425 lines
12 KiB
Bash
Executable File
425 lines
12 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
script_name="$(basename $(realpath $0))"
|
|
working_dir="$(dirname $(realpath $0))"
|
|
|
|
conf_file="${working_dir}/conf/${script_name%%.*}.conf"
|
|
|
|
LOCK_DIR="/tmp/$(basename $0).$$.LOCK"
|
|
log_file="${LOCK_DIR}/${script_name%%.*}.log"
|
|
|
|
|
|
|
|
# -------------
|
|
# --- Some Variables
|
|
# -------------
|
|
|
|
replace_files=".bashrc .bash_logout .profile .vimrc"
|
|
|
|
templates_base_dir="${working_dir}/supported-files/user_templates"
|
|
templates_all_dir="${templates_base_dir}/all"
|
|
|
|
sudo_users="
|
|
sysadm
|
|
localadmin
|
|
chris
|
|
wadmin
|
|
ilker
|
|
ckubu
|
|
alex
|
|
alis
|
|
defa
|
|
init
|
|
marcus
|
|
xmatti
|
|
"
|
|
|
|
|
|
|
|
# -------------
|
|
# --- Some functions
|
|
# -------------
|
|
|
|
clean_up() {
|
|
|
|
# Perform program exit housekeeping
|
|
rm -rf "$LOCK_DIR"
|
|
blank_line
|
|
exit $1
|
|
}
|
|
|
|
blank_line() {
|
|
if $terminal ; then
|
|
echo ""
|
|
fi
|
|
}
|
|
|
|
# - Check if a given array (parameter 2) contains a given string (parameter 1)
|
|
# -
|
|
containsElement () {
|
|
local e
|
|
for e in "${@:2}"; do [[ "$e" == "$1" ]] && return 0; done
|
|
return 1
|
|
}
|
|
|
|
|
|
|
|
# ----------
|
|
# - Jobhandling
|
|
# ----------
|
|
|
|
# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM
|
|
# -
|
|
trap clean_up SIGHUP SIGINT SIGTERM
|
|
|
|
# - Create lock directory '$LOCK_DIR"
|
|
#
|
|
mkdir "$LOCK_DIR"
|
|
|
|
|
|
|
|
# ----------
|
|
# - Some checks ..
|
|
# ----------
|
|
|
|
if [[ $# -lt 1 ]] ; then
|
|
echo ""
|
|
echo " No username given on comand line."
|
|
echo ""
|
|
exit
|
|
fi
|
|
|
|
# - Running in a terminal?
|
|
# -
|
|
if [[ -t 1 ]] ; then
|
|
terminal=true
|
|
else
|
|
terminal=false
|
|
fi
|
|
|
|
|
|
|
|
# ----------
|
|
# - Some pre-script tasks ..
|
|
# ----------
|
|
|
|
user_name=$1
|
|
|
|
if [[ -z "$2" ]]; then
|
|
password_needed=true
|
|
password="test100"
|
|
else
|
|
password_needed=false
|
|
password=$2
|
|
fi
|
|
|
|
if [[ -f "/etc/adduser.conf" ]]; then
|
|
. /etc/adduser.conf
|
|
home_base_dir="$DHOME"
|
|
min_uid=$FIRST_UID
|
|
skel_dir="$SKEL"
|
|
else
|
|
home_base_dir=/home
|
|
min_uid=1001
|
|
skel_dir=/etc/skel
|
|
fi
|
|
home_dir="${home_base_dir}/${user_name}"
|
|
|
|
if [[ $min_uid -lt 1001 ]] ; then
|
|
min_uid=1001
|
|
fi
|
|
|
|
# array of authorized sudo users
|
|
#
|
|
declare -a sudo_users_arr
|
|
for _val in $sudo_users ; do
|
|
sudo_users_arr+=("$_val")
|
|
done
|
|
|
|
|
|
# ==========
|
|
# - Begin Main Script
|
|
# ==========
|
|
|
|
# - Create user if not exists
|
|
# -
|
|
if ! id -u "${user_name}" > /dev/null 2>&1 ; then
|
|
|
|
# - Get uid/gid
|
|
# -
|
|
if [[ "$user_name" = 'webadmin' ]]; then
|
|
user_uid=1040
|
|
user_gid=1040
|
|
home_dir="/var/www"
|
|
elif [[ "$user_name" = 'sysadm' ]]; then
|
|
user_uid=1050
|
|
user_gid=1050
|
|
elif [[ "$user_name" = 'localadmin' ]]; then
|
|
user_uid=1051
|
|
user_gid=1051
|
|
elif [[ "$user_name" = 'back' ]]; then
|
|
user_uid=1060
|
|
user_gid=1060
|
|
elif [[ "$user_name" = 'cryptpad' ]]; then
|
|
user_uid=1033
|
|
user_gid=1033
|
|
else
|
|
|
|
declare -i _id=$(expr $min_uid - 1)
|
|
|
|
while true ; do
|
|
((_id++))
|
|
$(id $_id > /dev/null 2>&1) && continue
|
|
$(cat /etc/group | cut -d ':' -f3 | grep -q $_id 2> /dev/null) && continue
|
|
break
|
|
done
|
|
user_uid=$_id
|
|
user_gid=$_id
|
|
fi
|
|
|
|
# - Add user to system
|
|
# -
|
|
if [[ "$user_name" = 'alex' ]]; then
|
|
echo "$user_name:${password}:${user_uid}:${user_gid}:${user_name},,,:${home_dir}:/usr/bin/zsh" | newusers >/dev/null 2>&1
|
|
else
|
|
echo "$user_name:${password}:${user_uid}:${user_gid}:${user_name},,,:${home_dir}:/bin/bash" | newusers >/dev/null 2>&1
|
|
fi
|
|
|
|
if [[ $? -ne 0 ]]; then
|
|
echo ""
|
|
echo -e " [ \033[31m\033[1mFatal\033[m ] Adding user \033[1m${user_name}\033[m failed!"
|
|
echo -e " Script terminated.."
|
|
echo ""
|
|
exit 1
|
|
fi
|
|
|
|
if [[ -d "$skel_dir" ]]; then
|
|
cp -a "${skel_dir}/.bash_logout" "${home_dir}/"
|
|
chown ${user_name}:${user_name} "${home_dir}/.bash_logout"
|
|
|
|
cp -a "${skel_dir}/.bashrc" "${home_dir}/"
|
|
chown ${user_name}:${user_name} "${home_dir}/.bashrc"
|
|
|
|
cp -a "${skel_dir}/.profile" "${home_dir}/"
|
|
chown ${user_name}:${user_name} "${home_dir}/.profile"
|
|
fi
|
|
else
|
|
user_uid=$(id -u ${user_name})
|
|
user_gid=$(id -g ${user_name})
|
|
fi
|
|
|
|
# - Set new password
|
|
# -
|
|
if $password_needed ; then
|
|
|
|
# - webadmin
|
|
# -
|
|
if [[ "$user_name" = 'webadmin' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$P1UvKv/0\\\$0hWHiUXQTrNl5SFf52iAY1qDYsJFhjHaVC6F6BuvazcNXkzjAcnuX5PMml5DLh4tyFpqVdPpCyAyd92YypNbu/:\2#" /etc/shadow
|
|
|
|
# - sysadm
|
|
# -
|
|
elif [[ "$user_name" = 'sysadm' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$vvccwrTc\\\$Sz1HaSb3ujObprltiG7D6U1Rr3fpgfjkKuDDWYdHzPkPx/0pEofCWC.vyTn78hcemkntl.6wVUOnJnNloKt/E/:\2#" /etc/shadow
|
|
|
|
# - localadmin
|
|
# -
|
|
elif [[ "$user_name" = 'localadmin' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$flo5afeu\\\$1Dn/tqIOJIFQbymCzpJk9BgGflQdy2Eg0nTiMBF7VefN7uY/Md1pV2yU0S47kZuH5aDjSdPfKzhHp8Aul/xx90:\2#" /etc/shadow
|
|
|
|
# - axel
|
|
# -
|
|
elif [[ "$user_name" = 'axel' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$zUWC465e\\\$XblctxwnBIOa7mPcN6foEQrwChjpwoY7lLtacXJrSsvjZS3I6Ox1mYUtN3/gzkvpbzOPx/9PlRJV.mbl939mD.:\2#" /etc/shadow
|
|
|
|
# - kaya
|
|
# -
|
|
elif [[ "$user_name" = 'kaya' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$t9gheUvd\\\$hFTJ5mp0bdu4Hc5zGmS6HuSAfFOc4QRROLX4wnCauLjwTxUtvhgeLDlL5YkjGfiWOCEe84krH4op0DdKjTJWG/:\2#" /etc/shadow
|
|
|
|
# - felix
|
|
# -
|
|
elif [[ "$user_name" = 'felix' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$RKaAbxOz\\\$LxvjoVclfkgo99VwmXi9cIhVmUdTNT.T0/pZAH9GNtFEQn5NoOak/DHTHHG9kn58soDRuhEAup1x4T2jG.Js0/:\2#" /etc/shadow
|
|
|
|
# - lalix
|
|
# -
|
|
elif [[ "$user_name" = 'lalix' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$RKaAbxOz\\\$LxvjoVclfkgo99VwmXi9cIhVmUdTNT.T0/pZAH9GNtFEQn5NoOak/DHTHHG9kn58soDRuhEAup1x4T2jG.Js0/:\2#" /etc/shadow
|
|
|
|
# - mariette
|
|
# -
|
|
elif [[ "$user_name" = 'mariette' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$QiYW4uMG\\\$9bOGhsON8SnOSIC4.UTXhVpCpebcJNInI3t1JPhR7979D3CpoKroK7dXPAxGfDigrkxBwcqju..PuvCUqtshw1:\2#" /etc/shadow
|
|
|
|
# - christian
|
|
# -
|
|
elif [[ "$user_name" = 'christian' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$2paWmEea\\\$G51JZDzjjDNE75aBl/xuM1dyH.FWYHwNCRHeKWkHhxjUmRRC/v.hhNh5jOk5EbVWDeVh7r5dz1tO2HTZUMftb1:\2#" /etc/shadow
|
|
|
|
# - ilker
|
|
# -
|
|
elif [[ "$user_name" = 'ilker' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$6PRR6JwU\\\$RBsPa/W.ThyGVJVFls9Uxf6GZYyjCeJfNtGbgNosC/jlkCHWCZBWWxL/nwxaJBEKIB1f8f3YBIbm13.see7u3.:\2#" /etc/shadow
|
|
|
|
# - c3po
|
|
# -
|
|
elif [[ "$user_name" = 'c3po' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$z0yywBoF\\\$VtusXNrSvL4s4kQSeCl/6rZoCcAOz0aSINm0ArntILNvLnurVDGk9nJz42ZMya/DFe8snlf5kLymeAmNRiyDK/:\2#" /etc/shadow
|
|
|
|
# - chris
|
|
# -
|
|
elif [[ "$user_name" = 'chris' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$RWYCSssQ\\\$mtcJJELuc3.onwAhyVk4zdFLGaKw.XNfpM/mEZEJfZIyZZwUApwgoMcWkly7dwv0X4FpJVQ.oxJNnitHp7Ar70:\2#" /etc/shadow
|
|
|
|
# - ckubu
|
|
# -
|
|
elif [[ "$user_name" = 'ckubu' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$nmAWOQHZ\\\$PRx3FAGI4.X4ah7nmuTFJi0iFMwlWwTz.iM9B4yjLGcnQ/hg3K0O0lSDXOOn7yRJlhwRejVq2XSNvrmSGwJw//:\2#" /etc/shadow
|
|
|
|
# - alex
|
|
# -
|
|
elif [[ "$user_name" = 'alex' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$GTP91Vzk\\\$HBBq323cWk5NXqmIaFXAoHBavJWMO9KZdpdORvwaPtnQTT/ZxsHSlMrlI4W2mPWnDwa8IRy6.ZYL1FAMS9do21:\2#" /etc/shadow
|
|
|
|
# - init
|
|
# -
|
|
elif [[ "$user_name" = 'init' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$NcRlPYtm\\\$1YiBoiJUcEwB1ovXYLpQ.OM/ehceh46/G2K4jz0I/PK7tJzD/HDoKhaKVYEIe.uWld6zC63GrgEhq.UMJzFuS1:\2#" /etc/shadow
|
|
|
|
# - defa
|
|
# -
|
|
elif [[ "$user_name" = 'defa' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$LMelojO.\\\$TY0vb.xSBparEY5O7p86YT.E4RXKVH0bDfwGsszuFS6EAl3oh.s6V.jIZYg56P1RTDiVUh4A0BOwk87Q/utaS1:\2#" /etc/shadow
|
|
|
|
# - alis
|
|
# -
|
|
elif [[ "$user_name" = 'defa' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$a/PWqRoP\\\$bQs3qmthLdL6nVVt65ml6XcZqfVxQ9nQg0/VcUjuh44vuVlJ7lGgvb6Zv1MM.Ryu1Qis1a3GFuKIRww3p7RVJ.:\2#" /etc/shadow
|
|
|
|
|
|
# - andreas (guenzler)
|
|
# -
|
|
elif [[ "$user_name" = 'andreas' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$x1OiWj0IJSm7hvIt\\x1OiWj0IJSm7hvIt$SWEah9JdlhZnMZ9ZhViwS9VoLEBAdokpjFPmkZSvdzdQXe4bNKEIOXzEhHKdA8vUYZ7UGjRkcLBEiZ6LClcOS.$:\2#" /etc/shadow
|
|
|
|
|
|
# - wadmin
|
|
# -
|
|
elif [[ "$user_name" = 'wadmin' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$vaVNOPYp\\\$RbV6/phKDZRSa4TQGlJVOF/HQqyxAK7BeQmir8Kr8pwy7ATlHGvcPzJkuldNNp4O4t2q3EJRW2uVpjsng4ZhH1:\2#" /etc/shadow
|
|
|
|
|
|
# - marcus Opferperspektive
|
|
# -
|
|
elif [[ "$user_name" = 'marcus' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$SPnbZ2Gcf.4iHz93\\\$Vp7fg/xCGls4cPJIiLR5Ogxm2U38RPpPgHLaLIJiOe.PekJCuRsvRLBZLITec2JQhdVTvqpmKURUZrKdXs62z0:\2#" /etc/shadow
|
|
|
|
# - root
|
|
# -
|
|
elif [[ "$user_name" = 'root' ]]; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$shJF/I7l\\\$Z9H3on8zNLS3AxR3TtYU1lmMW7sHnpn9ylW2.758uOIDBl0Sku2x7xYfml8ty0JJrhZMXLrGnikprqqtmgAoq1:\2#" /etc/shadow
|
|
|
|
# - Other normal users (uid > $min_uid)
|
|
# -
|
|
elif [[ $user_uid -ge $min_uid ]] ; then
|
|
perl -i -n -p -e "s#^(${user_name}):[^:]+:(.+)#\1:\\\$6\\\$R6DYYcau\\\$TZYgG122V1oDl1wddNb8ieQIUMab35xItyFlnlStkEBV3DS5S6x7co6S/FpwbHzX21c1HF3WCUQ5/5s.umi6I.:\2#" /etc/shadow
|
|
fi
|
|
|
|
fi
|
|
|
|
home_dir="$(cat /etc/passwd | grep -E "^${user_name}:" | cut -d':' -f6)"
|
|
|
|
|
|
# - Backup existing files befor replacing them..
|
|
# -
|
|
if [[ -f "${home_dir}/.bashrc" ]] && [[ ! -f "${home_dir}/.bashrc.ORIG" ]]; then
|
|
mv "${home_dir}/.bashrc" "${home_dir}/.bashrc.ORIG"
|
|
fi
|
|
if [[ -f "${home_dir}/.profile" ]] && [[ ! -f "${home_dir}/.profile.ORIG" ]] ; then
|
|
mv "${home_dir}/.profile" "${home_dir}/.profile.ORIG"
|
|
fi
|
|
if [[ -f "${home_dir}/.bash_logout" ]] && [[ ! -f "${home_dir}/.bash_logout.ORIG" ]] ; then
|
|
mv "${home_dir}/.bash_logout" "${home_dir}/.bash_logout.ORIG"
|
|
fi
|
|
|
|
|
|
# - Replace/Add files
|
|
# -
|
|
for _file in $replace_files ; do
|
|
if [[ -f "${templates_base_dir}/${user_name}/${_file}" ]] ; then
|
|
cp -a "${templates_base_dir}/${user_name}/${_file}" "${home_dir}/"
|
|
chown ${user_name}:${user_name} "${home_dir}/${_file}"
|
|
elif [[ -f "${templates_all_dir}/${_file}" ]]; then
|
|
cp -a "${templates_all_dir}/${_file}" "${home_dir}/"
|
|
chown ${user_name}:${user_name} "${home_dir}/${_file}"
|
|
else
|
|
if [[ -f "${home_dir}/${_file}.ORIG" ]]; then
|
|
mv "${home_dir}/${_file}.ORIG" "${home_dir}/${_file}"
|
|
fi
|
|
fi
|
|
done
|
|
|
|
if [[ -d "${home_dir}/.ssh" ]]; then
|
|
cp -a "${home_dir}/.ssh" "${home_dir}/.ssh.BAK"
|
|
else
|
|
mkdir "${home_dir}/.ssh"
|
|
fi
|
|
|
|
ssh_auhtorized_file=""
|
|
if [[ -d "${templates_base_dir}/${user_name}/.ssh" ]]; then
|
|
if [[ -f "${templates_base_dir}/${user_name}/.ssh/authorized_keys" ]]; then
|
|
ssh_auhtorized_file="${templates_base_dir}/${user_name}/.ssh/authorized_keys"
|
|
elif [[ -f "${templates_base_dir}/${user_name}/.ssh/authorized_keys2" ]]; then
|
|
ssh_auhtorized_file="${templates_base_dir}/${user_name}/.ssh/authorized_keys2"
|
|
fi
|
|
elif [[ -d "${templates_all_dir}/.ssh" ]] ; then
|
|
if [[ -f "${templates_all_dir}/.ssh/authorized_keys" ]]; then
|
|
ssh_auhtorized_file="${templates_all_dir}/.ssh/authorized_keys"
|
|
elif [[ -f "${templates_all_dir}/.ssh/authorized_keys2" ]]; then
|
|
ssh_auhtorized_file="${templates_all_dir}/.ssh/authorized_keys2"
|
|
fi
|
|
fi
|
|
if [[ -n "$ssh_auhtorized_file" ]] ; then
|
|
cp -a "$ssh_auhtorized_file" "${home_dir}/.ssh/"
|
|
elif [[ -d "${home_dir}/.ssh.BAK" ]] ; then
|
|
rm -rf "${home_dir}/.ssh.BAK"
|
|
fi
|
|
|
|
|
|
if [[ -f "${templates_base_dir}/${user_name}/.ssh/config" ]]; then
|
|
ssh_config_dir="${templates_base_dir}/${user_name}/.ssh/config"
|
|
elif [[ -f "${templates_all_dir}/.ssh/config" ]] ; then
|
|
ssh_config_dir="${templates_base_dir}/${user_name}/.ssh/config"
|
|
fi
|
|
if [[ -n "$ssh_config_dir" ]] ; then
|
|
cp -a "$ssh_config_dir" "${home_dir}/.ssh/"
|
|
fi
|
|
|
|
|
|
chmod 700 ${home_dir}/.ssh
|
|
chown -R ${user_name}:${user_name} ${home_dir}/.ssh
|
|
|
|
|
|
# Add authorized users to the sudoers group
|
|
#
|
|
if containsElement "${user_name}" "${sudo_users_arr[@]}" ; then
|
|
usermod -a -G sudo ${user_name}
|
|
fi
|
|
|
|
#ls -al ${home_dir}/.ssh
|
|
echo ""
|
|
echo -e " User \033[1m${user_name}\033[m added:"
|
|
echo ""
|
|
echo -e " Home Dir: \033[1m$home_dir\033[m"
|
|
echo -e " UID: \033[1m$(id -u ${user_name})\033[m"
|
|
echo -e " GID: \033[1m$(id -g ${user_name})\033[m"
|
|
if [[ -n "$2" ]]; then
|
|
echo -e " Password: \033[1m$2\033[m"
|
|
else
|
|
echo -e " Password: \033[1m************\033[m"
|
|
fi
|
|
echo ""
|
|
|
|
exit 0
|