diff --git a/snippets/create_shadow_paswd.sh b/snippets/create_shadow_paswd.sh new file mode 100755 index 0000000..8357ef9 --- /dev/null +++ b/snippets/create_shadow_paswd.sh @@ -0,0 +1,325 @@ +#!/usr/bin/env bash + +script_name="$(basename $(realpath $0))" +working_dir="$(dirname $(realpath $0))" + +conf_file="${working_dir}/conf/${script_name%%.*}.conf" + +LOCK_DIR="/tmp/$(basename $0).$$.LOCK" +log_file="${LOCK_DIR}/${script_name%%.*}.log" + + +# ---------- +# Script settings +# ---------- + +# - Give your default values here +# - +SALT_LENGTH=8 + + +# ---------- +# Base Function(s) +# ---------- + +usage() { + + + [[ -n "$1" ]] && error "$1" + + + [[ $terminal ]] && echo -e " +\033[1mUsage:\033[m + + $(basename $0) + +\033[1mDescription\033[m + + Script creates a saltet SHA-512 password hash for use in '/etc/shadow'. + The length of salt is '8'. + +\033[1mOptions\033[m + + No Options needed. The clear password will be asked for. + +\033[1mFiles\033[m + + No configuration files needed + +\033[1mExample:\033[m + + Create a saltet SHA512 password hash + + $(basename $0) + +" + + clean_up 1 + +} + +clean_up() { + + # Perform program exit housekeeping + rm -rf "$LOCK_DIR" + blank_line + exit $1 +} + + +echononl(){ + if $terminal ; then + echo X\\c > /tmp/shprompt$$ + if [ `wc -c /tmp/shprompt$$ | awk '{print $1}'` -eq 1 ]; then + echo -e -n " $*\\c" 1>&2 + else + echo -e -n " $*" 1>&2 + fi + rm /tmp/shprompt$$ + fi +} + + +fatal(){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mFatal\033[m ] $*" + else + echo -e " [ Fatal ] $*" + fi + echo "" + if $terminal ; then + echo -e " \033[1mScript terminated\033[m.." + else + echo -e " Script terminated.." + fi + echo "" + rm -rf $LOCK_DIR + exit 1 +} + +error (){ + echo "" + if $terminal ; then + echo -e " [ \033[31m\033[1mError\033[m ] $*" + else + echo " [ Error ] $*" + fi + echo "" +} + +warn (){ + if $LOGGING || $terminal ; then + echo "" + if $terminal ; then + echo -e " [ \033[33m\033[1mWarn\033[m ] $*" + else + echo " [ Warn ] $*" + fi + echo "" + fi +} + +info (){ + if $LOGGING || $terminal ; then + echo "" + if $terminal ; then + echo -e " [ \033[32m\033[1mInfo\033[m ] $*" + else + echo " [ Info ] $*" + fi + echo "" + fi +} + +ok (){ + if $LOGGING || $terminal ; then + echo "" + if $terminal ; then + echo -e " [ \033[32m\033[1mOk\033[m ] $*" + else + echo " [ Ok ] $*" + fi + echo "" + fi +} + +echo_done() { + if $terminal ; then + echo -e "\033[75G[ \033[32mdone\033[m ]" + fi +} +echo_ok() { + if $terminal ; then + echo -e "\033[75G[ \033[32mok\033[m ]" + fi +} +echo_failed(){ + if $terminal ; then + echo -e "\033[75G[ \033[1;31mfailed\033[m ]" + fi +} +echo_skipped() { + if $terminal ; then + echo -e "\033[75G[ \033[33m\033[1mskipped\033[m ]" + fi +} +echo_wait(){ + if $terminal ; then + echo -en "\033[75G[ \033[5m\033[1m...\033[m ]" + fi +} + +trim() { + local var="$*" + var="${var#"${var%%[![:space:]]*}"}" # remove leading whitespace characters + var="${var%"${var##*[![:space:]]}"}" # remove trailing whitespace characters + echo -n "$var" +} + +blank_line() { + if $terminal ; then + echo "" + fi +} + + + +# ---------- +# - Jobhandling +# ---------- + +# - Run 'clean_up' for signals SIGHUP SIGINT SIGTERM +# - +trap clean_up SIGHUP SIGINT SIGTERM + +# - Create lock directory '$LOCK_DIR" +# +mkdir "$LOCK_DIR" + + +# ---------- +# - Some checks .. +# ---------- + +# - Running in a terminal? +# - +if [[ -t 1 ]] ; then + terminal=true +else + fatal "Script must run in a terminal." +fi + +# - Print help? +# - +if [[ "$(trim $*)" = "-h" ]] || [[ "$(trim $*)" = "--help" ]] ; then + usage +fi + +if [[ -z "$(which basename)" ]]; then + fatal 'It seems "basename" is not installed, but needed!' +fi + +if [[ -z "$(which realpath)" ]]; then + fatal 'It seems "realpath" is not installed, but needed!' +fi + + +# ========== +# - Begin Main Script +# ========== + +# ---------- +# - Headline +# ---------- + +if $terminal ; then + echo "" + echo -e "\033[1m----------\033[m" + echo -e "\033[32m\033[1mRunning script \033[m\033[1m$script_name\033[32m .. \033[m" + echo -e "\033[1m----------\033[m" +fi + + +# ---------- +# - Read in parameters given by user +# ---------- + +echo "" +echo -e " \033[32m--\033[m" +echo "" +echo " Insert the password for which the password hash should be created." +echo "" +echo "" +_CLEAR_PASSWD_1="X" +_CLAER_PASSWD_2="Y" +while [[ "$_CLEAR_PASSWD_1" != "$_CLEAR_PASSWD_2" ]] ; do + + echononl "\033[1mPassword :\033[m " + read -s _CLEAR_PASSWD_1 + + blank_line + + if [[ "X$_CLEAR_PASSWD_1" = "X" ]]; then + echo -e "\n \033[33m\033[1mA password is required!\033[m\n" + continue + fi + + echononl "\033[1mRepeat password:\033[m " + read -s _CLEAR_PASSWD_2 + + if [[ "$_CLEAR_PASSWD_1" != "$_CLEAR_PASSWD_2" ]]; then + echo -e "\n\n \033[33m\033[1mPasswords did not match!\033[m\n" + else + CLEAR_PASS="$_CLEAR_PASSWD_1" + fi + +done + +echo "" +echo "" +echononl "Print a summary including the clear password? [\033[1myes/no\033[m]: " +read OK +while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do + echononl "\033[33mWrong entry!\033[m [\033[1myes/no\033[m]: " + read OK +done + +if [[ "${OK,,}" = "yes" ]] ; then + echo "" + echo "" + echo -e " \033[32m\033[1mParameter Summary:\033[m" + echo "" + + echo " Clear password.............: $CLEAR_PASS" + + echo "" + echononl "Continue with this parameters? [\033[1myes/no\033[m]: " + read OK + while [[ "${OK,,}" != "yes" ]] && [[ "${OK,,}" != "no" ]] ; do + echononl "\033[33mWrong entry!\033[m [\033[1myes/no\033[m]: " + read OK + done + [[ "${OK,,}" = "yes" ]] || fatal "Canceled by user input." +fi + + + +# ---------- +# - Some pre-script tasks .. +# ---------- + + +# ---------- +# - Main part of script +# ---------- + +SALTED_HASH="$(mkpasswd -m sha-512 -S "$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w $SALT_LENGTH | head -n 1)" -s <<< $CLEAR_PASS)" + + +echo "" +info "Salted SHA512 password hash:" + +echo -e "\t\033[1m${SALTED_HASH}\033[m\n" + +clean_up 0