@ -101,6 +101,61 @@ create_home(){
${CMD_CHROOT} /usr/bin/chown -f ${ARG_RECURSIVE} :"${SELECT_GROUP}" "${PATH_HOME}/${SELECT_USERNAME}"
${CMD_CHROOT} /usr/bin/chown -f ${ARG_RECURSIVE} :"${SELECT_GROUP}" "${PATH_HOME}/${SELECT_USERNAME}"
}
}
# Задаём пароль root пользователю
exec_defaultrootpasswd(){
#echo "exec_02_defaultrootpasswd"
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ -n ${COMMAND} ]] || COMMAND="set="
local PARAM="$@"
if [[ -n ${PARAM} ]]; then
[[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}"
fi
if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ -n ${DEFAULTROOTPASSWD} && ! ${DEFAULTROOTPASSWD,,} == @(no|none|disable) ]]; then
# Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить параметр DEFAULTROOTPASSWD из '/etc/ublinux/users
if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
if [[ -f ${FILE_ROOT_USERS} ]]; then
sed "/DEFAULTROOTPASSWD=/d" -i "${FILE_ROOT_USERS}"
echo "DEFAULTROOTPASSWD='${DEFAULTROOTPASSWD}'" >> ${FILE_ROOT_USERS}
fi
[[ -f "${SYSCONF}/users" ]] && sed "/DEFAULTROOTPASSWD=/d" -i "${SYSCONF}/users"
fi
[[ -n ${DEFAULTROOTPASSWD} ]] && DEFAULTROOTPASSWD=$(return_hash_password hash ${HASHPASSWD} ${DEFAULTROOTPASSWD})
set_passwd root "${DEFAULTROOTPASSWD}"
elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then
if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
[[ -f ${FILE_ROOT_USERS} ]] && sed "/DEFAULTROOTPASSWD=/d" -i "${FILE_ROOT_USERS}"
[[ -f "${SYSCONF}/users" ]] && sed "/DEFAULTROOTPASSWD=/d" -i "${SYSCONF}/users"
fi
fi
}
# Задаём пароль по умолчанию пользователю
exec_defaultpasswd(){
#echo "exec_02_defaultrootpasswd"
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ -n ${COMMAND} ]] || COMMAND="set="
local PARAM="$@"
if [[ -n ${PARAM} ]]; then
[[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}"
fi
if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ -n ${DEFAULTPASSWD} ]]; then
# Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить параметр DEFAULTROOTPASSWD из '/etc/ublinux/users
if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
if [[ -f ${FILE_ROOT_USERS} ]]; then
sed "/DEFAULTPASSWD=/d" -i "${FILE_ROOT_USERS}"
echo "DEFAULTPASSWD='${DEFAULTPASSWD}'" >> ${FILE_ROOT_USERS}
fi
[[ -f "${SYSCONF}/users" ]] && sed "/DEFAULTPASSWD=/d" -i "${SYSCONF}/users"
fi
elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then
if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
[[ -f ${FILE_ROOT_USERS} ]] && sed "/DEFAULTPASSWD=/d" -i "${FILE_ROOT_USERS}"
[[ -f "${SYSCONF}/users" ]] && sed "/DEFAULTPASSWD=/d" -i "${SYSCONF}/users"
fi
fi
}
# Создаём группы из ${DEFAULTGROUP},${ADMGROUPS},${USERGROUPS} c ID из /usr/share/ublinux-sysusers/*.sysusers
# Создаём группы из ${DEFAULTGROUP},${ADMGROUPS},${USERGROUPS} c ID из /usr/share/ublinux-sysusers/*.sysusers
exec_01_add_groups(){
exec_01_add_groups(){
@ -118,27 +173,11 @@ exec_01_add_groups(){
GROUPADD_GROUPS=${GROUPADD_GROUPS//;/,}; GROUPADD_GROUPS="${GROUPADD_GROUPS//,,/,}"
GROUPADD_GROUPS=${GROUPADD_GROUPS//;/,}; GROUPADD_GROUPS="${GROUPADD_GROUPS//,,/,}"
[[ ${GROUPADD_GROUPS:0:1} == ',' ]] && GROUPADD_GROUPS=${GROUPADD_GROUPS:1}
[[ ${GROUPADD_GROUPS:0:1} == ',' ]] && GROUPADD_GROUPS=${GROUPADD_GROUPS:1}
[[ ${GROUPADD_GROUPS} =~ ','$ ]] && GROUPADD_GROUPS=${GROUPADD_GROUPS%*,}
[[ ${GROUPADD_GROUPS} =~ ','$ ]] && GROUPADD_GROUPS=${GROUPADD_GROUPS%*,}
#echo "==>::${GROUPADD_GROUPS}::"
[[ -n ${GROUPADD_GROUPS} ]] && while IFS= read -u3 SELECT_GROUP; do
[[ -n ${GROUPADD_GROUPS} ]] && while IFS= read -u3 SELECT_GROUP; do
unset ARG_FINDGROUP_ID
unset ARG_FINDGROUP_ID
# FINDGROUP=$(grep -i "g\s*${SELECT_GROUP}\s*[[:digit:]]\s*" ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers 2>/dev/null | xargs)
# Найти группу по имени
# IFS=" " read -r NULL FINDGROUP_NAME FINDGROUP_ID NULL <<< "${FINDGROUP}"
# if [[ -n ${FINDGROUP} ]]; then
# if grep -q "^${SELECT_GROUP}:.*:${FINDGROUP_ID}:" ${FILE_GROUP} 2>/dev/null; then
# # Группа найдена, имя и id совпадают, пропускаем добавление
# continue
# elif grep -q "^${SELECT_GROUP}:" ${FILE_GROUP} 2>/dev/null; then
# # Группа найдена, имя и id несовпадают, удаляем группу
# echo "WARNING: the group '${SELECT_GROUP}' has an id different from the template /usr/share/ublinux-sysusers/*.sysusers and the id will be changed to '${SELECT_GROUP}:${FINDGROUP_ID}'"
#echo ${CMD_CHROOT} /usr/bin/groupdel -f ${SELECT_GROUP}
# ${CMD_CHROOT} /usr/bin/groupdel -f ${SELECT_GROUP}
# fi
# fi
# [[ ${FINDGROUP_ID} == "" ]] || [[ ${FINDGROUP_ID} == "-" ]] || FINDGROUP_ID="--gid ${FINDGROUP_ID}"
#echo ${CMD_CHROOT} /usr/bin/groupadd --force ${FINDGROUP_ID} ${SELECT_GROUP}
## ${CMD_CHROOT} /usr/bin/groupadd --force ${FINDGROUP_ID} ${SELECT_GROUP}
[[ $(cat ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers) =~ ($'\n'|^)+'g'[[:blank:]]+"${SELECT_GROUP}"[[:blank:]]+([[:digit:]]+)[^$'\n']*($'\n'|$)+ ]] && FINDGROUP_ID=${BASH_REMATCH[2]} || FINDGROUP_ID=
[[ $(cat ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers) =~ ($'\n'|^)+'g'[[:blank:]]+"${SELECT_GROUP}"[[:blank:]]+([[:digit:]]+)[^$'\n']*($'\n'|$)+ ]] && FINDGROUP_ID=${BASH_REMATCH[2]} || FINDGROUP_ID=
# Найти группу по GUID
#[[ $(cat ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers) =~ ($'\n'|^)+'g'[[:blank:]]+([^$'\n']+)[[:blank:]]+"${SELECT_GROUP}"[^$'\n']*($'\n'|$)+ ]] && FINDGROUP_NAME=${BASH_REMATCH[2]}
#[[ $(cat ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers) =~ ($'\n'|^)+'g'[[:blank:]]+([^$'\n']+)[[:blank:]]+"${SELECT_GROUP}"[^$'\n']*($'\n'|$)+ ]] && FINDGROUP_NAME=${BASH_REMATCH[2]}
if [[ ${FINDGROUP_ID} != "" && $(cat ${FILE_GROUP} 2>/dev/null) =~ ($'\n'|^)+${SELECT_GROUP}:[^$'\n']*:${FINDGROUP_ID}:[^$'\n']*($'\n'|$)+ ]]; then
if [[ ${FINDGROUP_ID} != "" && $(cat ${FILE_GROUP} 2>/dev/null) =~ ($'\n'|^)+${SELECT_GROUP}:[^$'\n']*:${FINDGROUP_ID}:[^$'\n']*($'\n'|$)+ ]]; then
# Группа найдена, имя и id совпадают, пропускаем добавление
# Группа найдена, имя и id совпадают, пропускаем добавление
@ -154,29 +193,13 @@ exec_01_add_groups(){
fi
fi
}
}
# Задаём пароль root пользователю
exec_02_defaultrootpasswd(){
#echo "exec_02_defaultrootpasswd"
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ -n ${COMMAND} ]] || COMMAND="set="
local PARAM="$@"
if [[ -n ${PARAM} ]]; then
[[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}"
fi
# Удалить параметр из локальной конфигурации
[[ -z ${ROOTFS} && -f "${SYSCONF}/users" ]] && sed "/DEFAULTROOTPASSWD=/d" -i "${SYSCONF}/users"
if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ -n ${DEFAULTROOTPASSWD} && ! ${DEFAULTROOTPASSWD,,} == @(no|none|disable) ]]; then
[[ -n ${DEFAULTROOTPASSWD} ]] && DEFAULTROOTPASSWD=$(return_hash_password hash ${HASHPASSWD} ${DEFAULTROOTPASSWD})
set_passwd root "${DEFAULTROOTPASSWD}"
fi
}
# Создаем пользователей из ${NEEDEDUSERS} и добавляем в группы
# Создаем пользователей из ${NEEDEDUSERS} и добавляем в группы
# $1 Команды set или remove с
# $1 Команды set или remove с
# $2 Для команды set=|set+=|set++= параметр с о
# $2 Для команды set=|set+=|set++= параметр с о
# Для команды set-=|set--=|remove параметр только с
# Для команды set-=|set--=|remove параметр только с
# null Если отсутствует $@, то применяем из системной конфигурации
# null Если отсутствует $@, то применяем из системной конфигурации
exec_03 _neededusers(){
exec_02_neededusers(){
#echo "exec_03_neededusers"
#echo "exec_03_neededusers"
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ -n ${COMMAND} ]] || COMMAND="set="
[[ -n ${COMMAND} ]] || COMMAND="set="
@ -190,10 +213,16 @@ exec_03_neededusers(){
#[[ -z ${NEEDEDUSERS} ]] && NEEDEDUSERS="${DEFAULTUSER}:${ADMUID}:${DEFAULTPASSWD}:Administrator"
#[[ -z ${NEEDEDUSERS} ]] && NEEDEDUSERS="${DEFAULTUSER}:${ADMUID}:${DEFAULTPASSWD}:Administrator"
[[ -z $(cmdline_value users) ]] || NEEDEDUSERS=$(cmdline_value users)
[[ -z $(cmdline_value users) ]] || NEEDEDUSERS=$(cmdline_value users)
[[ ${NOSECUREROOTPASSWD} == ${DEFAULTROOTPASSWD} ]] && ADDADM=yes
[[ ${NOSECUREROOTPASSWD} == ${DEFAULTROOTPASSWD} ]] && ADDADM=yes
# Удалить параметр из локальной конфигурации
[[ -z ${ROOTFS} && -f "${SYSCONF}/users" ]] && sed "/NEEDEDUSERS=/d" -i "${SYSCONF}/users"
if [[ -n ${NEEDEDUSERS} ]]; then
if [[ -n ${NEEDEDUSERS} ]]; then
while IFS= read -ru3 SELECT_USER; do
while IFS= read -ru3 SELECT_USER; do
# Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить параметр NEEDEDUSERS из '/etc/ublinux/users
if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
if [[ -f ${FILE_ROOT_USERS} ]]; then
sed "/NEEDEDUSERS=/d" -i "${FILE_ROOT_USERS}"
echo "NEEDEDUSERS='${SELECT_USER}'" >> ${FILE_ROOT_USERS}
fi
[[ -f "${SYSCONF}/users" ]] && sed "/NEEDEDUSERS=/d" -i "${SYSCONF}/users"
fi
IFS=: read -r SELECT_USERNAME SELECT_UID SELECT_PASSWORD SELECT_GECOS NULL <<< "${SELECT_USER}"
IFS=: read -r SELECT_USERNAME SELECT_UID SELECT_PASSWORD SELECT_GECOS NULL <<< "${SELECT_USER}"
[[ ${SELECT_PASSWORD} == "x" ]] && SELECT_PASSWORD="${DEFAULTPASSWD}"
[[ ${SELECT_PASSWORD} == "x" ]] && SELECT_PASSWORD="${DEFAULTPASSWD}"
ADDGROUPS="${USERGROUPS}"
ADDGROUPS="${USERGROUPS}"
@ -290,8 +319,8 @@ exec_03_neededusers(){
## user_name # Имя пользователя, необязательное поле. Если не указано, то применяется для всех пользователей
## user_name # Имя пользователя, необязательное поле. Если не указано, то применяется для всех пользователей
## boot # При загрузке системы принудительно применить глобальную конфигурацию на пользователя
## boot # При загрузке системы принудительно применить глобальную конфигурацию на пользователя
## shutdown # При завершении работы системы синхронизировать указанных пользователей в системе с
## shutdown # При завершении работы системы синхронизировать указанных пользователей в системе с
exec_04 _useradd(){
exec_03 _useradd(){
#echo "exec_04 _useradd"
#echo "exec_03 _useradd"
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ -n ${COMMAND} ]] || COMMAND="set="
[[ -n ${COMMAND} ]] || COMMAND="set="
@ -309,24 +338,30 @@ exec_04_useradd(){
declare -A USERADD
declare -A USERADD
[[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}"
[[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}"
fi
fi
[[ ${#USERADD[@]} == 0 ]] && USERADD[${DEFAULTUSER}]="Administrator:${ADMUID}:x:x:x:${DEFAULTPASSWD}"
# Если в GRUB указан параметр useradd, то создать пользователя
# Если в GRUB указан параметр useradd, то создать пользователя
while IFS=':' read -u3 SELECT_USERNAME SELECT_UID SELECT_GROUP SELECT_EXTRAGROUP SELECT_PASSWORD NULL; do
while IFS=':' read -u3 SELECT_USERNAME SELECT_UID SELECT_GROUP SELECT_EXTRAGROUP SELECT_PASSWORD NULL; do
[[ ${SELECT_USERNAME} != "" ]] && USERADD[${SELECT_USERNAME}]=":${SELECT_UID}:${SELECT_GROUP}:${SELECT_EXTRAGROUP}:x:${SELECT_PASSWORD}"
[[ ${SELECT_USERNAME} != "" ]] && USERADD[${SELECT_USERNAME}]=":${SELECT_UID}:${SELECT_GROUP}:${SELECT_EXTRAGROUP}:x:${SELECT_PASSWORD}"
done 3< <(tr ';' '\n' <<< $(cmdline_value useradd))
done 3< <(tr ';' '\n' <<< $(cmdline_value useradd))
# Удалить параметр из локальной конфигурации
[[ -z ${ROOTFS} && -f "${SYSCONF}/users" ]] && sed "/USERADD\[.*\]=/d" -i "${SYSCONF}/users"
if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ ${#USERADD[@]} != 0 ]]; then
if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ ${#USERADD[@]} != 0 ]]; then
exec_06_groupadd
[[ ${#USERADD[@]} == 0 ]] && USERADD[${DEFAULTUSER}]="Administrator:${ADMUID}:x:x:x:${DEFAULTPASSWD}"
exec_05_groupadd
[[ ${NOSECUREROOTPASSWD} == ${DEFAULTROOTPASSWD} ]] && ADDADM=yes
[[ ${NOSECUREROOTPASSWD} == ${DEFAULTROOTPASSWD} ]] && ADDADM=yes
while IFS= read -ru3 SELECT_USERNAME; do
while IFS= read -ru3 SELECT_USERNAME; do
IFS=: read -r SELECT_GECOS SELECT_UID SELECT_GROUP SELECT_EXTRAGROUPS SELECT_OPTIONAL SELECT_PASSWORD NULL <<< "${USERADD[${SELECT_USERNAME}]}"
# Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить параметр USERADD[.*] из '/etc/ublinux/users
[[ ${SELECT_GECOS,,} == "x" ]] && unset SELECT_GECOS
if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
[[ ${SELECT_UID,,} == "x" || ${SELECT_UID} =~ ^[^0-9]+$ ]] && unset SELECT_UID
if [[ -f ${FILE_ROOT_USERS} ]]; then
[[ ${SELECT_GROUP,,} == "x" ]] && unset SELECT_GROUP
sed "/USERADD\[${SELECT_USERNAME}\]=/d" -i "${FILE_ROOT_USERS}"
[[ ${SELECT_EXTRAGROUPS,,} == "x" ]] && unset SELECT_EXTRAGROUPS
echo "USERADD[${SELECT_USERNAME}]='${USERADD[${SELECT_USERNAME}]}'" >> ${FILE_ROOT_USERS}
[[ ${SELECT_OPTIONAL,,} == "x" ]] && unset SELECT_OPTIONAL
fi
[[ ${SELECT_PASSWORD} == @(""|"x") ]] && SELECT_PASSWORD="${DEFAULTPASSWD}"
[[ -f "${SYSCONF}/users" ]] && sed "/USERADD\[.*\]=/d" -i "${SYSCONF}/users"
fi
IFS=: read -r SELECT_GECOS SELECT_UID SELECT_GROUP SELECT_EXTRAGROUPS SELECT_OPTIONAL SELECT_PASSWORD NULL <<< "${USERADD[${SELECT_USERNAME}]}"
[[ ${SELECT_GECOS,,} == "x" ]] && unset SELECT_GECOS
[[ ${SELECT_UID,,} == "x" || ${SELECT_UID} =~ ^[^0-9]+$ ]] && unset SELECT_UID
[[ ${SELECT_GROUP,,} == "x" ]] && unset SELECT_GROUP
[[ ${SELECT_EXTRAGROUPS,,} == "x" ]] && unset SELECT_EXTRAGROUPS
[[ ${SELECT_OPTIONAL,,} == "x" ]] && unset SELECT_OPTIONAL
[[ ${SELECT_PASSWORD} == @(""|"x") ]] && SELECT_PASSWORD="${DEFAULTPASSWD}"
[[ ${SELECT_PASSWORD} != @(""|'!*'|'!'|'*') ]] && SELECT_PASSWORD=$(return_hash_password hash ${HASHPASSWD} ${SELECT_PASSWORD})
[[ ${SELECT_PASSWORD} != @(""|'!*'|'!'|'*') ]] && SELECT_PASSWORD=$(return_hash_password hash ${HASHPASSWD} ${SELECT_PASSWORD})
# Если в дополнительных группа присутствует группа по имени пользователя, то удалить её из списка
# Если в дополнительных группа присутствует группа по имени пользователя, то удалить её из списка
SELECT_EXTRAGROUPS=${SELECT_EXTRAGROUPS//${SELECT_USERNAME}/}
SELECT_EXTRAGROUPS=${SELECT_EXTRAGROUPS//${SELECT_USERNAME}/}
@ -352,7 +387,6 @@ exec_04_useradd(){
ARG_SELECT_UID=; ARG_SELECT_GROUP=; ARG_SELECT_GECOS=; ARG_SELECT_PASSWORD=; ARG_SELECT_OPTIONAL=;
ARG_SELECT_UID=; ARG_SELECT_GROUP=; ARG_SELECT_GECOS=; ARG_SELECT_PASSWORD=; ARG_SELECT_OPTIONAL=;
if [[ ! $(cat ${FILE_PASSWD} 2>/dev/null) =~ ($'\n'|^)+"${SELECT_USERNAME}": ]]; then
if [[ ! $(cat ${FILE_PASSWD} 2>/dev/null) =~ ($'\n'|^)+"${SELECT_USERNAME}": ]]; then
[[ -n ${SELECT_UID} ]] && ARG_SELECT_UID="--uid ${SELECT_UID}" || unset ARG_SELECT_UID
[[ -n ${SELECT_UID} ]] && ARG_SELECT_UID="--uid ${SELECT_UID}" || unset ARG_SELECT_UID
# Если указана основная группа, но она не создана, то создать
# Если указана основная группа, но она не создана, то создать
unset ARG_GROUPADD_GID ARG_GROUPADD_GROUPNAME
unset ARG_GROUPADD_GID ARG_GROUPADD_GROUPNAME
# Если группа не найдена
# Если группа не найдена
@ -374,7 +408,7 @@ exec_04_useradd(){
# Если группа не имеет цифры и буквы
# Если группа не имеет цифры и буквы
unset SELECT_GROUP
unset SELECT_GROUP
fi
fi
[[ -n ${ARG_GROUPADD_GROUPNAME} ]] && exec_06 _groupadd "GROUPADD[${ARG_GROUPADD_GROUPNAME}]=x:${ARG_GROUPADD_GID}"
[[ -n ${ARG_GROUPADD_GROUPNAME} ]] && exec_05 _groupadd "GROUPADD[${ARG_GROUPADD_GROUPNAME}]=x:${ARG_GROUPADD_GID}"
fi
fi
# Создаём пользователя
# Создаём пользователя
if [[ -x ${ROOTFS}/usr/bin/useradd ]]; then
if [[ -x ${ROOTFS}/usr/bin/useradd ]]; then
@ -382,6 +416,7 @@ exec_04_useradd(){
[[ -n ${SELECT_GROUP} ]] && ARG_SELECT_GROUP="--gid ${SELECT_GROUP}" || unset ARG_SELECT_GROUP
[[ -n ${SELECT_GROUP} ]] && ARG_SELECT_GROUP="--gid ${SELECT_GROUP}" || unset ARG_SELECT_GROUP
[[ -n ${SELECT_PASSWORD} ]] && ARG_SELECT_PASSWORD="--password ${SELECT_PASSWORD}" || unset ARG_SELECT_PASSWORD
[[ -n ${SELECT_PASSWORD} ]] && ARG_SELECT_PASSWORD="--password ${SELECT_PASSWORD}" || unset ARG_SELECT_PASSWORD
ARG_SELECT_OPTIONAL="${SELECT_OPTIONAL}"
ARG_SELECT_OPTIONAL="${SELECT_OPTIONAL}"
[[ ${SELECT_OPTIONAL} =~ ("-o"|"--non-unique") ]] && [[ -n ${ARG_SELECT_GROUP} ]] || { SELECT_OPTIONAL=${SELECT_OPTIONAL//-o/}; SELECT_OPTIONAL=${SELECT_OPTIONAL//--non-unique/}; }
[[ ${SELECT_OPTIONAL} =~ ("-M"|"--no-create-home") ]] || { [[ -d "${ROOTFS}${PATH_HOME}/${SELECT_USERNAME}" ]] || ARG_SELECT_OPTIONAL+=" --create-home"; }
[[ ${SELECT_OPTIONAL} =~ ("-M"|"--no-create-home") ]] || { [[ -d "${ROOTFS}${PATH_HOME}/${SELECT_USERNAME}" ]] || ARG_SELECT_OPTIONAL+=" --create-home"; }
[[ ${SELECT_OPTIONAL} =~ ("-N"|"--no-user-group") ]] || { [[ -z ${SELECT_GROUP} ]] && ARG_SELECT_OPTIONAL+=" --user-group"; }
[[ ${SELECT_OPTIONAL} =~ ("-N"|"--no-user-group") ]] || { [[ -z ${SELECT_GROUP} ]] && ARG_SELECT_OPTIONAL+=" --user-group"; }
${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${ARG_SELECT_OPTIONAL} ${SELECT_USERNAME} #>/dev/null 2>&1
${CMD_CHROOT} /usr/bin/useradd ${ARG_SELECT_UID} ${ARG_SELECT_GROUP} ${ARG_SELECT_GECOS} ${ARG_SELECT_PASSWORD} ${ARG_SELECT_OPTIONAL} ${SELECT_USERNAME} #>/dev/null 2>&1
@ -403,7 +438,7 @@ exec_04_useradd(){
true
true
fi
fi
# Задаём параметры пароля пользователю /etc/shadow из USERSHADOW[user]. Только если запущено отдельно с
# Задаём параметры пароля пользователю /etc/shadow из USERSHADOW[user]. Только если запущено отдельно с
[[ -n ${PARAM} && -n ${USERSHADOW[${SELECT_USERNAME}]} ]] && exec_05 _usershadow "USERSHADOW[${SELECT_USERNAME}]=${USERSHADOW[${SELECT_USERNAME}]}"
[[ -n ${PARAM} && -n ${USERSHADOW[${SELECT_USERNAME}]} ]] && exec_04 _usershadow "USERSHADOW[${SELECT_USERNAME}]=${USERSHADOW[${SELECT_USERNAME}]}"
# Проверим права на домашний каталог пользователя совпадают с
# Проверим права на домашний каталог пользователя совпадают с
if [[ -d ${ROOTFS}${PATH_HOME}/${SELECT_USERNAME} && $(${CMD_CHROOT} /usr/bin/stat -c "%U:%G" ${PATH_HOME}/${SELECT_USERNAME}) != "${SELECT_USERNAME}:${SELECT_GROUP:-${SELECT_USERNAME}}" ]]; then
if [[ -d ${ROOTFS}${PATH_HOME}/${SELECT_USERNAME} && $(${CMD_CHROOT} /usr/bin/stat -c "%U:%G" ${PATH_HOME}/${SELECT_USERNAME}) != "${SELECT_USERNAME}:${SELECT_GROUP:-${SELECT_USERNAME}}" ]]; then
[[ -n ${ROOTFS} ]] && ARG_RECURSIVE="-R" || unset ARG_RECURSIVE
[[ -n ${ROOTFS} ]] && ARG_RECURSIVE="-R" || unset ARG_RECURSIVE
@ -419,8 +454,23 @@ exec_04_useradd(){
done 3< <(printf "%s\n" "${!USERADD[@]}")
done 3< <(printf "%s\n" "${!USERADD[@]}")
elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then
elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then
if [[ ${PARAM%%=*} =~ ^.*'['(.*)']' ]]; then
if [[ ${PARAM%%=*} =~ ^.*'['(.*)']' ]]; then
# Удалим пользователей только тех кто содержиться в файле учетных данных ${FILE_ROOT_USERS}
SELECT_USERNAME=${BASH_REMATCH[1]}
SELECT_USERNAME=${BASH_REMATCH[1]}
${CMD_CHROOT} /usr/bin/userdel --force ${SELECT_USERNAME}
delete_select_username(){
local SELECT_USERNAME=$1
if [[ -n ${SELECT_USERNAME} ]] && ${CMD_CHROOT} /usr/bin/getent passwd ${SELECT_USERNAME} &>/dev/null; then
${CMD_CHROOT} /usr/bin/userdel --force ${SELECT_USERNAME}
fi
[[ -f ${FILE_ROOT_USERS} ]] && sed "/USERADD\[${SELECT_USERNAME}\]/d" -i "${FILE_ROOT_USERS}" 2>/dev/null
${CMD_CHROOT} /usr/bin/ubconfig --noexecute remove [users] "USERSHADOW[${SELECT_USERNAME}]"
}
if [[ ${SELECT_USERNAME} == @("*"|"**"|"/"|"//") ]]; then
[[ -f ${FILE_ROOT_USERS} ]] && while IFS= read -ru3 LINE_USERADD; do
[[ ${LINE_USERADD} =~ ^.*'['(.*)']' ]] && delete_select_username ${BASH_REMATCH[1]}
done 3< <(grep -E "USERADD\[.*\]" ${FILE_ROOT_USERS} 2>/dev/null)
else
delete_select_username ${SELECT_USERNAME}
fi
fi
fi
fi
fi
}
}
@ -443,8 +493,8 @@ exec_04_useradd(){
## # Конвертировать кол-во дней от эпохи в понятную дату: date --date=@$(( DDDDD*(60*60*24) )); date --date=@EPOCH
## # Конвертировать кол-во дней от эпохи в понятную дату: date --date=@$(( DDDDD*(60*60*24) )); date --date=@EPOCH
## USERSHADOW[superadmin]=2023-01-01:0:99999:7::2025-01-01
## USERSHADOW[superadmin]=2023-01-01:0:99999:7::2025-01-01
## USERSHADOW[superadmin]=18009:0:120:7:14:
## USERSHADOW[superadmin]=18009:0:120:7:14:
exec_05 _usershadow(){
exec_04 _usershadow(){
#echo "exec_05 _usershadow"
#echo "exec_04 _usershadow"
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ -n ${COMMAND} ]] || COMMAND="set="
[[ -n ${COMMAND} ]] || COMMAND="set="
local SELECT_USERNAME SELECT_LASTCHANGED SELECT_MINDAY SELECT_MAXDAY SELECT_WARN SELECT_INACTIVE SELECT_EXPIRE NULL
local SELECT_USERNAME SELECT_LASTCHANGED SELECT_MINDAY SELECT_MAXDAY SELECT_WARN SELECT_INACTIVE SELECT_EXPIRE NULL
@ -511,8 +561,8 @@ exec_05_usershadow(){
## password|x # Хеш пароля группа, если выбрано 'x' или пусто, то группа без пароля
## password|x # Хеш пароля группа, если выбрано 'x' или пусто, то группа без пароля
## GROUPADD[g_department_1]=ob.ivanov,rv.smirnov
## GROUPADD[g_department_1]=ob.ivanov,rv.smirnov
## GROUPADD[g_department_2]='ob.ivanov,rv.smirnov:1001:x:superadmin:$6$E7stRhRS8fCKk7UU$Qoqw62AUaUa5uLIc2KC7WV3MUThhrR8kjXtCODmnKCzKe2zHu1/wmsiWBHZEIk/IQnk/aELQYbUK93OUtrwg60'
## GROUPADD[g_department_2]='ob.ivanov,rv.smirnov:1001:x:superadmin:$6$E7stRhRS8fCKk7UU$Qoqw62AUaUa5uLIc2KC7WV3MUThhrR8kjXtCODmnKCzKe2zHu1/wmsiWBHZEIk/IQnk/aELQYbUK93OUtrwg60'
exec_06 _groupadd(){
exec_05 _groupadd(){
#echo "exec_06 _groupadd"
#echo "exec_05 _groupadd"
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ $1 == @("set="|"set+="|"set++="|"set-="|"set--="|"remove") ]] && COMMAND=$1 && shift
[[ -n ${COMMAND} ]] || COMMAND="set="
[[ -n ${COMMAND} ]] || COMMAND="set="
local PARAM="$@"
local PARAM="$@"
@ -524,16 +574,22 @@ exec_06_groupadd(){
declare -A GROUPADD
declare -A GROUPADD
[[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}"
[[ ${PARAM%%=*} =~ [!\$%\&()*+,/\;\<\=\>?\^\{|\}~] ]] || eval "${PARAM%%=*}=\${PARAM#*=}"
fi
fi
# Удалить параметр из локальной конфигурации
[[ -z ${ROOTFS} && -f "${SYSCONF}/users" ]] && sed "/GROUPADD\[.*\]/d" -i "${SYSCONF}/users"
if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ ${#GROUPADD[@]} != 0 ]]; then
if [[ ${COMMAND} == @("set="|"set+="|"set++=") ]] && [[ ${#GROUPADD[@]} != 0 ]]; then
while IFS= read -ru3 SELECT_GROUP; do
while IFS= read -ru3 SELECT_GROUP; do
IFS=: read -r SELECT_USERS SELECT_GID SELECT_OPTIONAL SELECT_ADMINISTRATORS SELECT_PASSWORD NULL <<< "${GROUPADD[${SELECT_GROUP}]}"
# Добавить параметр в ${FILE_ROOT_USERS}=.users_credential и удалить параметр GROUPADD[.*] из '/etc/ublinux/users
[[ ${SELECT_USERS} == "x" ]] && unset SELECT_USERS
if [[ -n ${PARAM} && -z ${ROOTFS} ]]; then
[[ ${SELECT_GID,,} == "x" || ${SELECT_GID} =~ ^[^0-9]*$ ]] && unset SELECT_GID
if [[ -f ${FILE_ROOT_USERS} ]]; then
sed "/GROUPADD\[${SELECT_GROUP}\]=/d" -i "${FILE_ROOT_USERS}"
echo "GROUPADD[${SELECT_GROUP}]='${GROUPADD[${SELECT_GROUP}]}'" >> ${FILE_ROOT_USERS}
fi
[[ -f "${SYSCONF}/users" ]] && sed "/GROUPADD\[.*\]=/d" -i "${SYSCONF}/users"
fi
IFS=: read -r SELECT_USERS SELECT_GID SELECT_OPTIONAL SELECT_ADMINISTRATORS SELECT_PASSWORD NULL <<< "${GROUPADD[${SELECT_GROUP}]}"
[[ ${SELECT_USERS} == "x" ]] && unset SELECT_USERS
[[ ${SELECT_GID,,} == "x" || ${SELECT_GID} =~ ^[^0-9]*$ ]] && unset SELECT_GID
#echo "==> ${SELECT_GROUP}:${SELECT_USERS}:${SELECT_GID}:${SELECT_OPTIONAL}:${SELECT_ADMINISTRATORS}:${SELECT_PASSWORD}"
#echo "==> ${SELECT_GROUP}:${SELECT_USERS}:${SELECT_GID}:${SELECT_OPTIONAL}:${SELECT_ADMINISTRATORS}:${SELECT_PASSWORD}"
[[ ${SELECT_OPTIONAL} == "x" ]] && unset SELECT_OPTIONAL
[[ ${SELECT_OPTIONAL} == "x" ]] && unset SELECT_OPTIONAL
[[ ${SELECT_PASSWORD} == @(""|"x") ]] && unset SELECT_PASSWORD
[[ ${SELECT_PASSWORD} == @(""|"x") ]] && unset SELECT_PASSWORD
[[ ${SELECT_PASSWORD} != @(""|'!*'|'!'|'*') ]] && SELECT_PASSWORD=$(return_hash_password hash ${HASHPASSWD} ${SELECT_PASSWORD})
[[ ${SELECT_PASSWORD} != @(""|'!*'|'!'|'*') ]] && SELECT_PASSWORD=$(return_hash_password hash ${HASHPASSWD} ${SELECT_PASSWORD})
# Поиск по имени в шаблонах пользователей/групп systemd
# Поиск по имени в шаблонах пользователей/групп systemd
[[ $(cat ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers) =~ ($'\n'|^)+'g'[[:blank:]]+"${SELECT_GROUP}"[[:blank:]]+([[:digit:]]+)[^$'\n']*($'\n'|$)+ ]] && FINDGROUP_ID=${BASH_REMATCH[2]} || unset FINDGROUP_ID
[[ $(cat ${ROOTFS}/usr/share/ublinux-sysusers/*.sysusers) =~ ($'\n'|^)+'g'[[:blank:]]+"${SELECT_GROUP}"[[:blank:]]+([[:digit:]]+)[^$'\n']*($'\n'|$)+ ]] && FINDGROUP_ID=${BASH_REMATCH[2]} || unset FINDGROUP_ID
@ -547,6 +603,7 @@ exec_06_groupadd(){
[[ -n ${SELECT_GID} ]] && [[ ! ${DATA_FILE_GROUP} =~ :${SELECT_GID}: ]] && ARG_SELECT_GID="--gid ${SELECT_GID}" || unset ARG_SELECT_GID
[[ -n ${SELECT_GID} ]] && [[ ! ${DATA_FILE_GROUP} =~ :${SELECT_GID}: ]] && ARG_SELECT_GID="--gid ${SELECT_GID}" || unset ARG_SELECT_GID
#[[ -n ${SELECT_USERS} ]] && ARG_SELECT_USERS="--users ${SELECT_USERS}" || unset ARG_SELECT_USERS
#[[ -n ${SELECT_USERS} ]] && ARG_SELECT_USERS="--users ${SELECT_USERS}" || unset ARG_SELECT_USERS
[[ -n ${SELECT_PASSWORD} ]] && ARG_SELECT_PASSWORD="--password ${SELECT_PASSWORD}" || unset ARG_SELECT_PASSWORD
[[ -n ${SELECT_PASSWORD} ]] && ARG_SELECT_PASSWORD="--password ${SELECT_PASSWORD}" || unset ARG_SELECT_PASSWORD
[[ ${SELECT_OPTIONAL} =~ ("-o"|"--non-unique") ]] && [[ -n ${ARG_SELECT_GID} ]] || { SELECT_OPTIONAL=${SELECT_OPTIONAL//-o/}; SELECT_OPTIONAL=${SELECT_OPTIONAL//--non-unique/}; }
# Создаём группу, если создана то изменяем под установленные параметры
# Создаём группу, если создана то изменяем под установленные параметры
if [[ ! ${DATA_FILE_GROUP} =~ ($'\n'|^)+${SELECT_GROUP}: ]]; then
if [[ ! ${DATA_FILE_GROUP} =~ ($'\n'|^)+${SELECT_GROUP}: ]]; then
if [[ -x ${ROOTFS}/usr/bin/groupadd ]]; then
if [[ -x ${ROOTFS}/usr/bin/groupadd ]]; then
@ -560,7 +617,7 @@ exec_06_groupadd(){
elif [[ -n ${ARG_SELECT_GID} ]]; then
elif [[ -n ${ARG_SELECT_GID} ]]; then
if [[ -x ${ROOTFS}/usr/bin/groupmod ]]; then
if [[ -x ${ROOTFS}/usr/bin/groupmod ]]; then
# т.к. groupmod принимет не все возможные аргументы совместимы с
# т.к. groupmod принимет не все возможные аргументы совместимы с
[[ ${SELECT_OPTIONAL} =~ ("--non-unique"|"-o") ]] && ARG_NON_UNIQUE="--non-unique" || unset ARG_NON_UNIQUE
[[ ${SELECT_OPTIONAL} =~ ("--non-unique"|"-o") ]] && [[ -n ${ARG_SELECT_GID} ]] && ARG_NON_UNIQUE="--non-unique" || unset ARG_NON_UNIQUE
[[ -n ${SELECT_PASSWORD} ]] && ARG_SELECT_PASSWORD="--password ${SELECT_PASSWORD}" || unset ARG_SELECT_PASSWORD
[[ -n ${SELECT_PASSWORD} ]] && ARG_SELECT_PASSWORD="--password ${SELECT_PASSWORD}" || unset ARG_SELECT_PASSWORD
#${CMD_CHROOT} /usr/bin/groupmod --append ${ARG_SELECT_USERS} ${ARG_SELECT_GID} ${ARG_NON_UNIQUE} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP}
#${CMD_CHROOT} /usr/bin/groupmod --append ${ARG_SELECT_USERS} ${ARG_SELECT_GID} ${ARG_NON_UNIQUE} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP}
${CMD_CHROOT} /usr/bin/groupmod ${ARG_SELECT_GID} ${ARG_NON_UNIQUE} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP}
${CMD_CHROOT} /usr/bin/groupmod ${ARG_SELECT_GID} ${ARG_NON_UNIQUE} ${ARG_SELECT_PASSWORD} ${SELECT_GROUP}
@ -599,7 +656,20 @@ exec_06_groupadd(){
elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then
elif [[ ${COMMAND} == @("set-="|"set--="|"remove") ]]; then
if [[ ${PARAM%%=*} =~ ^.*'['(.*)']' ]]; then
if [[ ${PARAM%%=*} =~ ^.*'['(.*)']' ]]; then
SELECT_GROUP=${BASH_REMATCH[1]}
SELECT_GROUP=${BASH_REMATCH[1]}
${CMD_CHROOT} /usr/bin/groupdel --force ${SELECT_GROUP}
delete_select_group(){
local SELECT_GROUP=$1
if [[ -n ${SELECT_GROUP} ]] && ${CMD_CHROOT} /usr/bin/getent group ${SELECT_GROUP} &>/dev/null; then
${CMD_CHROOT} /usr/bin/groupdel --force ${SELECT_GROUP}
fi
[[ -f ${FILE_ROOT_USERS} ]] && sed "/GROUPADD\[${SELECT_GROUP}\]/d" -i "${FILE_ROOT_USERS}" 2>/dev/null
}
if [[ ${SELECT_GROUP} == @("*"|"**"|"/"|"//") ]]; then
[[ -f ${FILE_ROOT_USERS} ]] && while IFS= read -ru3 LINE_GROUPADD; do
[[ ${LINE_GROUPADD} =~ ^.*'['(.*)']' ]] && delete_select_group ${BASH_REMATCH[1]}
done 3< <(grep -E "GROUPADD\[.*\]" ${FILE_ROOT_USERS} 2>/dev/null)
else
delete_select_group ${SELECT_GROUP}
fi
fi
fi
fi
fi
}
}
