diff options
Diffstat (limited to 'init-sh/grpuser.sh')
| -rwxr-xr-x | init-sh/grpuser.sh | 195 |
1 files changed, 0 insertions, 195 deletions
diff --git a/init-sh/grpuser.sh b/init-sh/grpuser.sh deleted file mode 100755 index 31b6996..0000000 --- a/init-sh/grpuser.sh +++ /dev/null @@ -1,195 +0,0 @@ -#!/bin/bash - -# -# Writen by Vandoorselaere Yoann <yoann@mandrakesoft.com> -# Thanks to Francis Galiegue. -# - -file="group" -group_line="" -new_group_line="" -group_name=$2 -user_name=$3 - -Usage() { - echo "Usage :" - echo " --clean ---> Remove all group change." - echo " --refresh ---> Read group name in /etc/security/msec/group.conf" - echo " and add each user in /etc/security/msec/user.conf" - echo " in these groups ( if security level is <= 2 )" -} - -ModifyFile() { - tmpfile=`mktemp /tmp/grpuser.XXXXXX` - cp /etc/${file} ${tmpfile} - - head -$((group_line_number - 1)) ${tmpfile} > /etc/${file} - echo "${new_group_line}" >> /etc/${file} - tail +$((group_line_number + 1)) ${tmpfile} >> /etc/${file} - - rm -f ${tmpfile} -} - -RemoveUserFromGroup() { - new_group_line=${group}`echo ${group_users} | - sed -e s/,${user_name}$//g -e s/${user_name},//g -e s/${user_name}$//g` -} - -AppendUserToGroup() { - if [[ -z ${group_users} ]]; then - new_group_line=${group_line}${user_name} - else - new_group_line=${group_line}",${user_name}" - fi -} - -IsUserAlreadyInGroup() { - if echo ${group_users} | grep -qw "${user_name}"; then - return 0 - fi - - return 1 -} - -IsGroupExisting() { - group_line="" - group_line_number="" - - # We get some group infos as well, will be used later - tmp=`grep -n "^${group_name}:" /etc/${file} | tr -d " "` - - group_line_number=`echo ${tmp} | awk -F: '{print $1}'` - group=`echo ${tmp} | awk -F: '{print $2":"$3":"$4":"}'` - group_users=`echo ${tmp} | awk -F: '{print $5}'` - group_line=`echo ${tmp} | awk -F: '{print $2":"$3":"$4":"$5}'` - - [ -z "${tmp}" ] && return 1 - - return 0 -} - -IsUserExisting() { - grep -qn "^${user_name}:" /etc/passwd - if [[ $? == 0 ]]; then - return 0; - fi - - return 1; -} - -RefreshAdd() { - if [[ ${SECURE_LEVEL} == 3 || ${SECURE_LEVEL} == 4 || ${SECURE_LEVEL} == 5 || ${SECURE_LEVEL} == snf ]]; then - echo "You are in a secure level > 2, in this level you need to add group user by yourself." - echo "Use the command : usermod -G group_name user_name" - exit 1; - fi - - cat /etc/security/msec/group.conf | grep -v "^$" | while read group_name; do - IsGroupExisting; - if [[ $? != 0 ]]; then - echo "Group \"${group_name}\" doesn't exist. skiping it." - else - cat /etc/security/msec/user.conf | grep -v "^$" | while read user_name; do - IsUserExisting; - if [[ $? != 0 ]]; then - # user doesn't exist - echo "Can't add user \"${user_name}\" to group \"${group_name}\" user doesn't exist. skiping." - IsUserAlreadyInGroup; - if [[ $? == 0 ]]; then - #User doesn't exist but is in a group... delete user from this group. - IsGroupExisting; - RemoveUserFromGroup; - ModifyFile; - fi - else - echo "Adding user \"${user_name}\" to group \"${group_name}\"." - IsGroupExisting; - IsUserAlreadyInGroup; - if [[ $? == 1 ]]; then - AppendUserToGroup; - ModifyFile; - fi - fi - done - fi - done -} - -RefreshDel() { - cat /etc/security/msec/group.conf | grep -v "^$" | while read group_name; do - IsGroupExisting; - if [[ $? != 0 ]]; then - echo "Group \"${group_name}\" doesn't exist. skiping it." - else - cat /etc/security/msec/user.conf | grep -v "^$" | while read user_name; do - IsGroupExisting; # We need some variable at each turn. - IsUserAlreadyInGroup; - if [[ $? == 0 ]]; then - echo "Removing \"${user_name}\" from group \"${group_name}\"." - RemoveUserFromGroup; - ModifyFile; - fi - done - fi - done -} - - - -Perm() { - if [[ ${UID} != 0 ]]; then - echo "You need root access to use this tool." - echo "And this script shouldn't be used by users." - exit 1 - fi - - if [[ ! -w /etc/${file} ]]; then - echo "You're not allowed to write to /etc/group..." - exit 1 - fi - - if [[ ! -f /etc/security/msec/group.conf ]]; then - echo "/etc/security/msec/group.conf doesn't exist..." - exit 1 - fi - - if [[ ! -f /etc/security/msec/user.conf ]]; then - echo "/etc/security/msec/user.conf doesn't exist..." - exit 1 - fi -} - -if [[ $# == 1 ]]; then - case $1 in - "--refresh") - Perm; - RefreshAdd; - exit 0 - ;; - "--clean") - Perm; - RefreshDel; - exit 0 - ;; - esac - Usage; - exit 0 -else - Usage; -fi - - - - - - - - - - - - - - - - |