#!/bin/sh
#writen by Zane C. Bowers <vvelox@vvelox.net>
. `which sh-include`
include lugtools
usage(){
echo "luadd: add a user to a POSIX user account to LDAP for use with NSS LDAP"
echo "version 0.1.2"
echo ""
echo "-c <file> the config file to use... the default is ~/.lugtools"
echo "-R non-root ok"
echo ""
echo "required:"
echo "-u <username> the username of the user"
echo ""
echo "-h display this"
}
#create the tmp file
tmpfile=/tmp/luadd.$$
touch $tmpfile
chmod go-rwx $tmpfile
#default config file
config=~/.lugtools
NONROOTOK="false"
BACKUPDIR="/arc/backup/removed-users"
BACKUP="true"
RMEMPTYUGROUP="true"
PGROUPREMOVE="true"
EXISTCHECK="true"
#get the options
while getopts hu:HRb OPTION ; do
case "$OPTION" in
u) username="$OPTARG" ;;
H) home="false" ;;
h) usage=true ;;
R) NONROOTOK="true" ;;
\?) usage=true ;;
esac
done
#if usage is defined, print the usage info and exit
if [ ! -z $usage ]; then
usage;
exit 1;
fi
#includes the config file
if [ -e $config ]; then
. $config
else
echo $config does not exist
exit 1
fi
#determines if it should exit if the user is not root
if [ ! `whoami` = "root" ]; then
if [ "$NONROOTOK" = "false" ]; then
echo "It is not ok to run this from something other than root."
exit 1;
fi
fi
#check if the user should exist before trying to execute the code
if [ $EXISTCHECK = "true" ]; then
if [ `userExists $username` = "false" ]; then
echo "user, $username, does not exist"
exit 1
fi
fi
#backupdir check
if [ ! -d "$BACKUPDIR" ]; then
echo "$BACKUPDIR does not exist or is not a directory"
exit 1
fi
#exit if no username is specified
if [ -z $username ]; then
echo -u not used to specify a user name
fi
#the users to be removed home directory
uhome=`userHome $username`
if [ $BACKUP = "true" ]; then
if [ ! -d $uhome ]; then
echo "$uhome is not a directory, so not backing it up"
else
echo "begining backing up $uhome"
tar -zcvf $BACKUPDIR/$username.`date +%C%y%m%d-%H%M%S`.tgz
fi
else
echo "BACKUP set to false in $config... not backing up user before removing"
fi
#remove user from all LDAP groups
removeUserFromLDAPGroupsCheck=`removeUserFromLDAPGroups "$username" "$BIND" "$PASSWDFILE" "$USERBASE" "$GROUPBASE"`
if [ $removeUserFromLDAPGroupsCheck = "true" ]; then
echo "removed $username from all LDAP groups"
else
echo "failed to remove $username from all LDAP groups"
fi
#get GIDlist
GIDlist=`userGIDlist $username`
#remove the users primary group if it PGROUPREMOVE is set to true
if [ $PGROUPREMOVE = "true" ]; then
pGroup=`userPgroup $username`
#only remove it if it is empty
if [ `primaryGroupEmpty $username` = true ]; then
if [ `groupIsLocal` = true ]; then
echo "groupIsLocal=$groupIsLocal"
pw groupdel $pGroup
if [ $? = 0 ]; then
echo "primary group removed"
else
echo "failed to remove primary group"
fi
else
pGroupRemoveReturn=`removeLDAPposixGroup $pGroup $GROUPBASE $BIND $PASSWDFILE`
if [ $pGroupRemoveReturn = "true" ]; then
echo "primary group removed"
else
echo "failed to remove primary group"
fi
fi
else
echo "not removing the user's primary group, $pGroup, because it is still in use by "`otherUsersInGroup $pGroup $username`
fi
fi
#removes the user finally
if [ `userIsLocal` = true ]; then
pw userdel $username
if [ $? = 0 ]; then
echo "user removed"
else
echo "failed to remove user"
fi
else
pGroupRemoveReturn=`removeLDAPposixUser $username $USERBASE $BIND $PASSWDFILE`
if [ $pGroupRemoveReturn = "true" ]; then
echo "user removed"
else
echo "failed to remove user"
fi
fi
cat $tmpfile
rm $tmpfile
syntax highlighted by Code2HTML, v. 0.9.1