aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh/grpuser.sh
diff options
context:
space:
mode:
authorYoann Vandoorselaere <yoann@mandriva.com>1999-12-15 17:21:06 +0000
committerYoann Vandoorselaere <yoann@mandriva.com>1999-12-15 17:21:06 +0000
commitf7724d679b59540db2af2a17eb3ee169dad870d5 (patch)
tree7c61660ae07f680cb15c69687ca3d4db031bd58f /init-sh/grpuser.sh
parentf8210b92de7849d956c817f86face6175ab51932 (diff)
downloadmsec-f7724d679b59540db2af2a17eb3ee169dad870d5.tar
msec-f7724d679b59540db2af2a17eb3ee169dad870d5.tar.gz
msec-f7724d679b59540db2af2a17eb3ee169dad870d5.tar.bz2
msec-f7724d679b59540db2af2a17eb3ee169dad870d5.tar.xz
msec-f7724d679b59540db2af2a17eb3ee169dad870d5.zip
*** empty log message ***
Diffstat (limited to 'init-sh/grpuser.sh')
-rwxr-xr-xinit-sh/grpuser.sh161
1 files changed, 161 insertions, 0 deletions
diff --git a/init-sh/grpuser.sh b/init-sh/grpuser.sh
new file mode 100755
index 0000000..6fa0e5d
--- /dev/null
+++ b/init-sh/grpuser.sh
@@ -0,0 +1,161 @@
+#!/bin/sh
+
+#
+# Writen by Vandoorselaere Yoann <yoann@mandrakesoft.com>
+# Thanks to Francis Galiegue.
+#
+
+file="group"
+group_line=""
+new_group_line=""
+group_name=$2
+user_name=$3
+
+Usage() {
+ echo "Usage :"
+ echo " --refresh ---> Read group name in /etc/security/msec/group.conf"
+ echo " and add each user in /etc/security/msec/user.conf"
+ echo " in these groups ( if security level is <= 2 )"
+}
+
+ModifyFile() {
+ cp /etc/${file} /tmp/${file}.old
+
+ head -$((group_line_number - 1)) /tmp/${file}.old > /etc/${file}
+ echo "${new_group_line}" >> /etc/${file}
+ tail +$((group_line_number + 1)) /tmp/${file}.old >> /etc/${file}
+
+ rm -f /tmp/${file}.old
+}
+
+RemoveUserFromGroup() {
+ new_group_line=${group}`echo ${group_users} |
+ sed -e s/,${user_name}$//g -e s/${user_name},//g -e s/${user_name}$//g`
+}
+
+AppendUserToGroup() {
+ if [[ -z ${group_users} ]]; then
+ new_group_line=${group_line}${user_name}
+ else
+ new_group_line=${group_line}",${user_name}"
+ fi
+}
+
+IsUserAlreadyInGroup() {
+ if echo ${group_users} | grep -qw "${user_name}"; then
+ return 0
+ fi
+
+ return 1
+}
+
+IsGroupExisting() {
+ group_line=""
+ group_line_number=""
+
+ # We get some group infos as well, will be used later
+ tmp=`grep -n "^${group_name}:" /etc/${file} | tr -d " "`
+
+ group_line_number=`echo ${tmp} | awk -F: '{print $1}'`
+ group=`echo ${tmp} | awk -F: '{print $2":"$3":"$4":"}'`
+ group_users=`echo ${tmp} | awk -F: '{print $5}'`
+ group_line=`echo ${tmp} | awk -F: '{print $2":"$3":"$4":"$5}'`
+
+ [ -z "${tmp}" ] && return 1
+
+ return 0
+}
+
+IsUserExisting() {
+ grep -qn "^${user_name}:" /etc/passwd
+ if [[ $? == 0 ]]; then
+ return 0;
+ fi
+
+ return 1;
+}
+
+Refresh() {
+ if [[ ${SECURE_LEVEL} > 2 ]]; then
+ echo "You are in a secure level > 2, in this level you need to add group user by yourself."
+ echo "Use the command : usermod -G group_name user_name"
+ exit 1;
+ fi
+
+ cat /etc/security/msec/group.conf | while read group_name; do
+ IsGroupExisting;
+ if [[ $? != 0 ]]; then
+ echo "Group \"${group_name}\" doesn't exist. skiping it."
+ else
+ cat /etc/security/msec/user.conf | while read user_name; do
+ IsUserExisting;
+ if [[ $? != 0 ]]; then
+ # user doesn't exist
+ echo "Can't add user \"${user_name}\" to group \"${group_name}\"."
+ echo "\"${user_name}\" doesn't exist. skiping."
+ IsUserAlreadyInGroup;
+ if [[ $? == 0 ]]; then
+ # user doesn't exist but is in a group... delete user from this group.
+ RemoveUserFromgroup;
+ ModifyFile;
+ fi
+ else
+ usermod -G ${group_name} ${user_name}
+ fi
+ done
+ fi
+ done
+}
+
+Perm() {
+ if [[ ${UID} != 0 ]]; then
+ echo "You need root access to use this tool."
+ echo "And this script shouldn't be used by users."
+ exit 1
+ fi
+
+ if [[ ! -w /etc/${file} ]]; then
+ echo "You're not allowed to write to /etc/group..."
+ exit 1
+ fi
+
+ if [[ ! -f /etc/security/msec/group.conf ]]; then
+ echo "/etc/security/msec/group.conf doesn't exist..."
+ exit 1
+ fi
+
+ if [[ ! -f /etc/security/msec/user.conf ]]; then
+ echo "/etc/security/msec/user.conf doesn't exist..."
+ exit 1
+ fi
+}
+
+if [[ $# == 1 ]]; then
+ case $1 in
+ "--refresh")
+ Perm;
+ Refresh;
+ exit 0
+ ;;
+ esac
+ Usage;
+ exit 0
+else
+ Usage;
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+