Create lock directory '$LOCK_DIR" # mkdir "$LOCK_DIR" # ---------- # - Some checks .. # ---------- if [[ $# -lt 1 ]] ; then echo "" echo " No username given on comand line." echo "" exit fi # - Running in a terminal? # - if [[ -t 1 ]] ; then terminal=true else terminal=false fi # ---------- # - Some pre-script tasks .. # ---------- user_name=$1 if [[ -z "$2" ]]; then password_needed=true password="test100" else password_needed=false password=$2 fi if [[ -f "/etc/adduser.conf" ]]; then . /etc/adduser.conf if [[ -z "$DHOME" ]] ; then home_base_dir=/home else home_base_dir="$DHOME" fi min_uid=$FIRST_UID skel_dir="$SKEL" else home_base_dir=/home min_uid=1001 skel_dir=/etc/skel fi home_dir="${home_base_dir}/${user_name}" if [[ $min_uid -lt 1001 ]] ; then min_uid=1001 fi # array of authorized sudo users # declare -a sudo_users_arr for _val in $sudo_users ; do sudo_users_arr+=("$_val") done # ========== # - Begin Main Script # ========== # - Create user if not exists # - if ! id -u "${user_name}" > /dev/null 2>&1 ; then # - Get uid/gid # - if [[ "$user_name" = 'webadmin' ]]; then user_uid=1040 user_gid=1040 home_dir="/var/www" elif [[ "$user_name" = 'nd-web-prod' ]]; then user_uid=1041 user_gid=1041 home_dir="/var/www/nd-web-prod" elif [[ "$user_name" = 'nd-web-demo' ]]; then user_uid=1042 user_gid=1042 home_dir="/var/www/nd-web-demo" elif [[ "$user_name" = 'nd-admin' ]]; then user_uid=1045 user_gid=1045 elif [[ "$user_name" = 'sysadm' ]]; then user_uid=1050 user_gid=1050 elif [[ "$user_name" = 'localadmin' ]]; then user_uid=1051 user_gid=1051 elif [[ "$user_name" = 'back' ]]; then user_uid=1060 user_gid=1060 elif [[ "$user_name" = 'borg' ]]; then user_uid=1065 user_gid=1065 elif [[ "$user_name" = 'cryptpad' ]]; then user_uid=1033 user_gid=1033 else declare -i _id=$(expr $min_uid - 1) while true ; do ((_id++)) $(id $_id > /dev/null 2>&1) && continue $(cat /etc/group | cut -d ':' -f3 | grep -q $_id 2> /dev/null) && continue break done user_uid=$_id user_gid=$_id fi # - Add user to system # - if [[ "$user_name" = 'alex' ]]; then echo "$user_name:${password}:${user_uid}:${user_gid}:${user_name},,,:${home_dir}:/usr/bin/zsh" | newusers >/dev/null 2>&1 else echo "$user_name:${password}:${user_uid}:${user_gid}:${user_name},,,:${home_dir}:/bin/bash" | newusers >/dev/null 2>&1 fi if [[ $? -ne 0 ]]; then echo "" echo -e " [ \033[31m\033[1mFatal\033[m ] Adding user \033[1m${user_name}\033[m failed!" echo -e " Script terminated.." echo "" exit 1 fi if [[ -d "$skel_dir" ]]; then cp -a "${skel_dir}/.bash_logout" "${home_dir}/" chown ${user_name}:${user_name} "${home_dir}/.bash_logout" cp -a "${skel_dir}/.bashrc" "${home_dir}/" chown ${user_name}:${user_name} "${home_dir}/.bashrc" cp -a "${skel_dir}/.profile" "${home_dir}/" chown ${user_name}:${user_name} "${home_dir}/.profile" fi else user_uid=$(id -u ${user_name}) user_gid=$(id -g ${user_name}) fi # - Set new password # - if $password_needed ; then # - webadmin # - if [[ "$user_name" = 'webadmin' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$P1UvKv/0\\\$0hWHiUXQTrNl5SFf52iAY1qDYsJFhjHaVC6F6BuvazcNXkzjAcnuX5PMml5DLh4tyFpqVdPpCyAyd92YypNbu/:\2#" /etc/shadow # - nd-admin # - elif [[ "$user_name" = 'nd-admin' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$1YJwHY0qdLimgtdOKlTxR1\\\$/O9QWTpr0Y41TduR2GZ0FMCiIxFqOaXWSM9hmHRnv80:\2#" /etc/shadow # - nd-web-prod # - elif [[ "$user_name" = 'nd-web-prod' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$boxWdtKmOp7AKHEAFj1.1/\\\$jlhYI62N5u6P.jRxAgmmDGVvGnfrPKTcKelYC3Z2sM4:\2#" /etc/shadow # - nd-web-demo # - elif [[ "$user_name" = 'nd-web-demo' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$uqzyF.BYEZrgJlDnGTH/x/\\\$abn3RCkx5SAz.f9B5Iqvaw/LWRncoyS40Lx2uGj2xQ.:\2#" /etc/shadow # - sysadm # - elif [[ "$user_name" = 'sysadm' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$bio2CRlBuq94yWCD1DjqP0\\\$K6/kboti0nQNCBHV4uXSztMqAkYZp.DJWoTZ82981A0:\2#" /etc/shadow # - back # - elif [[ "$user_name" = 'back' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$okMvVb1lmERtmLDa0lAmM1\\\$Gkm9VHgv.IYijNpsTE3sOZ.pg7I0x7siuXPVFbwQc23:\2#" /etc/shadow # - borg # - elif [[ "$user_name" = 'borg' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$SZty9T8ZWbnyHR2S85xaG.\\\$GhxHOKG9fKErT9s5TAehXXyZJSkNaIcXY18Rg1iMyhC:\2#" /etc/shadow # - localadmin # - elif [[ "$user_name" = 'localadmin' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$E.dWE6DepFmx/ky49sM/n1\\\$G13WcXjHq3v4thAnsdl6PZIMnhN/y7FHv/qx/8X/Xh6:\2#" /etc/shadow # - axel # - elif [[ "$user_name" = 'axel' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$zUWC465e\\\$XblctxwnBIOa7mPcN6foEQrwChjpwoY7lLtacXJrSsvjZS3I6Ox1mYUtN3/gzkvpbzOPx/9PlRJV.mbl939mD.:\2#" /etc/shadow # - kaya # - elif [[ "$user_name" = 'kaya' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$t9gheUvd\\\$hFTJ5mp0bdu4Hc5zGmS6HuSAfFOc4QRROLX4wnCauLjwTxUtvhgeLDlL5YkjGfiWOCEe84krH4op0DdKjTJWG/:\2#" /etc/shadow # - felix # - elif [[ "$user_name" = 'felix' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$RKaAbxOz\\\$LxvjoVclfkgo99VwmXi9cIhVmUdTNT.T0/pZAH9GNtFEQn5NoOak/DHTHHG9kn58soDRuhEAup1x4T2jG.Js0/:\2#" /etc/shadow # - lalix # - elif [[ "$user_name" = 'lalix' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$RKaAbxOz\\\$LxvjoVclfkgo99VwmXi9cIhVmUdTNT.T0/pZAH9GNtFEQn5NoOak/DHTHHG9kn58soDRuhEAup1x4T2jG.Js0/:\2#" /etc/shadow # - mariette # - elif [[ "$user_name" = 'mariette' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$QiYW4uMG\\\$9bOGhsON8SnOSIC4.UTXhVpCpebcJNInI3t1JPhR7979D3CpoKroK7dXPAxGfDigrkxBwcqju..PuvCUqtshw1:\2#" /etc/shadow # - christian # - elif [[ "$user_name" = 'christian' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$2paWmEea\\\$G51JZDzjjDNE75aBl/xuM1dyH.FWYHwNCRHeKWkHhxjUmRRC/v.hhNh5jOk5EbVWDeVh7r5dz1tO2HTZUMftb1:\2#" /etc/shadow # - ilker # - elif [[ "$user_name" = 'ilker' ]]; then #perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$6PRR6JwU\\\$RBsPa/W.ThyGVJVFls9Uxf6GZYyjCeJfNtGbgNosC/jlkCHWCZBWWxL/nwxaJBEKIB1f8f3YBIbm13.see7u3.:\2#" /etc/shadow perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$dFHWSNbZZYYlB.KzhLviz/\\\$uwOtNPiriBikxYiQVvfGEwplceD1imFwsnvyFzNgPm6:\2#" /etc/shadow # - ilker-sudo # - elif [[ "$user_name" = 'ilker-sudo' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$KdZA19BkoB5hmlSq\\\$0EnTYvavJh/xYsCc1Movk7Rt3fF0Kpiw/i.YQalZmL5kmChurAcJRgLNoceTtH7gFKY67SkeiE6Diy5L74CF71:\2#" /etc/shadow # - erik # - elif [[ "$user_name" = 'erik' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$GntX81EP\\\$O1GEmQF.BbOQfTMMw/m/BDKSXmANVpqmz0nyzw4O4R2/iK9huGOAjT/2eq8FVdMghvNOvdwrWtwohO.Mg4V9n.:\2#" /etc/shadow # - eris # - elif [[ "$user_name" = 'eris' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$2k/ZZEdYqay2oIoW00eSn0\\\$u0E/KBTI07end/gRq31sJdf3A8hbqh42e7apGVMn9d1:\2#" /etc/shadow # - c3po # - elif [[ "$user_name" = 'c3po' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$RE5/J41tiT9VGR1EEUG1v0\\\$b6vffdjY5qTHZAKAMh093ohujBUhV6rnVmzS/ctRl7D:\2#" /etc/shadow # - hedwig # - elif [[ "$user_name" = 'hedwig' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$JtS8/Okj5I8yg8.kFTFA6.\\\$9RS.N9A8oVOhwyT0eILDRoKzqDjOCAYft9j0ofwqcqD:\2#" /etc/shadow # - jumpy # - elif [[ "$user_name" = 'jumpy' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$fOtCqi5egKR9qvH0adBVs0\\\$8uiduG3.8nDk2lHmlRDK2.tCKg4yEU91S.xZgSONCL3:\2#" /etc/shadow # - dolphin # - elif [[ "$user_name" = 'dolphin' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$4LaHObIvOTyXyoEEEljzP/\\\$Vjp2akP.EPg/LZmKPurvYbCOCOf7fP//oRU6EkcMvK6:\2#" /etc/shadow # - xmatti # - $y$j9T$z1Zz8bCDJro64/upmwFk..$nG9EDG1sk0Prf2cyj1ylnILFTbSrQJwfosHYSmssWd7 # - elif [[ "$user_name" = 'xmatti' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$z1Zz8bCDJro64/upmwFk..\\\$nG9EDG1sk0Prf2cyj1ylnILFTbSrQJwfosHYSmssWd7:\2#" /etc/shadow # - jason # - $y$j9T$OXib1uJhr.zU/H9/XnLGd0$Bd4t8mBcQXQZ6K6U/IiarTCD1sbKhFnMWm/5JDnzTV/ # - 2Gw/FY6N-K.Ate-R elif [[ "$user_name" = 'jason' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$OXib1uJhr.zU/H9/XnLGd0\\\$Bd4t8mBcQXQZ6K6U/IiarTCD1sbKhFnMWm/5JDnzTV/:\2#" /etc/shadow # - chris # - elif [[ "$user_name" = 'chris' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$JPKlR6kIk7GJStSdmAQWq/\\\$e1vJER6KL/dk1diFNtC.COw9lu2uT6ZdrUgGcNVb912:\2#" /etc/shadow # - ckubu # - elif [[ "$user_name" = 'ckubu' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$rgPmWh7b8x1ROMjvKYjoi0\\\$KCAw3Bb6B7GH9Zm6yf7RS7DzKHniUfabYum1JGRwAWA:\2#" /etc/shadow # - alex # - elif [[ "$user_name" = 'alex' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$GTP91Vzk\\\$HBBq323cWk5NXqmIaFXAoHBavJWMO9KZdpdORvwaPtnQTT/ZxsHSlMrlI4W2mPWnDwa8IRy6.ZYL1FAMS9do21:\2#" /etc/shadow # - init # - elif [[ "$user_name" = 'init' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$NcRlPYtm\\\$1YiBoiJUcEwB1ovXYLpQ.OM/ehceh46/G2K4jz0I/PK7tJzD/HDoKhaKVYEIe.uWld6zC63GrgEhq.UMJzFuS1:\2#" /etc/shadow # - defa # - elif [[ "$user_name" = 'defa' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$LMelojO.\\\$TY0vb.xSBparEY5O7p86YT.E4RXKVH0bDfwGsszuFS6EAl3oh.s6V.jIZYg56P1RTDiVUh4A0BOwk87Q/utaS1:\2#" /etc/shadow # - alis # - elif [[ "$user_name" = 'defa' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$a/PWqRoP\\\$bQs3qmthLdL6nVVt65ml6XcZqfVxQ9nQg0/VcUjuh44vuVlJ7lGgvb6Zv1MM.Ryu1Qis1a3GFuKIRww3p7RVJ.:\2#" /etc/shadow # - andreas (guenzler) # - elif [[ "$user_name" = 'andreas' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$x1OiWj0IJSm7hvIt\\\$SWEah9JdlhZnMZ9ZhViwS9VoLEBAdokpjFPmkZSvdzdQXe4bNKEIOXzEhHKdA8vUYZ7UGjRkcLBEiZ6LClcOS.$:\2#" /etc/shadow # - wadmin # - elif [[ "$user_name" = 'wadmin' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$YarN7tuuR4Q4iGCUundvp.\\\$Cj7hN5UAaigmXCZrNQbeIIq40MmYX66.Jiu0QmDYY6.:\2#" /etc/shadow # - marcus Opferperspektive # - elif [[ "$user_name" = 'marcus' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$SPnbZ2Gcf.4iHz93\\\$Vp7fg/xCGls4cPJIiLR5Ogxm2U38RPpPgHLaLIJiOe.PekJCuRsvRLBZLITec2JQhdVTvqpmKURUZrKdXs62z0:\2#" /etc/shadow # - marsupilami (Torbsen IL) # - elif [[ "$user_name" = 'marsupilami' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$guTT3egsLUFwxUGCnDJ0o0\\\$WCQt3gXcYIpArTxbn2BunvIWG6w7GZLx./fFGJYCsd/:\2#" /etc/shadow # - root # - elif [[ "$user_name" = 'root' ]]; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$y\\\$j9T\\\$cbQCtskLGoYTcwmji1e3z.\\\$QAOVrNRt.h9spxRQusfwHmcdTPIwVy5X0A1z0/nVUXD:\2#" /etc/shadow # - Other normal users (uid > $min_uid) # - elif [[ $user_uid -ge $min_uid ]] ; then perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$R6DYYcau\\\$TZYgG122V1oDl1wddNb8ieQIUMab35xItyFlnlStkEBV3DS5S6x7co6S/FpwbHzX21c1HF3WCUQ5/5s.umi6I.:\2#" /etc/shadow fi fi home_dir="$(cat /etc/passwd | grep -E "^${user_name}:" | cut -d':' -f6)" # - Backup existing files befor replacing them.. # - if [[ -f "${home_dir}/.bashrc" ]] && [[ ! -f "${home_dir}/.bashrc.ORIG" ]]; then mv "${home_dir}/.bashrc" "${home_dir}/.bashrc.ORIG" fi if [[ -f "${home_dir}/.profile" ]] && [[ ! -f "${home_dir}/.profile.ORIG" ]] ; then mv "${home_dir}/.profile" "${home_dir}/.profile.ORIG" fi if [[ -f "${home_dir}/.bash_logout" ]] && [[ ! -f "${home_dir}/.bash_logout.ORIG" ]] ; then mv "${home_dir}/.bash_logout" "${home_dir}/.bash_logout.ORIG" fi # - Replace/Add files # - for _file in $replace_files ; do if [[ -f "${templates_base_dir}/${user_name}/${_file}" ]] ; then cp -a "${templates_base_dir}/${user_name}/${_file}" "${home_dir}/" chown ${user_name}:${user_name} "${home_dir}/${_file}" elif [[ -f "${templates_all_dir}/${_file}" ]]; then cp -a "${templates_all_dir}/${_file}" "${home_dir}/" chown ${user_name}:${user_name} "${home_dir}/${_file}" else if [[ -f "${home_dir}/${_file}.ORIG" ]]; then mv "${home_dir}/${_file}.ORIG" "${home_dir}/${_file}" fi fi done if [[ -d "${home_dir}/.ssh" ]]; then cp -a "${home_dir}/.ssh" "${home_dir}/.ssh.BAK" else mkdir "${home_dir}/.ssh" fi ssh_auhtorized_file="" if [[ -d "${templates_base_dir}/${user_name}/.ssh" ]]; then if [[ -f "${templates_base_dir}/${user_name}/.ssh/authorized_keys" ]]; then ssh_auhtorized_file="${templates_base_dir}/${user_name}/.ssh/authorized_keys" elif [[ -f "${templates_base_dir}/${user_name}/.ssh/authorized_keys2" ]]; then ssh_auhtorized_file="${templates_base_dir}/${user_name}/.ssh/authorized_keys2" fi elif [[ -d "${templates_all_dir}/.ssh" ]] ; then if [[ -f "${templates_all_dir}/.ssh/authorized_keys" ]]; then ssh_auhtorized_file="${templates_all_dir}/.ssh/authorized_keys" elif [[ -f "${templates_all_dir}/.ssh/authorized_keys2" ]]; then ssh_auhtorized_file="${templates_all_dir}/.ssh/authorized_keys2" fi fi if [[ -n "$ssh_auhtorized_file" ]] ; then cp -a "$ssh_auhtorized_file" "${home_dir}/.ssh/" elif [[ -d "${home_dir}/.ssh.BAK" ]] ; then rm -rf "${home_dir}/.ssh.BAK" fi if [[ -f "${templates_base_dir}/${user_name}/.ssh/config" ]]; then ssh_config_dir="${templates_base_dir}/${user_name}/.ssh/config" elif [[ -f "${templates_all_dir}/.ssh/config" ]] ; then ssh_config_dir="${templates_base_dir}/${user_name}/.ssh/config" fi if [[ -n "$ssh_config_dir" ]] ; then cp -a "$ssh_config_dir" "${home_dir}/.ssh/" fi chmod 700 ${home_dir}/.ssh chown -R ${user_name}:${user_name} ${home_dir}/.ssh # Add authorized users to the sudoers group # if containsElement "${user_name}" "${sudo_users_arr[@]}" ; then usermod -a -G sudo ${user_name} fi #ls -al ${home_dir}/.ssh echo "" echo -e " User \033[1m${user_name}\033[m added:" echo "" echo -e " Home Dir: \033[1m$home_dir\033[m" echo -e " UID: \033[1m$(id -u ${user_name})\033[m" echo -e " GID: \033[1m$(id -g ${user_name})\033[m" if [[ -n "$2" ]]; then echo -e " Password: \033[1m$2\033[m" else echo -e " Password: \033[1m************\033[m" fi echo "" exit 0