-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathadd-user.sh
More file actions
executable file
·80 lines (70 loc) · 2.4 KB
/
add-user.sh
File metadata and controls
executable file
·80 lines (70 loc) · 2.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#!/bin/bash
# Add a new user with passwordless login, expiry date and disk quota
# Execute with sudo
# Set bash strict mode.
set -euo pipefail
fullname=""
username=""
key=""
expiry=""
user_default="vkucera" # user to copy the disk quota from
# Print out a help message.
Help() {
echo "Usage: sudo $(basename "$0") -n \"FULL_NAME\" -u USER_NAME -k KEY_FILE -e EXPIRY_DATE [-h]"
echo "FULL_NAME Full name of the user"
echo "USER_NAME User name"
echo "KEY_FILE Path to the public SSH key"
echo "EXPIRY_DATE Account expiry date in format YYYY-MM-DD"
}
# Parse command line options.
while getopts ":hn:u:k:e:" opt; do
case ${opt} in
h)
Help; exit 0;;
n)
fullname="$OPTARG";;
u)
username="$OPTARG";;
k)
key="$OPTARG";;
e)
expiry="$OPTARG";;
\?)
echo "Error: Invalid option: $OPTARG" 1>&2; Help; exit 1;;
:)
echo "Error: Invalid option: $OPTARG requires an argument." 1>&2; Help; exit 1;;
esac
done
# Check that the script is executed by root
[ "$USER" == "root" ] || { echo "Error: Run this script as root" 1>&2; exit 1; }
# Sanitise input parameters
[ "$fullname" ] || { echo "Error: Provide a person's name" 1>&2; exit 1; }
[ "$username" ] || { echo "Error: Provide a user name" 1>&2; exit 1; }
[ "$key" ] || { echo "Error: Provide a key file path" 1>&2; exit 1; }
[ -f "$key" ] || { echo "Error: Provide a valid key file path" 1>&2; exit 1; }
[ "$expiry" ] || { echo "Error: Provide an expiry date" 1>&2; exit 1; }
# Print summary
echo "Adding user \"$username\" for person \"$fullname\" with SSH key $key and expiry date $expiry."
# Ask for confirmation
echo -e "\nDo you wish to continue? (y/n)"
while true; do
read -r -p "Answer: " yn
case $yn in
[y] ) echo "Proceeding"; break;;
[n] ) echo "Aborting"; exit 0;;
* ) echo "Please answer y or n.";;
esac
done
# Do everything and exit at the first error
echo "Creating user $username for $fullname" && \
adduser --disabled-password --gecos "$fullname" "$username" && \
dir_ssh="/home/$username/.ssh" && \
echo "Copying key $key into $dir_ssh" && \
rsync -t "$key" "$dir_ssh/" && \
rsync -t "$key" "$dir_ssh/authorized_keys" && \
chown -R "$username":"$username" "$dir_ssh" && \
echo "Setting expiry date $expiry" && \
chage -E "$expiry" "$username" && \
echo "Setting disk quota" && \
edquota -p "$user_default" "$username" && \
{ echo "All done"; exit 0; } || { echo "Error"; exit 1; }