Moved script into wrong folder

2022-03-28 14:58:42 +09:00
parent 18b544a1a4
commit 12d8d57bd2
2 changed files with 134 additions and 383 deletions
--- a/bin/user_create.sh
+++ b/bin/user_create.sh
@@ -88,137 +88,145 @@ cat "${root_folder}${input_file}" |
 while read i; do
 	# skip rows start with # (comment)
 	if [[ "${i}" =~ ^\# ]]; then
-		echo -e "";
+		continue;
+	fi;
+	# make lower case, remove spaces
+	user=$(echo "${i}" | cut -d ";" -f 2 | tr A-Z a-z | tr -d ' ');
+	_group=$(echo "${i}" | cut -d ";" -f 3 | tr A-Z a-z | tr -d ' ');
+	group=$(echo "${_group}" | cut -d "," -f 1);
+	sub_group="";
+	sub_group_opt="";
+	# check if "," inside and extract sub groups
+	if [ -z "${_group##*,*}" ]; then
+		sub_group=$(echo "${_group}" | cut -d "," -f 2-);
+		sub_group_opt=" -G ${sub_group}";
+	fi;
+	# override host name, lowercase and spaces removed
+	_hostname=$(echo "${i}" | cut -d ";" -f 5 | tr A-Z a-z | tr -d ' ');
+	if [ -z "${_hostname}" ]; then
+		hostname=${host};
 	else
-		# make lower case, remove spaces
-		user=$(echo "${i}" | cut -d ";" -f 2 | tr A-Z a-z | tr -d ' ');
-		_group=$(echo "${i}" | cut -d ";" -f 3 | tr A-Z a-z | tr -d ' ');
-		group=$(echo "${_group}" | cut -d "," -f 1);
-		sub_group="";
-		sub_group_opt="";
-		# check if "," inside and extract sub groups
-		if [ -z "${_group##*,*}" ]; then
-			sub_group=$(echo "${_group}" | cut -d "," -f 2-);
-			sub_group_opt=" -G ${sub_group}";
-		fi;
-		# override host name, lowercase and spaces removed
-		_hostname=$(echo "${i}" | cut -d ";" -f 5 | tr A-Z a-z | tr -d ' ');
-		if [ -z "${_hostname}" ]; then
-			hostname=${host};
-		else
-			hostname=${_hostname};
-		fi;
-				# do we have a password preset
-		_password=$(echo "${i}" | cut -d ";" -f 4);
-		_ssh_keytype=$(echo "${i}" | cut -d ";" -f 6 | tr A-Z a-z | tr -d ' ');
-		if [ "${_ssh_keytype}" = "rsa" ]; then
-			ssh_keytype="${_ssh_keytype}";
-			#echo "[!!] BACKWARDS COMPATIBLE RSA TYPE SELECTION [!!]";
-		fi;
-		# user & group not set
-		if [ -z "${user}" ] || [ -z "${_group}" ]; then
-			echo "[!!!!!] Missing user or group entry for ${user}/${_group}";
-			echo "[*** ABORT RUN ***]"
-			break;
-		fi;
-		# SSH file name part without folder
-		ssh_keygen_id="${hostname}${separator}${group}${separator}${user}${separator}${ssh_keytype}.pem";
-		# the full file including folder name
-		ssh_keyfile="${root_folder}${ssh_keygen_folder}${ssh_keygen_id}";
-		# publ file if new
-		ssh_keyfile_pub="${ssh_keyfile}.pub";
-		# check existing pub file
-		ssh_keyfile_check_pub="${root_folder}${ssh_keygen_folder_created_pub}${ssh_keygen_id}.pub";
+		hostname=${_hostname};
+	fi;
+			# do we have a password preset
+	_password=$(echo "${i}" | cut -d ";" -f 4);
+	_ssh_keytype=$(echo "${i}" | cut -d ";" -f 6 | tr A-Z a-z | tr -d ' ');
+	if [ "${_ssh_keytype}" = "rsa" ]; then
+		ssh_keytype="${_ssh_keytype}";
+		#echo "[!!] BACKWARDS COMPATIBLE RSA TYPE SELECTION [!!]";
+	fi;
+	# user & group not set
+	if [ -z "${user}" ] || [ -z "${_group}" ]; then
+		echo "[!!!!!] Missing user or group entry for ${user}/${_group}";
+		echo "[*** ABORT RUN ***]"
+		break;
+	fi;
+	# SSH file name part without folder
+	ssh_keygen_id="${hostname}${separator}${group}${separator}${user}${separator}${ssh_keytype}.pem";
+	# the full file including folder name
+	ssh_keyfile="${root_folder}${ssh_keygen_folder}${ssh_keygen_id}";
+	# publ file if new
+	ssh_keyfile_pub="${ssh_keyfile}.pub";
+	# check existing pub file
+	ssh_keyfile_check_pub="${root_folder}${ssh_keygen_folder_created_pub}${ssh_keygen_id}.pub";

-		if [ ${INFO} -eq 1 ]; then
-			echo "User: '${user}:${group}(${sub_group})', SSH: ${ssh_keygen_id}";
-			continue;
-		fi;
-
-		# add group for each entry in _group
-		for create_group in ${_group//,/ }; do
-			if [ ${TEST} -eq 0 ]; then
-				groupadd -f ${create_group};
-			else
-				echo "$> groupadd -f ${create_group}";
-			fi;
-		done;
-		# check if user is not already created
+	if [ ${INFO} -eq 1 ]; then
+		# test if pub file exists or not, test if user exists
+		echo -n "User: '${user}:${group}(${sub_group})', SSH: ${ssh_keygen_id}";
 		if getent passwd ${user} > /dev/null 2>&1; then
-			echo "-- Skip '${user}:${group}(${sub_group})'";
-		else
-			echo "++ Create '${user}:${group}(${sub_group})'";
-			if [ ${TEST} -eq 0 ]; then
-				useradd -s /bin/bash -g ${group}${sub_group_opt} -m ${user};
-			else
-				echo "$> useradd -s /bin/bash -g ${group}${sub_group_opt} -m ${user}";
-			fi;
+			echo -n ", User exists";
 		fi;
-		skip_ssh=0;
-		# if public pem already exists skip creation
-		if [ ! -f "${ssh_keyfile_check_pub}" ]; then
-			# Note we only create a password if we need it
-			# password + store pwgen 10 1 -1
-			if [ -z "${_password}" ]; then
-				password=$(printf "%s" $(pwgen 10 1));
-			else
-				echo "! Override password set";
-				password=${_password};
-			fi;
-			# create SSH key
-			echo " > Create ssh key-pair '${ssh_keyfile}'";
-			if [ ${TEST} -eq 0 ]; then
-				ssh-keygen \
-					-t ${ssh_keytype} \
-					-f "${ssh_keyfile}" \
-					-C "${hostname}: ${user}@${group}" \
-					-a 100 -N "${password}"
-			else
-				echo "$> ssh-keygen -t ${ssh_keytype} -f ${ssh_keyfile} -C ${hostname}: ${user}@${group} -a 100 -N ${password}";
-			fi;
-		else
-			found=$(grep "$(cat ${ssh_keyfile_check_pub})" /home/${user}/.ssh/authorized_keys);
-			if [ ! -z "${found}" ]; then
-				skip_ssh=1;
-				# override previously set with stored one
-				ssh_keyfile_pub=${ssh_keyfile_check_pub};
-				echo "-- Skip SSH Key creation: ${ssh_keygen_id}.pub";
-			else
-				echo " < Use existing public ssh key '${ssh_keygen_id}.pub'";
-				# Password already set notification
-			fi;
-			password="[ALREADY SET]";
+		if [ -f "${ssh_keyfile_pub}" ]; then
+			echo -n ", SSH Pub key OK";
 		fi;
-		if [ ${skip_ssh} -eq 0 ]; then
-			# write login info to output file
-			if [ ${TEST} -eq 0 ]; then
-				echo $(date +"%F %T")";"${host}";"${_hostname}";"${user}";"${password} >> ${root_folder}${output_file};
-			else
-				echo $(date +"%F %T")";"${host}";"${_hostname}";"${user}";"${password} >> ${root_folder}${output_file}".TEST";
-			fi;
-			# create the SSH foler and authorized access file with correct permissions
-			echo " > Create .ssh folder";
-			if [ ${TEST} -eq 0 ]; then
-				mkdir /home/${user}/.ssh/;
-			else
-				echo "$> mkdir /home/${user}/.ssh/";
-			fi;
-			echo " > Add public into authorized_keys";
-			if [ ${TEST} -eq 0 ]; then
-				cat "${ssh_keyfile_pub}" > /home/${user}/.ssh/authorized_keys;
-			else
-				echo "$> cat ${ssh_keyfile_pub} > /home/${user}/.ssh/authorized_keys";
-			fi;
-			echo " > Secure folder .ssh and authorized_keys file";
-			if [ ${TEST} -eq 0 ]; then
-				chown -R ${user}:${group} /home/${user}/.ssh/;
-				chmod 700 /home/${user}/.ssh/;
-				chmod 600 /home/${user}/.ssh/authorized_keys;
-			else
-				echo "$> chown -R ${user}:${group} /home/${user}/.ssh/";
-				echo "$> chmod 700 /home/${user}/.ssh/";
-				echo "$> chmod 600 /home/${user}/.ssh/authorized_keys";
-			fi;
+		# line break
+		echo "";
+		continue;
+	fi;
+
+	# add group for each entry in _group
+	for create_group in ${_group//,/ }; do
+		if [ ${TEST} -eq 0 ]; then
+			groupadd -f ${create_group};
+		else
+			echo "$> groupadd -f ${create_group}";
+		fi;
+	done;
+	# check if user is not already created
+	if getent passwd ${user} > /dev/null 2>&1; then
+		echo "-- Skip '${user}:${group}(${sub_group})'";
+	else
+		echo "++ Create '${user}:${group}(${sub_group})'";
+		if [ ${TEST} -eq 0 ]; then
+			useradd -s /bin/bash -g ${group}${sub_group_opt} -m ${user};
+		else
+			echo "$> useradd -s /bin/bash -g ${group}${sub_group_opt} -m ${user}";
+		fi;
+	fi;
+	skip_ssh=0;
+	# if public pem already exists skip creation
+	if [ ! -f "${ssh_keyfile_check_pub}" ]; then
+		# Note we only create a password if we need it
+		# password + store pwgen 10 1 -1
+		if [ -z "${_password}" ]; then
+			password=$(printf "%s" $(pwgen 10 1));
+		else
+			echo "! Override password set";
+			password=${_password};
+		fi;
+		# create SSH key
+		echo " > Create ssh key-pair '${ssh_keyfile}'";
+		if [ ${TEST} -eq 0 ]; then
+			ssh-keygen \
+				-t ${ssh_keytype} \
+				-f "${ssh_keyfile}" \
+				-C "${hostname}: ${user}@${group}" \
+				-a 100 -N "${password}"
+		else
+			echo "$> ssh-keygen -t ${ssh_keytype} -f ${ssh_keyfile} -C ${hostname}: ${user}@${group} -a 100 -N ${password}";
+		fi;
+	else
+		found=$(grep "$(cat ${ssh_keyfile_check_pub})" /home/${user}/.ssh/authorized_keys);
+		if [ ! -z "${found}" ]; then
+			skip_ssh=1;
+			# override previously set with stored one
+			ssh_keyfile_pub=${ssh_keyfile_check_pub};
+			echo "-- Skip SSH Key creation: ${ssh_keygen_id}.pub";
+		else
+			echo " < Use existing public ssh key '${ssh_keygen_id}.pub'";
+			# Password already set notification
+		fi;
+		password="[ALREADY SET]";
+	fi;
+	if [ ${skip_ssh} -eq 0 ]; then
+		# write login info to output file
+		if [ ${TEST} -eq 0 ]; then
+			echo $(date +"%F %T")";"${host}";"${_hostname}";"${user}";"${password} >> ${root_folder}${output_file};
+		else
+			echo $(date +"%F %T")";"${host}";"${_hostname}";"${user}";"${password} >> ${root_folder}${output_file}".TEST";
+		fi;
+		# create the SSH foler and authorized access file with correct permissions
+		echo " > Create .ssh folder";
+		if [ ${TEST} -eq 0 ]; then
+			mkdir /home/${user}/.ssh/;
+		else
+			echo "$> mkdir /home/${user}/.ssh/";
+		fi;
+		echo " > Add public into authorized_keys";
+		if [ ${TEST} -eq 0 ]; then
+			cat "${ssh_keyfile_pub}" > /home/${user}/.ssh/authorized_keys;
+		else
+			echo "$> cat ${ssh_keyfile_pub} > /home/${user}/.ssh/authorized_keys";
+		fi;
+		echo " > Secure folder .ssh and authorized_keys file";
+		if [ ${TEST} -eq 0 ]; then
+			chown -R ${user}:${group} /home/${user}/.ssh/;
+			chmod 700 /home/${user}/.ssh/;
+			chmod 600 /home/${user}/.ssh/authorized_keys;
+		else
+			echo "$> chown -R ${user}:${group} /home/${user}/.ssh/";
+			echo "$> chmod 700 /home/${user}/.ssh/";
+			echo "$> chmod 600 /home/${user}/.ssh/authorized_keys";
 		fi;
 	fi;
 done;