帐号添加脚本

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了帐号添加脚本相关的知识,希望对你有一定的参考价值。

#!/bin/sh
#export LANG=zh_CN.GBK
#set -x

=================================================================================================================

Add account and group

Written by : majun

Release : 1.0

Creation date : 2012-4-4

=================================================================================================================

#

HISTORY :

Release | Date | Authors | Description

--------------+-----------------+---------------+----------------------------------------------------------------

1.0 | 04.04.12 | majun |

--------------+-----------------+---------------+----------------------------------------------------------------

1.1 | 05.10.12 | majun | Add user to mutli group

--------------+-----------------+---------------+----------------------------------------------------------------

1.2 | 05.11.12 | majun | Add group check command (id groupname)

| | | To avoid duplication user in sudo file

--------------+-----------------+---------------+----------------------------------------------------------------

1.3 | 05.14.12 | majun | Send email to use who never loginned to change pw

--------------+-----------------+---------------+----------------------------------------------------------------

1.4 | 08.30.12 | majun | Ldap useradd

--------------+-----------------+---------------+----------------------------------------------------------------

1.5 | 01.12.13 | majun | Ldap userdel

--------------+-----------------+---------------+----------------------------------------------------------------

1.6 | 04.24.13 | majun | Add lock user

--------------+-----------------+---------------+----------------------------------------------------------------

1.7 | 05.09.07 | majun | Can Add user to other group

--------------+-----------------+---------------+----------------------------------------------------------------

1.8 | 06.12.22 | majun | hostname include ‘-‘ conflict with regular like this [0-9]

--------------+-----------------+---------------+----------------------------------------------------------------

PASSFILE=/home/syn/passwd
SHADOWFILE=/home/syn/shadow
HOSTFILE=/var/tmp/${SUDO_USER}_user.list.date +%s
CMDFILE=/var/tmp/${SUDO_USER}_user.sh.date +%s
SARG=$1
USERARG=$2
GSSHFILE=/usr/local/sa/scripts/gssh.sh
TIMES=date +%s
ERRORMSG=/var/tmp/addacount_error
HOMEDIR=pwd
MAIL=YES

$HOSTFILE
$ERRORMSG
echo ‘#!/bin/sh‘ >$CMDFILE
echo ‘export LC_ALL=en_US.UTF-8‘ >>$CMDFILE
echo ‘export LANGUAGE=en_US.UTF-8‘ >>$CMDFILE
echo ‘export PATH=/sbin:/usr/sbin:/usr/local/sbin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/bin:/bin:/usr/local/bin‘ >>$CMDFILE
print_help(){
echo "Options:
-u
Account
Multiple accounts, split
-g
Special account
could game adplatform work ...
-s
Add use with sudo privileges.
-d
Delete user.
-l
Lock user.
-c
Update user info,If user not exist will be create.
-p
Update user passwd.
-h
hostname or ip
Multiple hostlist, split
-f
Hostfile will add account
-t
For run test
It will print addinfo
-m
Contact user to change default passwd auto.
--help
Print detailed help screen"
echo "Help example"
echo ""
echo "Add user"
echo " $0 -u majun -h r[01-04].dfs.bjt.qihoo.net,10.119.93.[11-12] -t"
echo "Add user with sudo"
echo " $0 -s -u majun,miaohongzhi -h r[01-04].dfs.bjt.qihoo.net "
echo "Add user with cloud"
echo " $0 -u majun,miaohongzhi -g cloud -f host.list"
echo "Add special account"
echo " $0 -g cloud -h r[01-04].dfs.bjt.qihoo.net "
exit 0
}
if [ $# = 0 ]
then
print_help
exit 0
fi
while [ $# -gt 0 ]; do
case "$1" in
-H | --help)
print_help
;;
-s | --sudo)
SUDO=YES
;;
-u | --user)
shift
USERS=$1
;;
-g | --group)
shift
GROUP=$1
;;
-f | --hostfile)
shift
HOSTLIST=$1
;;
-h | --host)
shift
HOSTLINE=$1
;;
-t | --test)
TEST=YES
;;
-m | --mail)
MAIL=YES
;;
-d | --del)
DEL=YES
;;
-l | --lock)
LOCK=YES
;;
-c | --change)
UPD=YES
;;
-p | --changepass)
UPDP=YES
;;
*) echo "Unknown argument: $1"
print_help
exit $STATE_UNKNOWN
;;
esac
shift
done

if [ ! -d /var/log/account/date +%Y%m ]
then
mkdir -p /var/log/account/date +%Y%m
fi

RESULTFILE=/var/log/account/date +%Y%m/date +%Y%m%d_${SUDO_USER}_AU=${USERS}AG=${GROUP}${TIMES}RESU
ADDINFOFILE=/var/log/account/date +%Y%m/date +%Y%m%d
${SUDO_USER}_AU=${USERS}AG=${GROUP}${TIMES}_INFO

getline(){

    if echo $line|grep -v -E "\[|\]" >>/dev/null
    then
    echo $line >>$HOSTFILE
    else

    a1=`echo $line |awk -F [ ‘{print $1}‘`
    a2=`echo $line |awk -F ] ‘{print $2}‘`
    n1=`echo $line |awk -F [ ‘{print $2}‘|awk -F \- ‘{print $1}‘`
    n2=`echo $line |awk -F ] ‘{print $1}‘|awk -F \- ‘{print $NF}‘`
    i=$n1

    while [ "$i" -le "$n2" ]
    do
            if [ "${#i}" != "2"  -o  "$i" -gt 8 ]
            then
                    echo "${a1}${i}${a2}" >>$HOSTFILE
                    i=`echo "$i + 1"|bc `
            else
                    if [ $i == $n1 ]
                    then
                            echo ${a1}${i}${a2} >>$HOSTFILE
                            i=`echo "$i + 1"|bc `
                            i="0$i"
                    else
                            echo ${a1}${i}${a2}>>$HOSTFILE
                            i=`echo "$i + 1"|bc `
                            i="0$i"
                    fi
            fi
    done

    fi

}

NEWUSER=echo $USERS|sed ‘s/,/ /g‘
NEWGROUP=echo $GROUP|sed ‘s/,/ /g‘
NEWHOSTLINE=echo $HOSTLINE|sed ‘s/,/ /g‘
LOGINUSER=echo $SUDO_USER

if [ ! -n "${LOGINUSER}" ]; then
LOGINUSER=/usr/bin/whoami
if [ "${LOGINUSER}" == "root" ]; then
echo "Cannot run commands directly as root! Please add username at the end of the command line"
exit 0
fi
fi

getucmd(){
for name in $NEWUSER
do
pwstring=grep ‘^‘$name‘:‘ $SHADOWFILE |awk -F‘:‘ ‘{print $2}‘
if [ "$DEL" != "YES" ] && [ "$LOCK" != "YES" ]
then
if [ grep ‘^‘$name‘:‘ $SHADOWFILE |wc -l -eq 0 ]
then
ERROR=YES
echo "#Warning: User $name NOT FOUND!" >>$ERRORMSG
fi

            if [ "$pwstring" == ‘$1$CXxqvrMo$WmxPVHULQfNzMBuR2GBKl1‘ ]
            then 
                    ERROR=YES
                    if [ $MAIL == YES ]
                    then
                            echo "#Warning: User $name password is by default" >>   $ERRORMSG
                            echo "#Begin to send change passwd mailt to User $user" 
                            /root/autotool/mail.sh $name
                            sleep 1
                            echo 
                            echo "#mail send finished  And CC to majun,gehailong,weijianjun check mail please "
                    else
                            echo "#Warning: User $name password is by default, Contact and change password." >>$ERRORMSG
                    fi
            fi

    fi

else

            pwstring=`grep ‘^‘$name‘:‘ $SHADOWFILE |awk -F‘:‘ ‘{print $2}‘`
            realname=`grep ‘^‘$name‘:‘ $SHADOWFILE |awk -F‘:‘ ‘{print $1}‘`
            uid=`grep ‘^‘$name‘:‘ $PASSFILE |awk -F‘:‘ ‘{print $3}‘`
            LinuxUserlock=$LinuxUserlock"/usr/bin/passwd -l $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            LinuxUserdel=$LinuxUserdel"/usr/sbin/userdel $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;sed -i  \"/^$name ALL = (ALL) ALL$/d\" /etc/sudoers 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            FreebsdUserlock=$FreebsdUserlock"pw lock $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            FreebsdUserdel=$FreebsdUserdel"pw userdel $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;sed -i \"/^$name ALL = (ALL) ALL$/d\" /usr/local/etc/sudoers 2>> /dev/null 1>>/var/tmp/OK_\$TIMES;"
            LdapUseradd=$LdapUseradd"if ! grep  -qw $name /etc/pam.d/login_allow_users;then echo \"$name\" >>/etc/pam.d/login_allow_users;echo \"$name add Success\" >>/var/tmp/OK_\$TIMES;else echo \"$name already in white list\">>/var/tmp/ERR_\$TIMES;fi;"
            LdapUserdel=$LdapUserdel"if  grep  -qw $name /etc/pam.d/login_allow_users;then sed -i  \"/^$name$/d\" /etc/pam.d/login_allow_users;echo \"$name Del Success\" >>/var/tmp/OK_\$TIMES;else echo \"$name Not in white list\">>/var/tmp/ERR_\$TIMES;fi;"
            LinuxUseradd=$LinuxUseradd"/usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            LinuxUseraddtog=$LinuxUseraddtog" if id "$name";then if grep -v ^$name: /etc/group|grep -w "$name" ;then usermod -a  -G $GROUP "$name" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else usermod  -G $GROUP "$name" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi ;else /usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘ "$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
            FreebsdUseradd=$FreebsdUseradd"echo ‘"$pwstring"‘| pw useradd "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
            LinuxUserupdate=$LinuxUserupdate"if id $name ;then /usr/sbin/usermod -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else /usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
            #LinuxUserupdate=$LinuxUserupdate"if id $name ;then /usr/sbin/usermod -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            LinuxUserupdatep=$LinuxUserupdatep"if id $name >/dev/null 2>&1;then /usr/sbin/usermod  -p ‘"$pwstring"‘ $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;getent shadow $name | awk -F : ‘{print \$2}‘ ;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            FreebsdUserupdate=$FreebsdUserupdate"if id $name ;then echo ‘"$pwstring"‘| pw usermod "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo ‘"$pwstring"‘| pw useradd "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
            #FreebsdUserupdate=$FreebsdUserupdate"if id $name ;then echo ‘"$pwstring"‘| pw usermod "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            FreebsdUserupdatep=$FreebsdUserupdatep"cp /etc/master.passwd /root/;/usr/sbin/pw user mod weijianjun -G wheel;/usr/sbin/pw user mod miaohongzhi -G wheel;if id $name >/dev/null 2>&1;then /usr/bin/chpass -p ‘$pwstring‘ $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;/usr/bin/getent passwd $name| awk -F : ‘{print \$2}‘ ;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
            if [ "$SUDO" == YES ]
            then
                    FreebsdSudo=$FreebsdSudo"if ! grep \"^$name ALL = (ALL) ALL\" /usr/local/etc/sudoers >/dev/null;then echo ‘"$name" ALL = (ALL) ALL‘ >> /usr/local/etc/sudoers;fi;"
            fi
            if [ "$SUDO" == YES ]
            then
                    LinuxSudo=$LinuxSudo"if ! grep \"^$name ALL = (ALL) ALL\" /etc/sudoers >/dev/null;then echo ‘"$name" ALL = (ALL) ALL‘ >> /etc/sudoers;fi;"
            fi

fi

done

#if [ "$FreebsdUseradd" = "" ] && [ "$LinuxUseradd" = "" ]; then

echo " "

exit

#fi
echo ‘TIMES=date +%s‘ >>$CMDFILE
echo OStype=‘‘uname‘‘ >>$CMDFILE
echo "if ! id ldaptest;then" >>$CMDFILE
echo if [ \$OStype = FreeBSD ]‘;‘ then >>$CMDFILE
echo "cp /usr/local/etc/sudoers /home/majun/sudosers_$TIMES" >>$CMDFILE
if [ "$LOCK" == "YES" ]
then
echo $FreebsdUserlock >>$CMDFILE
else
if [ "$DEL" == "YES" ]
then
echo $FreebsdUserdel >>$CMDFILE
else
if [ "$UPDP" == "YES" ]
then
echo $FreebsdUserupdatep >>$CMDFILE
else
if [ "$UPD" == "YES" ]
then
echo $FreebsdUserupdate >>$CMDFILE
else
echo "$FreebsdUseradd $FreebsdSudo" >>$CMDFILE
fi
fi
fi
fi

echo ‘else‘ >>$CMDFILE
echo "cp /etc/sudoers /home/majun/sudosers_$TIMES" >>$CMDFILE

if [ "$LOCK" == "YES" ]
then
echo $LinuxUserlock >>$CMDFILE
else

if [ "$DEL" == "YES" ]
then
echo $LinuxUserdel >>$CMDFILE
else
if [ "$UPDP" == "YES" ]
then
echo $LinuxUserupdatep >>$CMDFILE
else
if [ "$UPD" == "YES" ]
then
echo $LinuxUserupdate >>$CMDFILE
else
if [ ! -z $GROUP ]
then
echo "$LinuxUseraddtog $LinuxSudo" >>$CMDFILE
else
echo "$LinuxUseradd $LinuxSudo" >>$CMDFILE
fi
fi
fi
fi
fi

echo ‘fi‘ >>$CMDFILE
echo " " >>$CMDFILE
if [ "$DEL" != "YES" ]
then
for u in $NEWUSER
do
#echo "id $u 2>> /var/tmp/ERR\$TIMES 1>>/var/tmp/OK\$TIMES" >>$CMDFILE
echo "if id $u >/dev/null 2>&1; then" >>$CMDFILE
echo "id $u >>/var/tmp/OK\$TIMES" >>$CMDFILE
echo "else" >>$CMDFILE
echo "echo \"$u does not exist\" >> /var/tmp/ERR
\$TIMES" >>$CMDFILE
echo "fi" >>$CMDFILE
done
fi
echo "else" >>$CMDFILE

if [ "$DEL" == "YES" ]
then

echo if [ \$OStype = FreeBSD ]‘;‘ then >>$CMDFILE
echo "$LdapUserdel $FreebsdSudo" >>$CMDFILE
echo "else" >>$CMDFILE
echo "$LdapUserdel $LinuxSudo" >>$CMDFILE
echo "fi" >>$CMDFILE

else
echo if [ \$OStype = FreeBSD ]‘;‘ then >>$CMDFILE
echo "$LdapUseradd $FreebsdSudo" >>$CMDFILE
echo "else" >>$CMDFILE
echo "$LdapUseradd $LinuxSudo" >>$CMDFILE
echo "fi" >>$CMDFILE
fi

echo "fi" >>$CMDFILE
echo ‘if [ -s "/var/tmp/ERR$TIMES" ] ‘ >>$CMDFILE
echo ‘then ‘ >>$CMDFILE
echo "if [ \$OStype = FreeBSD ] " >>$CMDFILE
echo ‘then‘ >>$CMDFILE
echo ‘ EMSG=`cat /var/tmp/ERR
$TIMES‘ &gt;&gt;$CMDFILE<br/>echo ‘else‘ &gt;&gt;$CMDFILE<br/>echo ‘ EMSG=cat /var/tmp/ERR$TIMES|xargs‘ &gt;&gt;$CMDFILE<br/>echo ‘fi‘ &gt;&gt;$CMDFILE<br/>echo ‘ EMSG="CMDERROR: $EMSG" ‘ &gt;&gt;$CMDFILE<br/>echo ‘fi ‘ &gt;&gt;$CMDFILE<br/>echo ‘OMSG=cat /var/tmp/OK$TIMES|xargs`‘ >>$CMDFILE
echo ‘echo "$EMSG STDOUT:$OMSG" ‘ >>$CMDFILE
}

getgcmd(){
#if echo $GROUP |grep ‘,‘ && [ ! -z $USERS ]
#then

echo "Group name $GROUP is set , when add user to group ,only on group can be set"

exit

#fi
for group in $NEWGROUP
do

group=$NEWGROUP

    cd /root/.speacc/
    GID=`ls *_$group|awk -F \_ ‘{print $1}‘`

echo "if ! /usr/bin/id $group " >>$CMDFILE

echo "then " >>$CMDFILE

    cat /root/.speacc/*_$group              >>$CMDFILE 2>/dev/null
    if [ $? != 0 ]
    then
            ERROR=YES
            echo "Critical Group $group is not found" >>$ERRORMSG
    fi

echo "fi" >>$CMDFILE

done
FG=" -G $GROUP"
LG=" -G $GROUP"
for g in $NEWGROUP
do
#echo "id $g" >>$CMDFILE
echo "if id $g >/dev/null 2>&1; then" >>$CMDFILE
echo "id $g" >>$CMDFILE
echo "else" >>$CMDFILE
echo "echo \"$g does not exist\" >> /var/tmp/ERR_\$TIMES" >>$CMDFILE
echo "fi" >>$CMDFILE
done
}

if [ ! -z $GROUP ]
then

echo ‘#!/bin/sh‘ >>$CMDFILE

    getgcmd

fi

if [ ! -z $USERS ]
then

if [ -z $GROUP ]

then

echo ‘#!/bin/sh‘ >>$CMDFILE

fi

    getucmd

fi

if [ "$ERROR" = "YES" ]
then
echo "------------------"
echo "| Notice Message |"
echo "------------------"
cat $ERRORMSG
exit
fi

cd $HOMEDIR
if [ ! -z "$HOSTLINE" ]
then
for line in $NEWHOSTLINE
do
#line="$HOSTLINE"
getline
done
if [ ! -z "$HOSTLIST" ]
then
echo "$0 -h and -f ARG only one can be set "
#echo ""
#print_help
exit
fi
else
if [ -z "$HOSTLIST" ]
then
echo "please set hostlist by use -h or -f ARG"
#echo ""
#print_help
exit
else
if [ ! -f "$HOSTLIST" ]
then
echo "Host list file $HOSTLIST is not found"
exit
fi
while read line
do
getline
done< $HOSTLIST
fi
fi

if [ "$SUDO" = "YES" ] && [ ! -z "$GROUP" ]
then
echo " -s | -g Only one can use"
exit
fi

    echo "-----------------"
    echo "| Add Command   |"
    echo "-----------------"
    cat $CMDFILE
    echo "-----------------"
    echo "| Add hostlist  |"
    echo "-----------------"
    cat $HOSTFILE
    echo ""

if [ "$TEST" == YES ]
then
echo "-------------------------------------"
echo "|Run for test,Just show addhost info|"
echo "-------------------------------------"
exit
fi
echo "----------------------"
echo "|Begin to add Account|"
echo "----------------------"

echo "$GSSHFILE $CMDFILE $HOSTFILE"
$GSSHFILE $CMDFILE $HOSTFILE |tee $RESULTFILE 2>&1
HC=cat $HOSTFILE|wc -l
SC=grep SUCCESS $RESULTFILE|grep -v mismatch|grep -v CMDERR |wc -l
FC=grep -E "FAILED|mismatch|CMDERR" $RESULTFILE|wc -l
echo "-----------------" >$ADDINFOFILE
echo "| Add Command |" >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
cat $CMDFILE >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
echo "| Add hostlist |" >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
cat $HOSTFILE >>$ADDINFOFILE
if [ $SC -gt 0 ]
then
echo ""
echo "**RESULT"
echo "All host Number is $HC , Success add host number=$SC"
echo "**RESULT"
#more $RESULTFILE
if [ $FC -gt 0 ]
then
echo ""
echo "*RESULT**"
echo "All host Number is $HC ,Failed host number is $FC "
echo "*
RESULT**"
echo ""
echo "Error list are fellow"
echo ""
cat $RESULTFILE|grep -E "FAILED|mismatch|CMDERR"|awk -F \" ‘{print $2 " \t \t |INFO: " $10}‘|sort -n -k 1
#more $RESULTFILE
fi
else
echo "All Account add failed ,Error list are fellow"
echo "
"
cat $RESULTFILE|grep -E "FAILED|mismatch|CMDERR"|awk -F \" ‘{print $2 " \t \t |INFO: " $10}‘|sort -n -k 1
fi

以上是关于帐号添加脚本的主要内容,如果未能解决你的问题,请参考以下文章

Django的安全攻击

linux批量新建用户帐号脚本

Unity中timeline出现脚本错误怎么解决

按键精灵 代码SayString 输入不了游戏登陆框 设置一个游戏登陆账号递增

常用python日期日志获取内容循环的代码片段

ASP.net MVC 代码片段问题中的 Jqgrid 实现