antihero
08-23-2001, 01:43 AM
Ok here is what I want to do...
keep inmind running slackware 8 w/ wu-ftpd
I want to make a shell script that will add a new user. This shell script gather this information: username, password, home dir, shell, make users public_html dir (which is seen on the web as www.whatever.com/~bob (http://www.whatever.com/~bob) or www.whatever.com/users/bob), (http://www.whatever.com/users/bob),) make the user an ftp dir, and finally jail the user. Oh and bob should have email as well
What I would like to do eventually is have the script run by root and for the variables to be entered and everything is set up nice and final like.
So I have a user called bob. Bob can ftp in via any ftp cklient and is jailed in what he sees as /. Where bob really is is either /home/ftp/bob or /home/bob/ftp. I am not really sure witch one is better. Also he hes access to his public_html dir from ftp as well. So when he ftp's in he is in ftp, but he can drop files in public_html from ftp.
Bob also has a shell account that he is jailed in. If bob ssh's in to his account and does an ls he will see the following dirs:
public_html ftp mail ; and whatever else should be here. Now are the dir really there or are those just links to the real dir or virtual? I am not sure. How is it typically done. This is what the shell account I have looks liek. I am not sure how they did it but I like the setup. Also in Bobs shell he should be able to: ls, dir, cp, mkdir, mv, rm, rmdir, cat, more, vi, and a mail client. Bob should be able to read and send mail from his shell as well.
Anyways this is what I am going for and this is the script that I wrote to do it and well I think I am half way there> Any help would be appreciated. Oh and Can I do all of this from one shell script that basically prompts for certain values and then enters them where need be and sets this up thereby simplifying the **** out of the process?
Oh I commented the **** out of this script so it should be real easy to follow:
#!/bin/sh
#adduser2
#prints nice lil file ooh soo pretty
clear
echo "|================================================= ==========|"
echo "| |"
echo "| Welcome to the script that didn't work |"
echo "| Version 0.1 |"
echo "| |"
echo "|================================================= ==========|"
echo "|================================================= ==========|"
echo "| |"
echo "| adduser2.sh |"
echo "| --------------------- |"
echo "| This script will: |"
echo "| |"
echo "| A)Add a user |"
echo "| B)Set the user's password |"
echo "| C)Creates user's home dir |"
echo "| D)Select user's shell |"
echo "| E)Make user's public_html dir |"
echo "| F)Make user's FTP dir |"
echo "| G)Jail user in their home dir |"
echo "| |"
echo "|================================================= ==========|"
echo
echo "Hit Enter to proceed..."
read FOO
#let's begin shall we
#Add a user
#gets the users login name
clear
echo -n "Login name for new user: "
read LOGIN
if [ -z $LOGIN ]
then echo "That was about ****in stupid eh..."
echo "Now ya gotta start over dummy...";exit
fi
#Set the user's password
clear
echo -n "Create $LOGIN's Password... be creative now: "
read PASSWORD
if [ -z $PASSWORD ]
then PASSWORD="$LOGIN"
fi
#Creates user's home dir
clear
echo -n "Create $LOGIN's home directory"
echo
echo "Default is /home/$LOGIN: "
read HOME
XHOME="-d $HOME"
if [ -z $HOME ]
then XHOME=""
fi
#Select user's shell
clear
echo -n "Select $LOGIN's shell"
echo
echo "Default is /bin/bash: "
echo
echo "Options include:"
echo "/bin/bash"
echo "/bin/tcsh"
echo "/bin/csh"
echo "/dev/null (Option This for FTP only w/ *NO* Sheel account?)"
read SHELL
XSHELL="-s $SHELL"
if [ -z $SHELL ]
then XSHELL=""
fi
#Creates ACCOUNT
clear
echo -n
echo "OK, I'm about to make a new account."
echo
echo -n "Here's what you entered so far:"
echo
echo
echo "New login name: $LOGIN"
echo "Password: $PASSWORD (WRITE THIS DOWN!)"
if [ -z $GHME ]
then echo "Home directory: /home/$LOGIN"
else echo "Home directory: $HME"
fi
if [ -z $GSHL ]
then echo "Shell: /bin/bash/"
else echo "Shell: $SHL"
fi
echo
echo
echo -n "This is it... if you want to bail out, you'd better do it now."
echo
echo
echo -n "Continue [Y or N]"
read MAKEUSER
if [ $MAKEUSER == y ] || [ $MAKEUSER == Y ]
then /usr/sbin/useradd $XHOME -m $XSHELL $LOGIN
#This part doesnt seem to pass on to passwd correctly.
#I want to be able to send a variable to passwd and have
#it accept it unconditionally and without it trying to confirm it.
/usr/bin/passwd -l $LOGIN $PASSWORD 1> /dev/null
echo
echo
echo
echo "User $LOGIN has been succesfully made yo!..."
echo
echo -n "Hit Enter to proceed..."
else echo "You chose not to proceed"
else echo "User was not made...process aborted like a bad fetus";exit
fi
read FOO
#INTERMISSION
clear
echo -n "And now for the fun stuff... let's hope it works"
echo
echo
echo "Hit Enter to proceed..."
read FOO
#Make user's public_html dir
clear
echo -n "Do you wish to give $LOGIN a public_html directory?:"
read HTML
if [ $HTML == y ] || [ $HTML == Y ]
then mkdir /home/$LOGIN/public_html
echo
echo "Home directory: /home/$LOGIN/public_html"
else echo "you chose not to give $LOGIN a public_html dir"
fi
#Make user's FTP dir
echo
echo
echo -n "Do you wish to give $LOGIN an ftp directory?:"
read FTP
if [ $FTP == y ] || [ $FTP == Y ]
then mkdir /home/$LOGIN/ftp
echo
echo "FTP directory: /home/$LOGIN/FTP"
else echo "you chose not to give $LOGIN an ftp dir"
fi
#Jail user in their home dir
echo
echo
echo -n "Do you wish to send $LOGIN to chroot jail?:"
read Jail
if [ $Jail == y ] || [ $Jail == Y ]
then echo "This will guide you through making this user chrooted to home/ftp/$LOGIN"
echo "Mind you I have no ****ing clue how to do this..."
echo
################################################## ######################################
# Apparently I have commented these out cause they are not needed
# I wasted 3 hours so I'll keep em just in case
# If they are needed then good...
# If not they are a good reminder not to go of on a tangent
#
# echo "Hit Enter to create all the necessary chrooted environment directories"
# read FOO
# mkdir /home/$LOGIN/ftp/dev
# echo "Successfully made dir: /home/$LOGIN/ftp/dev"
# mkdir /home/$LOGIN/ftp/etc
# echo "Successfully made dir: /home/$LOGIN/ftp/etc"
# echo
# echo "Hit Enter to change the new directories permission to 0511"
# read FOO
# chmod 0511 /home/$LOGIN/ftp/dev
# echo "Successfully chmod 0511 dir: /home/$LOGIN/ftp/dev"
# chmod 0511 /home/$LOGIN/ftp/etc
# echo "Successfully chmod 0511 dir: /home/$LOGIN/ftp/etc"
# echo
# echo "Hit Enter to create /home/ftp/$LOGIN/dev/null file"
# read FOO
# mknod /home/$LOGIN/ftp/dev/null c 1 3
# echo "Successfully mknod /home/$LOGIN/ftp/dev/null c 1 3"
# chmod 666 /home/$LOGIN/ftp/dev/null
# echo "Successfully chmod 666 dir: /home/$LOGIN/ftp/dev/null"
# echo
# echo "Hit Enter to copy the group and passwd files in /home/$LOGIN/ftp/etc directory"
# read FOO
# cp /etc/passwd /home/$LOGIN/ftp/etc/
# echo "Successfully copied: /etc/passwd"
# cp /etc/group /home/$LOGIN/ftp/etc/
# echo "Successfully copied: /etc/group"
# echo
# echo "Hit Enter to set passwd, and group files in the chroot jail directory immutable"
# read FOO
# chattr +i /home/$LOGIN/ftp/etc/passwd
# echo "Successfully chattr +i: /home/$LOGIN/ftp/etc/passwd"
# chattr +i /home/$LOGIN/ftp/etc/group
# echo "Successfully chattr +i: /home/$LOGIN/ftp/etc/group"
#
# echo "done!"
################################################## ######################################
else echo "you chose not to jail $login to his home dir"
echo -n "this is a potential security risk"
echo
fi
OK so where did I go wrong... and what else needs to be done. Of course I will add email functionality later...
keep inmind running slackware 8 w/ wu-ftpd
I want to make a shell script that will add a new user. This shell script gather this information: username, password, home dir, shell, make users public_html dir (which is seen on the web as www.whatever.com/~bob (http://www.whatever.com/~bob) or www.whatever.com/users/bob), (http://www.whatever.com/users/bob),) make the user an ftp dir, and finally jail the user. Oh and bob should have email as well
What I would like to do eventually is have the script run by root and for the variables to be entered and everything is set up nice and final like.
So I have a user called bob. Bob can ftp in via any ftp cklient and is jailed in what he sees as /. Where bob really is is either /home/ftp/bob or /home/bob/ftp. I am not really sure witch one is better. Also he hes access to his public_html dir from ftp as well. So when he ftp's in he is in ftp, but he can drop files in public_html from ftp.
Bob also has a shell account that he is jailed in. If bob ssh's in to his account and does an ls he will see the following dirs:
public_html ftp mail ; and whatever else should be here. Now are the dir really there or are those just links to the real dir or virtual? I am not sure. How is it typically done. This is what the shell account I have looks liek. I am not sure how they did it but I like the setup. Also in Bobs shell he should be able to: ls, dir, cp, mkdir, mv, rm, rmdir, cat, more, vi, and a mail client. Bob should be able to read and send mail from his shell as well.
Anyways this is what I am going for and this is the script that I wrote to do it and well I think I am half way there> Any help would be appreciated. Oh and Can I do all of this from one shell script that basically prompts for certain values and then enters them where need be and sets this up thereby simplifying the **** out of the process?
Oh I commented the **** out of this script so it should be real easy to follow:
#!/bin/sh
#adduser2
#prints nice lil file ooh soo pretty
clear
echo "|================================================= ==========|"
echo "| |"
echo "| Welcome to the script that didn't work |"
echo "| Version 0.1 |"
echo "| |"
echo "|================================================= ==========|"
echo "|================================================= ==========|"
echo "| |"
echo "| adduser2.sh |"
echo "| --------------------- |"
echo "| This script will: |"
echo "| |"
echo "| A)Add a user |"
echo "| B)Set the user's password |"
echo "| C)Creates user's home dir |"
echo "| D)Select user's shell |"
echo "| E)Make user's public_html dir |"
echo "| F)Make user's FTP dir |"
echo "| G)Jail user in their home dir |"
echo "| |"
echo "|================================================= ==========|"
echo
echo "Hit Enter to proceed..."
read FOO
#let's begin shall we
#Add a user
#gets the users login name
clear
echo -n "Login name for new user: "
read LOGIN
if [ -z $LOGIN ]
then echo "That was about ****in stupid eh..."
echo "Now ya gotta start over dummy...";exit
fi
#Set the user's password
clear
echo -n "Create $LOGIN's Password... be creative now: "
read PASSWORD
if [ -z $PASSWORD ]
then PASSWORD="$LOGIN"
fi
#Creates user's home dir
clear
echo -n "Create $LOGIN's home directory"
echo
echo "Default is /home/$LOGIN: "
read HOME
XHOME="-d $HOME"
if [ -z $HOME ]
then XHOME=""
fi
#Select user's shell
clear
echo -n "Select $LOGIN's shell"
echo
echo "Default is /bin/bash: "
echo
echo "Options include:"
echo "/bin/bash"
echo "/bin/tcsh"
echo "/bin/csh"
echo "/dev/null (Option This for FTP only w/ *NO* Sheel account?)"
read SHELL
XSHELL="-s $SHELL"
if [ -z $SHELL ]
then XSHELL=""
fi
#Creates ACCOUNT
clear
echo -n
echo "OK, I'm about to make a new account."
echo
echo -n "Here's what you entered so far:"
echo
echo
echo "New login name: $LOGIN"
echo "Password: $PASSWORD (WRITE THIS DOWN!)"
if [ -z $GHME ]
then echo "Home directory: /home/$LOGIN"
else echo "Home directory: $HME"
fi
if [ -z $GSHL ]
then echo "Shell: /bin/bash/"
else echo "Shell: $SHL"
fi
echo
echo
echo -n "This is it... if you want to bail out, you'd better do it now."
echo
echo
echo -n "Continue [Y or N]"
read MAKEUSER
if [ $MAKEUSER == y ] || [ $MAKEUSER == Y ]
then /usr/sbin/useradd $XHOME -m $XSHELL $LOGIN
#This part doesnt seem to pass on to passwd correctly.
#I want to be able to send a variable to passwd and have
#it accept it unconditionally and without it trying to confirm it.
/usr/bin/passwd -l $LOGIN $PASSWORD 1> /dev/null
echo
echo
echo
echo "User $LOGIN has been succesfully made yo!..."
echo
echo -n "Hit Enter to proceed..."
else echo "You chose not to proceed"
else echo "User was not made...process aborted like a bad fetus";exit
fi
read FOO
#INTERMISSION
clear
echo -n "And now for the fun stuff... let's hope it works"
echo
echo
echo "Hit Enter to proceed..."
read FOO
#Make user's public_html dir
clear
echo -n "Do you wish to give $LOGIN a public_html directory?:"
read HTML
if [ $HTML == y ] || [ $HTML == Y ]
then mkdir /home/$LOGIN/public_html
echo
echo "Home directory: /home/$LOGIN/public_html"
else echo "you chose not to give $LOGIN a public_html dir"
fi
#Make user's FTP dir
echo
echo
echo -n "Do you wish to give $LOGIN an ftp directory?:"
read FTP
if [ $FTP == y ] || [ $FTP == Y ]
then mkdir /home/$LOGIN/ftp
echo
echo "FTP directory: /home/$LOGIN/FTP"
else echo "you chose not to give $LOGIN an ftp dir"
fi
#Jail user in their home dir
echo
echo
echo -n "Do you wish to send $LOGIN to chroot jail?:"
read Jail
if [ $Jail == y ] || [ $Jail == Y ]
then echo "This will guide you through making this user chrooted to home/ftp/$LOGIN"
echo "Mind you I have no ****ing clue how to do this..."
echo
################################################## ######################################
# Apparently I have commented these out cause they are not needed
# I wasted 3 hours so I'll keep em just in case
# If they are needed then good...
# If not they are a good reminder not to go of on a tangent
#
# echo "Hit Enter to create all the necessary chrooted environment directories"
# read FOO
# mkdir /home/$LOGIN/ftp/dev
# echo "Successfully made dir: /home/$LOGIN/ftp/dev"
# mkdir /home/$LOGIN/ftp/etc
# echo "Successfully made dir: /home/$LOGIN/ftp/etc"
# echo
# echo "Hit Enter to change the new directories permission to 0511"
# read FOO
# chmod 0511 /home/$LOGIN/ftp/dev
# echo "Successfully chmod 0511 dir: /home/$LOGIN/ftp/dev"
# chmod 0511 /home/$LOGIN/ftp/etc
# echo "Successfully chmod 0511 dir: /home/$LOGIN/ftp/etc"
# echo
# echo "Hit Enter to create /home/ftp/$LOGIN/dev/null file"
# read FOO
# mknod /home/$LOGIN/ftp/dev/null c 1 3
# echo "Successfully mknod /home/$LOGIN/ftp/dev/null c 1 3"
# chmod 666 /home/$LOGIN/ftp/dev/null
# echo "Successfully chmod 666 dir: /home/$LOGIN/ftp/dev/null"
# echo
# echo "Hit Enter to copy the group and passwd files in /home/$LOGIN/ftp/etc directory"
# read FOO
# cp /etc/passwd /home/$LOGIN/ftp/etc/
# echo "Successfully copied: /etc/passwd"
# cp /etc/group /home/$LOGIN/ftp/etc/
# echo "Successfully copied: /etc/group"
# echo
# echo "Hit Enter to set passwd, and group files in the chroot jail directory immutable"
# read FOO
# chattr +i /home/$LOGIN/ftp/etc/passwd
# echo "Successfully chattr +i: /home/$LOGIN/ftp/etc/passwd"
# chattr +i /home/$LOGIN/ftp/etc/group
# echo "Successfully chattr +i: /home/$LOGIN/ftp/etc/group"
#
# echo "done!"
################################################## ######################################
else echo "you chose not to jail $login to his home dir"
echo -n "this is a potential security risk"
echo
fi
OK so where did I go wrong... and what else needs to be done. Of course I will add email functionality later...