-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsetupuser.sh
131 lines (122 loc) · 3.81 KB
/
setupuser.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#!/bin/bash
now=$(date +%d%b%Y-%H%M)
exp() {
expect <(cat <<-EOF
spawn passwd "$USER"
expect "Enter new UNIX password:"
send -- "$passw\r"
expect "Retype new UNIX password:"
send -- "$passw\r"
expect eof
EOF
)
echo "password for USER $USER updated successfully - adding to sudoers file now"
}
setup_pass() {
if [ "$1" = "sles" ]; then
if ! command -v expect &> /dev/null; then
zypper install -y expect
fi
exp
elif [ "$1" = "ubuntu" ]; then
if ! command -v expect &> /dev/null; then
apt-get update
apt install -y expect
fi
exp
elif [ "$1" = "amzn" ]; then
echo "$1"
if ! command -v expect &> /dev/null; then
rpm -Uvh http://epel.mirror.net.in/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install -y expect
fi
exp
elif [ "$1" = "centos" ]; then
echo "$1"
if ! command -v expect &> /dev/null; then
rpm -Uvh http://epel.mirror.net.in/epel/6/x86_64/epel-release-6-8.noarch.rpm
yum install -y expect
fi
exp
else
echo "could not find case $1"
fi
}
update_conf() {
sudofile="/etc/sudoers"
sshdfile="/etc/ssh/sshd_config"
sshdconfd="/etc/ssh/sshd_config.d"
mkdir -p /home/backup
if [ -f "$sudofile" ]; then
cp -p "$sudofile" /home/backup/sudoers-"$now"
sa=$(grep "$USER" "$sudofile" | wc -l)
if [ "$sa" -gt 0 ]; then
echo "$USER user already present in $sudofile - no changes required"
grep "$USER" "$sudofile"
else
echo "$USER ALL=(ALL) NOPASSWD: ALL" >> "$sudofile"
echo "updated the sudoers file successfully"
fi
else
echo "could not find $sudofile"
fi
if [ -d "$sshdconfd" ]; then
if [ -f "$sshdconfd/60-cloudimg-settings.conf" ]; then
sed -i '/PasswordAuthentication.*no/d' "$sshdconfd/60-cloudimg-settings.conf"
sed -i '/PasswordAuthentication.*yes/d' "$sshdconfd/60-cloudimg-settings.conf"
echo "PasswordAuthentication yes" >> "$sshdconfd/60-cloudimg-settings.conf"
else
echo "$sshdconfd/60-cloudimg-settings.conf does not exist"
fi
else
echo "$sshdconfd does not exist... continue with $sshdfile"
fi
if [ -f "$sshdfile" ]; then
cp -p "$sshdfile" /home/backup/sshd_config-"$now"
sed -i '/ClientAliveInterval.*0/d' "$sshdfile"
echo "ClientAliveInterval 240" >> "$sshdfile"
sed -i '/PasswordAuthentication.*no/d' "$sshdfile"
sed -i '/PasswordAuthentication.*yes/d' "$sshdfile"
echo "PasswordAuthentication yes" >> "$sshdfile"
echo "updated $sshdfile Successfully -- restarting sshd service"
service sshd restart
else
echo "could not find $sshdfile"
fi
}
############### MAIN ###################
USER="devops"
GROUP="devops"
passw="today@1234"
if id -u "$USER" &> /dev/null; then
echo "devops user exists no action required.."
exit 0
else
echo "devops user missing, continue to create it.."
fi
if [ -f /etc/os-release ]; then
osname=$(grep ^ID= /etc/os-release | cut -d'=' -f2 | tr -d '"')
echo "$osname"
else
echo "can not locate /etc/os-release - unable to find the osname"
exit 8
fi
case "$osname" in
sles|amzn|ubuntu|centos)
if id -u "$USER" &> /dev/null; then
userdel -r "$USER"
fi
if getent group "$GROUP" &> /dev/null; then
groupdel "$GROUP"
fi
sleep 3
groupadd "$GROUP"
useradd "$USER" -m -d /home/"$USER" -s /bin/bash -g "$GROUP"
setup_pass "$osname"
update_conf
;;
*)
echo "could not determine the correct osname -- found $osname"
;;
esac
exit 0