Create user bug with positions in list file

bin/check_last_login.sh

@@ -5,7 +5,6 @@
 
 # base folder
 BASE_FOLDER=$(dirname $(readlink -f $0))"/";
-input_file='user_list.txt';
 # which groups holds the ssh allowed login users (outside of admin users)
 ssh_groups=('sshforward' 'sshallow');
 ssh_reject_group='sshreject';

bin/create_user.sh

@@ -45,7 +45,7 @@ separator="#";
 # base folder for all data
 # root_folder=$(pwd)'/';
 BASE_FOLDER=$(dirname $(readlink -f $0))"/";
-root_folder="${BASE_FOLDER}";
+root_folder="${BASE_FOLDER}../";
 input_file='user_list.txt';
 output_file="user_password.${timestamp}.txt";
 output_zip_folder='zip/';
@@ -109,11 +109,13 @@ while read i; do
 	if [[ "${i}" =~ ^\# ]]; then
 		continue;
 	fi;
-	# make lower case, remove spaces
+	# POS 2: make lower case, remove spaces
 	username=$(echo "${i}" | cut -d ";" -f 2 | tr A-Z a-z | tr -d ' ');
+	# POS 3: groups
 	_group=$(echo "${i}" | cut -d ";" -f 3 | tr A-Z a-z | tr -d ' ');
 	group=$(echo "${_group}" | cut -d "," -f 1);
 	sub_group="";
+	# POS 4: ssh access type
 	ssh_access_type=$(echo "${i}" | cut -d ";" -f 4 | tr A-Z a-z | tr -d ' ');
 	# if not allow or forward, set to access
 	if [ "${ssh_access_type}" != "allow" ] && [ "${ssh_access_type}" != "forward" ]; then
@@ -132,16 +134,17 @@ while read i; do
 		sub_group=$(echo "${_group}" | cut -d "," -f 2-);
 		sub_group_opt=" -G ${sub_group}";
 	fi;
-	# override host name, lowercase and spaces removed
+	# POS 5: do we have a password preset
-	_hostname=$(echo "${i}" | cut -d ";" -f 5 | tr A-Z a-z | tr -d ' ');
+	_password=$(echo "${i}" | cut -d ";" -f 5);
+	# POS 6: override host name, lowercase and spaces removed
+	_hostname=$(echo "${i}" | cut -d ";" -f 6 | tr A-Z a-z | tr -d ' ');
 	if [ -z "${_hostname}" ]; then
 		hostname=${host};
 	else
 		hostname=${_hostname};
 	fi;
-			# do we have a password preset
+	# POS 7: ssh keytype override
-	_password=$(echo "${i}" | cut -d ";" -f 4);
+	_ssh_keytype=$(echo "${i}" | cut -d ";" -f 7 | tr A-Z a-z | tr -d ' ');
-	_ssh_keytype=$(echo "${i}" | cut -d ";" -f 6 | tr A-Z a-z | tr -d ' ');
 	if [ "${_ssh_keytype}" = "rsa" ]; then
 		ssh_keytype="${_ssh_keytype}";
 		#echo "[!!] BACKWARDS COMPATIBLE RSA TYPE SELECTION [!!]";

bin/unlock_user.sh

@@ -42,6 +42,8 @@ if [ ! -z "${SSH_GROUP_ADD}" ] && [ "${SSH_GROUP_ADD}" != "allow" ] && [ "${SSH_
 fi;
 
 BASE_FOLDER=$(dirname $(readlink -f $0))"/";
+root_folder="${BASE_FOLDER}../";
+input_file='user_list.txt';
 # ignore users (root and admin users)
 ignore_users=('root' 'ec2-user' 'ubuntu' 'admin');
 # ssh reject group
@@ -85,8 +87,8 @@ for username in "$@"; do
 	# else try to set from option
 	# if not valid use allow
 	ssh_add_group="${SSH_GROUP_ADD}";
-	if [ -z "${SSH_GROUP_ADD}" ] && [ -f "${BASE_FOLDER}${input_file}" ]; then
+	if [ -z "${SSH_GROUP_ADD}" ] && [ -f "${root_folder}${input_file}" ]; then
-		ssh_add_group=$(grep "${username}" "${BASE_FOLDER}${input_file}" | cut -d ";" -f 4 | tr A-Z a-z | tr -d ' ');
+		ssh_add_group=$(grep "${username}" "${root_folder}${input_file}" | cut -d ";" -f 4 | tr A-Z a-z | tr -d ' ');
 	fi;
 	if [ "${ssh_access_type}" != "allow" ] && [ "${ssh_access_type}" != "forward" ]; then
 		ssh_add_group="allow";
@@ -100,9 +102,8 @@ for username in "$@"; do
 		if [ ${TEST} -eq 1 ]; then
 			printf "${user_group_tpl}" "${username}" "${ssh_reject_group}" "${username}" "${ssh_add_group}";
 		else
-			#gpasswd -d "${username}" "${ssh_reject_group}";
+			gpasswd -d "${username}" "${ssh_reject_group}";
-			#gpasswd -a "${username}" "${ssh_add_group}";
+			gpasswd -a "${username}" "${ssh_add_group}";
-			echo "NOOP";
 		fi;
 	else
 		# skip not ssh user