*** empty log message ***

1 files changed, 161 insertions, 0 deletions

diff --git a/init-sh/grpuser.sh b/init-sh/grpuser.sh
new file mode 100755
index 0000000..6fa0e5d
--- /dev/null
+++ b/init-sh/grpuser.sh
@@ -0,0 +1,161 @@
+#!/bin/sh
+
+#
+# Writen by Vandoorselaere Yoann <yoann@mandrakesoft.com>
+# Thanks to Francis Galiegue.
+#
+
+file="group"
+group_line=""
+new_group_line=""
+group_name=$2
+user_name=$3
+
+Usage() {
+	echo "Usage :"
+	echo "  --refresh    ---> Read group name in /etc/security/msec/group.conf"
+	echo "                    and add each user in /etc/security/msec/user.conf"  
+	echo "                    in these groups ( if security level is <= 2 )" 
+}
+
+ModifyFile() {
+    cp /etc/${file} /tmp/${file}.old
+
+    head -$((group_line_number - 1)) /tmp/${file}.old > /etc/${file}
+    echo "${new_group_line}" >> /etc/${file}
+    tail +$((group_line_number + 1)) /tmp/${file}.old >> /etc/${file}
+	
+    rm -f /tmp/${file}.old
+}
+
+RemoveUserFromGroup() {
+    new_group_line=${group}`echo ${group_users} | 
+	sed -e s/,${user_name}$//g -e s/${user_name},//g -e s/${user_name}$//g`
+}
+
+AppendUserToGroup() {
+    if [[ -z ${group_users} ]]; then
+	new_group_line=${group_line}${user_name}
+    else
+	new_group_line=${group_line}",${user_name}"
+    fi
+}
+
+IsUserAlreadyInGroup() {
+    if echo ${group_users} | grep -qw "${user_name}"; then
+	return 0
+    fi
+    
+    return 1
+}
+
+IsGroupExisting() {
+    group_line=""
+    group_line_number=""
+    
+    # We get some group infos as well, will be used later
+    tmp=`grep -n "^${group_name}:" /etc/${file} | tr -d " "`
+    
+    group_line_number=`echo ${tmp} | awk -F: '{print $1}'`
+    group=`echo ${tmp} | awk -F: '{print $2":"$3":"$4":"}'`
+    group_users=`echo ${tmp} | awk -F: '{print $5}'`
+    group_line=`echo ${tmp} | awk -F: '{print $2":"$3":"$4":"$5}'`
+
+    [ -z "${tmp}" ] && return 1
+    
+    return 0
+}
+
+IsUserExisting() {
+	grep -qn "^${user_name}:" /etc/passwd
+	if [[ $? == 0 ]]; then
+		return 0;
+	fi
+
+	return 1;
+}
+
+Refresh() {
+    if [[ ${SECURE_LEVEL} > 2 ]]; then
+	echo "You are in a secure level > 2, in this level you need to add group user by yourself."
+	echo "Use the command : usermod -G group_name user_name"
+	exit 1;
+    fi
+
+    cat /etc/security/msec/group.conf | while read group_name; do
+	IsGroupExisting;
+	if [[ $? != 0 ]]; then
+	    echo "Group \"${group_name}\" doesn't exist. skiping it."
+	else
+	    cat /etc/security/msec/user.conf | while read user_name; do
+		IsUserExisting; 
+		if [[ $? != 0 ]]; then
+		    # user doesn't exist
+		    echo "Can't add user \"${user_name}\" to group \"${group_name}\"."
+		    echo "\"${user_name}\" doesn't exist. skiping."
+		    IsUserAlreadyInGroup;
+		    if [[ $? == 0 ]]; then
+			# user doesn't exist but is in a group... delete user from this group.
+			RemoveUserFromgroup;
+			ModifyFile;
+		    fi
+		else
+		    usermod -G ${group_name} ${user_name}
+		fi
+	    done
+	fi
+    done
+}
+
+Perm() {
+	if [[ ${UID} != 0 ]]; then
+	    echo "You need root access to use this tool."
+	    echo "And this script shouldn't be used by users."
+	    exit 1
+	fi
+
+	if [[ ! -w /etc/${file} ]]; then
+	    echo "You're not allowed to write to /etc/group..." 
+	    exit 1
+	fi
+
+	if [[ ! -f /etc/security/msec/group.conf ]]; then
+	    echo "/etc/security/msec/group.conf doesn't exist..."
+	    exit 1
+	fi
+       
+	if [[ ! -f /etc/security/msec/user.conf ]]; then
+	    echo "/etc/security/msec/user.conf doesn't exist..."
+	    exit 1
+	fi
+}
+
+if [[ $# == 1 ]]; then
+	case $1 in
+		"--refresh")
+			Perm;
+			Refresh;
+			exit 0
+			;;
+		esac
+			Usage;
+			exit 0
+else
+    Usage;
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+