*** empty log message ***

1 files changed, 67 insertions, 58 deletions

diff --git a/init-sh/grpuser b/init-sh/grpuser
index fb2ad25..6fa0e5d 100755
--- a/init-sh/grpuser
+++ b/init-sh/grpuser
@@ -13,12 +13,13 @@ user_name=$3
 
 Usage() {
 	echo "Usage :"
-	echo "	--add [ groupname ] [ username ] ---> Add an user to a group."
-	echo "	--del [ groupname ] [ username ] ---> Delete an user from a group."
+	echo "  --refresh    ---> Read group name in /etc/security/msec/group.conf"
+	echo "                    and add each user in /etc/security/msec/user.conf"  
+	echo "                    in these groups ( if security level is <= 2 )" 
 }
 
 ModifyFile() {
-    mv /etc/${file} /tmp/${file}.old
+    cp /etc/${file} /tmp/${file}.old
 
     head -$((group_line_number - 1)) /tmp/${file}.old > /etc/${file}
     echo "${new_group_line}" >> /etc/${file}
@@ -42,10 +43,10 @@ AppendUserToGroup() {
 
 IsUserAlreadyInGroup() {
     if echo ${group_users} | grep -qw "${user_name}"; then
-	return 1
+	return 0
     fi
     
-    return 0
+    return 1
 }
 
 IsGroupExisting() {
@@ -60,8 +61,9 @@ IsGroupExisting() {
     group_users=`echo ${tmp} | awk -F: '{print $5}'`
     group_line=`echo ${tmp} | awk -F: '{print $2":"$3":"$4":"$5}'`
 
-    [ -z "${tmp}" ] && return 0
-    return 1
+    [ -z "${tmp}" ] && return 1
+    
+    return 0
 }
 
 IsUserExisting() {
@@ -73,68 +75,66 @@ IsUserExisting() {
 	return 1;
 }
 
-Add() {
-    IsGroupExisting;
-    if [[ $? == 0 ]]; then
-	echo "Sorry, group \"${group_name}\" does not exist."
-	echo "Please create it using the \"groupadd\" command."
-	exit 1
-    fi
-
-	IsUserExisting;
-    if [[ $? == 1 ]]; then
-    echo "Sorry, user \"${user_name}\" does not exist."
-    exit 1
-    fi
-
-    IsUserAlreadyInGroup;
-    if [[ $? == 1 ]]; then
-	echo "Sorry, user \"${user_name}\" is already in group \"${group_name}\"."
-	exit 1
+Refresh() {
+    if [[ ${SECURE_LEVEL} > 2 ]]; then
+	echo "You are in a secure level > 2, in this level you need to add group user by yourself."
+	echo "Use the command : usermod -G group_name user_name"
+	exit 1;
     fi
 
-    AppendUserToGroup;
-    ModifyFile;
-
-    exit 0
-}
-
-Del() {
-    IsGroupExisting;
-    if [[ $? == 0 ]]; then
-	echo "Sorry, group \"${group_name}\" does not exist."
-	exit 1
-    fi
-
-    IsUserAlreadyInGroup;
-    if [[ $? == 0 ]]; then
-	echo "Sorry, user \"${user_name}\" is not in group \"${group_name}\"."
-	exit 1
-    fi
-
-    RemoveUserFromGroup;
-    ModifyFile;
-    
-    exit 0
+    cat /etc/security/msec/group.conf | while read group_name; do
+	IsGroupExisting;
+	if [[ $? != 0 ]]; then
+	    echo "Group \"${group_name}\" doesn't exist. skiping it."
+	else
+	    cat /etc/security/msec/user.conf | while read user_name; do
+		IsUserExisting; 
+		if [[ $? != 0 ]]; then
+		    # user doesn't exist
+		    echo "Can't add user \"${user_name}\" to group \"${group_name}\"."
+		    echo "\"${user_name}\" doesn't exist. skiping."
+		    IsUserAlreadyInGroup;
+		    if [[ $? == 0 ]]; then
+			# user doesn't exist but is in a group... delete user from this group.
+			RemoveUserFromgroup;
+			ModifyFile;
+		    fi
+		else
+		    usermod -G ${group_name} ${user_name}
+		fi
+	    done
+	fi
+    done
 }
 
 Perm() {
+	if [[ ${UID} != 0 ]]; then
+	    echo "You need root access to use this tool."
+	    echo "And this script shouldn't be used by users."
+	    exit 1
+	fi
+
 	if [[ ! -w /etc/${file} ]]; then
-		echo "You're not allowed to write to /etc/group..." 
-		exit 1
+	    echo "You're not allowed to write to /etc/group..." 
+	    exit 1
+	fi
+
+	if [[ ! -f /etc/security/msec/group.conf ]]; then
+	    echo "/etc/security/msec/group.conf doesn't exist..."
+	    exit 1
+	fi
+       
+	if [[ ! -f /etc/security/msec/user.conf ]]; then
+	    echo "/etc/security/msec/user.conf doesn't exist..."
+	    exit 1
 	fi
 }
 
-if [[ $# == 3 ]]; then
+if [[ $# == 1 ]]; then
 	case $1 in
-		"--add")
-			Perm;
-			Add;
-		        exit 0
-			;;
-		"--del")
+		"--refresh")
 			Perm;
-			Del;
+			Refresh;
 			exit 0
 			;;
 		esac
@@ -150,3 +150,12 @@ fi
 
 
 
+
+
+
+
+
+
+
+
+