Add ignore from file for authorized keys move

2023-06-01 17:33:22 +09:00
parent b5854f93c4
commit a1af63de39
1 changed files with 16 additions and 0 deletions
--- a/bin/authorized_key_location_change.sh
+++ b/bin/authorized_key_location_change.sh
@@ -65,12 +65,24 @@ if [ ${LIST} -eq 1 ]; then
 	exit;
 fi;

+# base folder
+BASE_FOLDER=$(dirname $(readlink -f $0))"/";
+# output printf
 PRINTF_INFO="%-8s [%3s]: %-25s: %s\n";
 # list of user accounts we will never touch
 NO_ACTION=(root);
 # move, but must check that master is set
 # master key is the first in the authorized keys list for the below users
 MASTER_KEY=(admin ec2-user ubuntu);
+# skip user file
+IGNORE_USER_FILE="../config/authorized_key_location_change.ignore"
+# list of users to skip from file
+IGNORE_USER=();
+
+if [ -f "${BASE_FOLDER}${IGNORE_USER_FILE}" ]; then
+	readarray -t IGNORE_USER < "${BASE_FOLDER}${IGNORE_USER_FILE}";
+	echo "Reading ${IGNORE_USER_FILE}";
+fi;

 # loop over passwd file
 # if not in no action then check if .ssh/authorized_keys file exists
@@ -87,6 +99,10 @@ while read user_home; do
 		printf "${PRINTF_INFO}" "SKIP" "*" "${username}" "skip forced via command line";
 		continue;
 	fi;
+	if [[ " ${IGNORE_USER[*]} " =~ " ${username} " ]]; then
+		printf "${PRINTF_INFO}" "SKIP" "**" "${username}" "skip from ignore config file";
+		continue;
+	fi;
 	home_folder=$(echo "${user_home}" | cut -d ":" -f 2);
 	# skip no .ssh/authorized_ekys
 	if [ ! -f "${home_folder}/.ssh/authorized_keys" ]; then