Account Add Script

Others 2022-04-22 03:44:34 views: 0

#!/bin/sh
#export LANG=zh_CN.GBK
#set -x

=================================================================================================================

Add account and group

Written by : majun

Release : 1.0

Creation date : 2012-4-4

=================================================================================================================

#

HISTORY :

Release | Date | Authors | Description

--------------+-----------------+---------------+----------------------------------------------------------------

1.0 | 04.04.12 | advance |

--------------+-----------------+---------------+----------------------------------------------------------------

1.1 | 05.10.12 | majun | Add user to mutli group

--------------+-----------------+---------------+----------------------------------------------------------------

1.2 | 05.11.12 | majun | Add group check command (id groupname)

| | | To avoid duplication user in sudo file

--------------+-----------------+---------------+----------------------------------------------------------------

1.3 | 05.14.12 | majun | Send email to use who never loginned to change pw

--------------+-----------------+---------------+----------------------------------------------------------------

1.4 | 08.30.12 | majun | Ldap useradd

--------------+-----------------+---------------+----------------------------------------------------------------

1.5 | 01.12.13 | majun | Ldap userdel

--------------+-----------------+---------------+----------------------------------------------------------------

1.6 | 04.24.13 | majun | Add lock user

--------------+-----------------+---------------+----------------------------------------------------------------

1.7 | 05.09.07 | majun | Can Add user to other group

--------------+-----------------+---------------+----------------------------------------------------------------

1.8 | 06.12.22 | majun | hostname include '-' conflict with regular like this [0-9]

--------------+-----------------+---------------+----------------------------------------------------------------

PASSFILE=/home/syn/passwd
SHADOWFILE=/home/syn/shadow
HOSTFILE=/var/tmp/${SUDO_USER}_user.list.date +%s
CMDFILE=/var/tmp/${SUDO_USER}_user.sh.date +%s
SARG=$1
USERARG=$2
GSSHFILE=/usr/local/sa/scripts/gssh.sh
TIMES=date +%s
ERRORMSG=/var/tmp/addacount_error
HOMEDIR=pwd
MAIL=YES

$HOSTFILE
$ERRORMSG
echo '#!/bin/sh' >$CMDFILE
echo 'export LC_ALL=en_US.UTF-8' >>$CMDFILE
echo 'export LANGUAGE=en_US.UTF-8' >>$CMDFILE
echo 'export PATH=/sbin:/usr/sbin:/usr/local/sbin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/bin:/bin:/usr/local/bin' >>$CMDFILE
print_help(){
echo "Options:
-u
Account
Multiple accounts, split
-g
Special account
could game adplatform work ...
-s
Add use with sudo privileges.
-d
Delete user.
-l
Lock user.
-c
Update user info,If user not exist will be create.
-p
Update user passwd.
-h
hostname or ip
Multiple hostlist, split
-f
Hostfile will add account
-t
For run test
It will print addinfo
-m
Contact user to change default passwd auto.
--help
Print detailed help screen"
echo "Help example"
echo ""
echo "Add user"
echo " $0 -u majun -h r[01-04].dfs.bjt.qihoo.net,10.119.93.[11-12] -t"
echo "Add user with sudo"
echo " $0 -s -u majun,miaohongzhi -h r[01-04].dfs.bjt.qihoo.net "
echo "Add user with cloud"
echo " $0 -u majun,miaohongzhi -g cloud -f host.list"
echo "Add special account"
echo " $0 -g cloud -h r[01-04].dfs.bjt.qihoo.net "
exit 0
}
if [ $# = 0 ]
then
print_help
exit 0
fi
while [ $# -gt 0 ]; do
case "$1" in
-H | --help)
print_help
;;
-s | --sudo)
SUDO=YES
;;
-u | --user)
shift
USERS=$1
;;
-g | --group)
shift
GROUP=$1
;;
-f | --hostfile)
shift
HOSTLIST=$1
;;
-h | --host)
shift
HOSTLINE=$1
;;
-t | --test)
TEST=YES
;;
-m | --mail)
MAIL=YES
;;
-d | --del)
DEL=YES
;;
-l | --lock)
LOCK=YES
;;
-c | --change)
UPD=YES
;;
-p | --changepass)
UPDP=YES
;;
*) echo "Unknown argument: $1"
print_help
exit $STATE_UNKNOWN
;;
esac
shift
done

if [ ! -d /var/log/account/date +%Y%m ]
then
mkdir -p /var/log/account/date +%Y%m
fi

RESULTFILE=/var/log/account/date +%Y%m/date +%Y%m%d_${SUDO_USER}_AU=${USERS}AG=${GROUP}${TIMES}RESU
ADDINFOFILE=/var/log/account/date +%Y%m/date +%Y%m%d${SUDO_USER}_AU=${USERS}AG=${GROUP}${TIMES}_INFO

getline(){

    if echo $line|grep -v -E "\[|\]" >>/dev/null
    then
    echo $line >>$HOSTFILE
    else

    a1=`echo $line |awk -F [ '{print $1}'`
    a2=`echo $line |awk -F ] '{print $2}'`
    n1=`echo $line |awk -F [ '{print $2}'|awk -F \- '{print $1}'`
    n2=`echo $line |awk -F ] '{print $1}'|awk -F \- '{print $NF}'`
    i=$n1

    while [ "$i" -le "$n2" ]
    do
            if [ "${#i}" != "2"  -o  "$i" -gt 8 ]
            then
                    echo "${a1}${i}${a2}" >>$HOSTFILE
                    i=`echo "$i + 1"|bc `
            else
                    if [ $i == $n1 ]
                    then
                            echo ${a1}${i}${a2} >>$HOSTFILE
                            i=`echo "$i + 1"|bc `
                            i="0$i"
                    else
                            echo ${a1}${i}${a2}>>$HOSTFILE
                            i=`echo "$i + 1"|bc `
                            i="0$i"
                    fi
            fi
    done

    fi

}

NEWUSER=echo $USERS|sed 's/,/ /g'
NEWGROUP=echo $GROUP|sed 's/,/ /g'
NEWHOSTLINE=echo $HOSTLINE|sed 's/,/ /g'
LOGINUSER=echo $SUDO_USER

if [ ! -n "${LOGINUSER}" ]; then
LOGINUSER=/usr/bin/whoami
if [ "${LOGINUSER}" == "root" ]; then
echo "Cannot run commands directly as root! Please add username at the end of the command line"
exit 0
fi
fi

getucmd(){
for name in $NEWUSER
do
pwstring=grep '^'$name':' $SHADOWFILE |awk -F':' '{print $2}'
if [ "$DEL" != "YES" ] && [ "$LOCK" != "YES" ]
then
if [ grep '^'$name':' $SHADOWFILE |wc -l -eq 0 ]
then
ERROR=YES
echo "#Warning: User $name NOT FOUND!" >>$ERRORMSG
fi

            if [ "$pwstring" == '$1$CXxqvrMo$WmxPVHULQfNzMBuR2GBKl1' ]
            then 
                    ERROR=YES
                    if [ $MAIL == YES ]
                    then
                            echo "#Warning: User $name password is by default" >>   $ERRORMSG
                            echo "#Begin to send change passwd mailt to User $user" 
                            /root/autotool/mail.sh $name
                            sleep 1
                            echo 
                            echo "#mail send finished  And CC to majun,gehailong,weijianjun check mail please "
                    else
                            echo "#Warning: User $name password is by default, Contact and change password." >>$ERRORMSG
                    fi
            fi

    fi

else

            pwstring=`grep '^'$name':' $SHADOWFILE |awk -F':' '{print $2}'`
            realname=`grep '^'$name':' $SHADOWFILE |awk -F':' '{print $1}'`
            uid=`grep '^'$name':' $PASSFILE |awk -F':' '{print $3}'`
            LinuxUserlock=$LinuxUserlock"/usr/bin/passwd -l $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            LinuxUserdel=$LinuxUserdel"/usr/sbin/userdel $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;sed -i  \"/^$name ALL = (ALL) ALL$/d\" /etc/sudoers 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            FreebsdUserlock=$FreebsdUserlock"pw lock $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            FreebsdUserdel=$FreebsdUserdel"pw userdel $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;sed -i \"/^$name ALL = (ALL) ALL$/d\" /usr/local/etc/sudoers 2>> /dev/null 1>>/var/tmp/OK_\$TIMES;"
            LdapUseradd=$LdapUseradd"if ! grep  -qw $name /etc/pam.d/login_allow_users;then echo \"$name\" >>/etc/pam.d/login_allow_users;echo \"$name add Success\" >>/var/tmp/OK_\$TIMES;else echo \"$name already in white list\">>/var/tmp/ERR_\$TIMES;fi;"
            LdapUserdel=$LdapUserdel"if  grep  -qw $name /etc/pam.d/login_allow_users;then sed -i  \"/^$name$/d\" /etc/pam.d/login_allow_users;echo \"$name Del Success\" >>/var/tmp/OK_\$TIMES;else echo \"$name Not in white list\">>/var/tmp/ERR_\$TIMES;fi;"
            LinuxUseradd=$LinuxUseradd"/usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p '"$pwstring"'"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            LinuxUseraddtog=$LinuxUseraddtog" if id "$name";then if grep -v ^$name: /etc/group|grep -w "$name" ;then usermod -a  -G $GROUP "$name" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else usermod  -G $GROUP "$name" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi ;else /usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p '"$pwstring"' "$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
            FreebsdUseradd=$FreebsdUseradd"echo '"$pwstring"'| pw useradd "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            LinuxUserupdate=$LinuxUserupdate"if id $name ;then /usr/sbin/usermod -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p '"$pwstring"'"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else /usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p '"$pwstring"'"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
            #LinuxUserupdate=$LinuxUserupdate"if id $name ;then /usr/sbin/usermod -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p '"$pwstring"'"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            LinuxUserupdatep=$LinuxUserupdatep"if id $name >/dev/null 2>&1;then /usr/sbin/usermod  -p '"$pwstring"' $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;getent shadow $name | awk -F : '{print \$2}' ;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            FreebsdUserupdate=$FreebsdUserupdate"if id $name ;then echo '"$pwstring"'| pw usermod "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo '"$pwstring"'| pw useradd "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
            #FreebsdUserupdate=$FreebsdUserupdate"if id $name ;then echo '"$pwstring"'| pw usermod "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            FreebsdUserupdatep=$FreebsdUserupdatep"cp /etc/master.passwd /root/;/usr/sbin/pw user mod weijianjun -G wheel;/usr/sbin/pw user mod miaohongzhi -G wheel;if id $name >/dev/null 2>&1;then /usr/bin/chpass -p '$pwstring' $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;/usr/bin/getent passwd $name| awk -F : '{print \$2}' ;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            if [ "$SUDO" == YES ]
            then
                    FreebsdSudo=$FreebsdSudo"if ! grep \"^$name ALL = (ALL) ALL\" /usr/local/etc/sudoers >/dev/null;then echo '"$name" ALL = (ALL) ALL' >> /usr/local/etc/sudoers;fi;"
            fi
            if [ "$SUDO" == YES ]
            then
                    LinuxSudo=$LinuxSudo"if ! grep \"^$name ALL = (ALL) ALL\" /etc/sudoers >/dev/null;then echo '"$name" ALL = (ALL) ALL' >> /etc/sudoers;fi;"
            fi

be

done

#if [ "$FreebsdUseradd" = "" ] && [ "$LinuxUseradd" = "" ]; then

echo " "

exit

#fi
echo 'TIMES=date +%s' >>$CMDFILE
echo OStype=''uname'' >>$CMDFILE
echo "if ! id ldaptest;then" >>$CMDFILE
echo if [ \$OStype = FreeBSD ]';' then >>$CMDFILE
echo "cp /usr/local/etc/sudoers /home/majun/sudosers_$TIMES" >>$CMDFILE
if [ "$LOCK" == "YES" ]
then
echo $FreebsdUserlock >>$CMDFILE
else
if [ "$DEL" == "YES" ]
then
echo $FreebsdUserdel >>$CMDFILE
else
if [ "$UPDP" == "YES" ]
then
echo $FreebsdUserupdatep >>$CMDFILE
else
if [ "$UPD" == "YES"]
then
echo $FreebsdUserupdate >>$CMDFILE
else
echo "$FreebsdUseradd $FreebsdSudo" >>$CMDFILE
fi
fi
fi
fi

echo 'else' >>$CMDFILE
echo "cp /etc/sudoers /home/majun/sudosers_$TIMES" >>$CMDFILE

if [ "$LOCK" == "YES" ]
then
echo $LinuxUserlock >>$CMDFILE
else

if [ "$DEL" == "YES" ]
then
echo $LinuxUserdel >>$CMDFILE
else
if [ "$UPDP" == "YES" ]
then
echo $LinuxUserupdatep >>$CMDFILE
else
if [ "$UPD" == "YES" ]
then
echo $LinuxUserupdate >>$CMDFILE
else
if [ ! -z $GROUP ]
then
echo "$LinuxUseraddtog $LinuxSudo" >>$CMDFILE
else
echo "$LinuxUseradd $LinuxSudo" >>$CMDFILE
fi
fi
fi
fi
fi

echo 'fi' >>$CMDFILE
echo " " >>$CMDFILE
if [ "$DEL" != "YES" ]
then
for u in $NEWUSER
do
#echo "id $u 2>> /var/tmp/ERR\$TIMES 1>>/var/tmp/OK\$TIMES" >>$CMDFILE
echo "if id $u >/dev/null 2>&1; then" >>$CMDFILE
echo "id $u >>/var/tmp/OK\$TIMES" >>$CMDFILE
echo "else" >>$CMDFILE
echo "echo \"$u does not exist\" >> /var/tmp/ERR\$TIMES" >>$CMDFILE
echo "fi" >>$CMDFILE
done
fi
echo "else" >>$CMDFILE

if [ "$DEL" == "YES" ]
then

echo if [ \$OStype = FreeBSD ]';' then >>$CMDFILE
echo "$LdapUserdel $FreebsdSudo" >>$CMDFILE
echo "else" >>$CMDFILE
echo "$LdapUserdel $LinuxSudo" >>$CMDFILE
echo "fi" >>$CMDFILE

else
echo if [ \$OStype = FreeBSD ]';' then >>$CMDFILE
echo "$LdapUseradd $FreebsdSudo" >>$CMDFILE
echo "else" >>$CMDFILE
echo "$LdapUseradd $LinuxSudo" >>$CMDFILE
echo "fi" >>$CMDFILE
fi

echo "fi" >>$CMDFILE
echo 'if [ -s "/var/tmp/ERR$TIMES" ] ' >>$CMDFILE
echo 'then ' >>$CMDFILE
echo "if [ \$OStype = FreeBSD ] " >>$CMDFILE
echo 'then' >>$CMDFILE
echo ' EMSG=`cat /var/tmp/ERR$TIMES' &gt;&gt;$CMDFILE<br/>echo 'else' &gt;&gt;$CMDFILE<br/>echo ' EMSG=cat /var/tmp/ERR$TIMES|xargs' &gt;&gt;$CMDFILE<br/>echo 'fi' &gt;&gt;$CMDFILE<br/>echo ' EMSG="CMDERROR: $EMSG" ' &gt;&gt;$CMDFILE<br/>echo 'fi ' &gt;&gt;$CMDFILE<br/>echo 'OMSG=cat /var/tmp/OK$TIMES|xargs`' >>$CMDFILE
echo 'echo "$EMSG STDOUT:$OMSG" ' >>$CMDFILE
}

getgcmd(){
#if echo $GROUP |grep ',' && [ ! -z $USERS ]
#then

echo "Group name $GROUP is set , when add user to group ,only on group can be set"

exit

#fi
for group in $NEWGROUP
do

group=$NEWGROUP

    cd /root/.speacc/
    GID=`ls *_$group|awk -F \_ '{print $1}'`

echo "if ! /usr/bin/id $group " >>$CMDFILE

echo "then " >>$CMDFILE

    cat /root/.speacc/*_$group              >>$CMDFILE 2>/dev/null
    if [ $? != 0 ]
    then
            ERROR=YES
            echo "Critical Group $group is not found" >>$ERRORMSG
    fi

echo "fi" >>$CMDFILE

done
FG=" -G $GROUP"
LG=" -G $GROUP"
for g in $NEWGROUP
do
#echo "id $g" >>$CMDFILE
echo "if id $g >/dev/null 2>&1; then" >>$CMDFILE
echo "id $g" >>$CMDFILE
echo "else" >>$CMDFILE
echo "echo \"$g does not exist\" >> /var/tmp/ERR_\$TIMES" >>$CMDFILE
echo "fi" >>$CMDFILE
done
}

if [ ! -z $GROUP ]
then

echo '#!/bin/sh' >>$CMDFILE

    getgcmd

be

if [ ! -z $USERS ]
then

if [ -z $GROUP ]

then

echo '#!/bin/sh' >>$CMDFILE

be

    getucmd

be

if [ "$ERROR" = "YES" ]
then
echo "------------------"
echo "| Notice Message |"
echo "------------------"
cat $ERRORMSG
exit
fi

cd $HOMEDIR
if [ ! -z "$HOSTLINE" ]
then
for line in $NEWHOSTLINE
do
#line="$HOSTLINE"
getline
done
if [ ! -z "$HOSTLIST" ]
then
echo "$0 -h and -f ARG only one can be set "
#echo ""
#print_help
exit
fi
else
if [ -z "$HOSTLIST" ]
then
echo "please set hostlist by use -h or -f ARG"
#echo ""
#print_help
exit
else
if [ ! -f "$HOSTLIST" ]
then
echo "Host list file $HOSTLIST is not found"fifidone <$ HOSTLISTgetlinedowhile read linefi
exit






if [ "$SUDO" = "YES" ] && [ ! -z "$GROUP" ]
then
echo " -s | -g Only one can use"
exit
fi

    echo "-----------------"
    echo "| Add Command   |"
    echo "-----------------"
    cat $CMDFILE
    echo "-----------------"
    echo "| Add hostlist  |"
    echo "-----------------"
    cat $HOSTFILE
    echo ""

if [ "$TEST" == YES ]
then
echo "-------------------------------------"
echo "|Run for test,Just show addhost info|"
echo "-------------------------------------"
exit
fi
echo "----------------------"
echo "|Begin to add Account|"
echo "----------------------"

echo "$GSSHFILE $CMDFILE $HOSTFILE"
$GSSHFILE $CMDFILE $HOSTFILE |tee $RESULTFILE 2>&1
HC=cat $HOSTFILE|wc -l
SC=grep SUCCESS $RESULTFILE|grep -v mismatch|grep -v CMDERR |wc -l
FC=grep -E "FAILED|mismatch|CMDERR" $RESULTFILE|wc -l
echo "-----------------" >$ADDINFOFILE
echo "| Add Command |" >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
cat $CMDFILE >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
echo "| Add hostlist |" >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
cat $HOSTFILE >>$ADDINFOFILE
if [ $SC -gt 0 ]
then
echo ""
echo "**RESULT"
echo "All host Number is $HC ,Success add host number=$SC"
echo "**RESULT"
#more $RESULTFILE
if [ $FC -gt 0 ]
then
echo ""
echo "*RESULT**"
echo "All host Number is $HC ,Failed host number is $FC "
echo "*RESULT**"
echo ""
echo "Error list are fellow"
echo ""
cat $RESULTFILE|grep -E "FAILED|mismatch|CMDERR"|awk -F \" '{print $2 " \t \t |INFO: " $10}'|sort -n -k 1
#more $RESULTFILE
fi
else
echo "All Account add failed ,Error list are fellow"
echo ""
cat $RESULTFILE|grep -E "FAILED|mismatch|CMDERR"|awk -F \" '{print $2 " \t \t |INFO: " $10}'|sort -n -k 1
fi

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324781271&siteId=291194637
Recommended
Ranking
ElasticSearch-- data modeling best practices
Permission Maintenance - Shadow User Backdoor
Refactor the code using MVP mode
Quantitative investment-fundamental model-PVC multi-factor model
Spark Big Data Processing Lecture Notes 3.2 Mastering RDD Operators
Blazor page components (2)
Erlernen von Kenntnissen zur Android-Entwicklung – Kodierung, Verschlüsselung, Hash, Serialisierung und Zeichensätze
About Qi high in JAVA study notes SORM summary detailed personal explanation
Will you calculate the accuracy of the rope displacement sensor in the measurement?
OPENJTAG debugging learning (3): debugging using the gdb command line
Daily
More
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)

Code World

© 2018 codetd.com