Update lock script, add unlock script, minor updates in other scripts

Make sure that lock script reejcts core users
(root/ec2-user/admin/ubuntu)

Unlock script works reverse with also optional check in user_list.txt
for ssh allow/foward group type

Internal:
rename all $user to $username

bin/check_last_login.sh

@@ -5,6 +5,7 @@
 
 # base folder
 BASE_FOLDER=$(dirname $(readlink -f $0))"/";
+input_file='user_list.txt';
 # which groups holds the ssh allowed login users (outside of admin users)
 ssh_groups=('sshforward' 'sshallow');
 ssh_reject_group='sshreject';
@@ -41,21 +42,26 @@ echo "Max age no login  : ${max_age_create} days";
 for ssh_group in ${ssh_groups[@]}; do
 echo "--------------------->"
 echo "Checking Group    : ${ssh_group}";
-	for user in $(cat /etc/group|grep "${ssh_group}:" | cut -d ":" -f 4 | sed -e 's/,/ /g'); do
+	for username in $(cat /etc/group|grep "${ssh_group}:" | cut -d ":" -f 4 | sed -e 's/,/ /g'); do
+		# check that user exists in passwd
+		if ! id "${username}" &>/dev/null; then
+			echo "[!] User $username does not exists in /etc/passwd file";
+			continue;
+		fi;
 		account_age=0;
 		delete_user=0;
 		out_string="";
-		#echo "* Checking user ${user}";
+		#echo "* Checking user ${username}";
 		# check user create time, if we have set it in comment
-		user_create_date=$(cat /etc/passwd | grep "${user}:" | cut -d ":" -f 5);
+		user_create_date=$(cat /etc/passwd | grep "${username}:" | cut -d ":" -f 5);
 		# if empty try last password set time
 		if [ -z "${user_create_date}" ]; then
 			# user L 11/09/2020 0 99999 7 -1
-			user_create_date=$(passwd -S ${user} | cut -d " " -f 3);
+			user_create_date=$(passwd -S ${username} | cut -d " " -f 3);
 		fi;
 		# last try is user home .bash_logout
 		if [ -z "${user_create_date}" ]; then
-			home_dir=$(cat /etc/passwd | grep "${user}:" | cut -d ":" -f 6)"/.bash_logout";
+			home_dir=$(cat /etc/passwd | grep "${username}:" | cut -d ":" -f 6)"/.bash_logout";
 			user_create_date=$(stat -c %Z "${home_dir}");
 		fi;
 
@@ -63,15 +69,15 @@ echo "Checking Group    : ${ssh_group}";
 		# users. Use the collect script from systemd-logind or /var/log/secure
 		# Username         Port     From             Latest
 		# user             pts/35   10.110.160.230   Wed Nov  2 09:40:35 +0900 2022
-		last_login_string=$(lastlog -u ${user} | sed 1d);
+		last_login_string=$(lastlog -u ${username} | sed 1d);
 		search="Never logged in";
 		found="";
 		# problem with running rep check in if
 		if [ -f "${AUTH_LOG}" ]; then
-			found=$(grep "${user};" "${AUTH_LOG}");
+			found=$(grep "${username};" "${AUTH_LOG}");
 		fi;
 		if [ ! -z "${found}" ]; then
-			last_login_date=$(grep "${user};" "${AUTH_LOG}" | cut -d ";" -f 2 | date +"%s" -f -);
+			last_login_date=$(grep "${username};" "${AUTH_LOG}" | cut -d ";" -f 2 | date +"%s" -f -);
 			last_login=$(awk '{printf("%.0f\n",($1-$2)/$3)}' <<<"${now} ${last_login_date} ${day}");
 			if [ ${last_login} -gt ${max_age_login} ]; then
 				out_string="[!] last ssh log in ${last_login} days ago";
@@ -109,15 +115,15 @@ echo "Checking Group    : ${ssh_group}";
 		fi;
 		# build delete output
 		if [ ${delete_user} = 1 ]; then
-			delete_accounts="${delete_accounts}"$(printf "${user_group_tpl}" "${user}" "${ssh_group}" "${user}" "${ssh_reject_group}")$'\n';
+			delete_accounts="${delete_accounts}"$(printf "${user_group_tpl}" "${username}" "${ssh_group}" "${username}" "${ssh_reject_group}")$'\n';
 		fi;
-		printf "* Checking user %-20s: %s\n" "${user}" "${out_string}";
+		printf "* Checking user %-20s: %s\n" "${username}" "${out_string}";
 	done;
 done;
 echo "--------------------->"
 echo "Showing current SSH Reject users:"
 for user in $(cat /etc/group|grep "${ssh_reject_group}:" | cut -d ":" -f 4 | sed -e 's/,/ /g'); do
-	echo "${user}";
+	echo "${username}";
 done;
 if [ ! -z "${delete_accounts}" ]; then
 	echo "--------------------->"