帐号添加脚本
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了帐号添加脚本相关的知识,希望对你有一定的参考价值。
#!/bin/sh#export LANG=zh_CN.GBK
#set -x
=================================================================================================================
Add account and group
Written by : majun
Release : 1.0
Creation date : 2012-4-4
=================================================================================================================
#
HISTORY :
Release | Date | Authors | Description
--------------+-----------------+---------------+----------------------------------------------------------------
1.0 | 04.04.12 | majun |
--------------+-----------------+---------------+----------------------------------------------------------------
1.1 | 05.10.12 | majun | Add user to mutli group
--------------+-----------------+---------------+----------------------------------------------------------------
1.2 | 05.11.12 | majun | Add group check command (id groupname)
| | | To avoid duplication user in sudo file
--------------+-----------------+---------------+----------------------------------------------------------------
1.3 | 05.14.12 | majun | Send email to use who never loginned to change pw
--------------+-----------------+---------------+----------------------------------------------------------------
1.4 | 08.30.12 | majun | Ldap useradd
--------------+-----------------+---------------+----------------------------------------------------------------
1.5 | 01.12.13 | majun | Ldap userdel
--------------+-----------------+---------------+----------------------------------------------------------------
1.6 | 04.24.13 | majun | Add lock user
--------------+-----------------+---------------+----------------------------------------------------------------
1.7 | 05.09.07 | majun | Can Add user to other group
--------------+-----------------+---------------+----------------------------------------------------------------
1.8 | 06.12.22 | majun | hostname include ‘-‘ conflict with regular like this [0-9]
--------------+-----------------+---------------+----------------------------------------------------------------
PASSFILE=/home/syn/passwd
SHADOWFILE=/home/syn/shadow
HOSTFILE=/var/tmp/${SUDO_USER}_user.list.date +%s
CMDFILE=/var/tmp/${SUDO_USER}_user.sh.date +%s
SARG=$1
USERARG=$2
GSSHFILE=/usr/local/sa/scripts/gssh.sh
TIMES=date +%s
ERRORMSG=/var/tmp/addacount_error
HOMEDIR=pwd
MAIL=YES
$HOSTFILE
$ERRORMSG
echo ‘#!/bin/sh‘ >$CMDFILE
echo ‘export LC_ALL=en_US.UTF-8‘ >>$CMDFILE
echo ‘export LANGUAGE=en_US.UTF-8‘ >>$CMDFILE
echo ‘export PATH=/sbin:/usr/sbin:/usr/local/sbin:/usr/kerberos/sbin:/usr/kerberos/bin:/usr/bin:/bin:/usr/local/bin‘ >>$CMDFILE
print_help(){
echo "Options:
-u
Account
Multiple accounts, split
-g
Special account
could game adplatform work ...
-s
Add use with sudo privileges.
-d
Delete user.
-l
Lock user.
-c
Update user info,If user not exist will be create.
-p
Update user passwd.
-h
hostname or ip
Multiple hostlist, split
-f
Hostfile will add account
-t
For run test
It will print addinfo
-m
Contact user to change default passwd auto.
--help
Print detailed help screen"
echo "Help example"
echo ""
echo "Add user"
echo " $0 -u majun -h r[01-04].dfs.bjt.qihoo.net,10.119.93.[11-12] -t"
echo "Add user with sudo"
echo " $0 -s -u majun,miaohongzhi -h r[01-04].dfs.bjt.qihoo.net "
echo "Add user with cloud"
echo " $0 -u majun,miaohongzhi -g cloud -f host.list"
echo "Add special account"
echo " $0 -g cloud -h r[01-04].dfs.bjt.qihoo.net "
exit 0
}
if [ $# = 0 ]
then
print_help
exit 0
fi
while [ $# -gt 0 ]; do
case "$1" in
-H | --help)
print_help
;;
-s | --sudo)
SUDO=YES
;;
-u | --user)
shift
USERS=$1
;;
-g | --group)
shift
GROUP=$1
;;
-f | --hostfile)
shift
HOSTLIST=$1
;;
-h | --host)
shift
HOSTLINE=$1
;;
-t | --test)
TEST=YES
;;
-m | --mail)
MAIL=YES
;;
-d | --del)
DEL=YES
;;
-l | --lock)
LOCK=YES
;;
-c | --change)
UPD=YES
;;
-p | --changepass)
UPDP=YES
;;
*) echo "Unknown argument: $1"
print_help
exit $STATE_UNKNOWN
;;
esac
shift
done
if [ ! -d /var/log/account/date +%Y%m
]
then
mkdir -p /var/log/account/date +%Y%m
fi
RESULTFILE=/var/log/account/date +%Y%m
/date +%Y%m%d
_${SUDO_USER}_AU=${USERS}AG=${GROUP}${TIMES}RESU
ADDINFOFILE=/var/log/account/date +%Y%m
/date +%Y%m%d
${SUDO_USER}_AU=${USERS}AG=${GROUP}${TIMES}_INFO
getline(){
if echo $line|grep -v -E "\[|\]" >>/dev/null
then
echo $line >>$HOSTFILE
else
a1=`echo $line |awk -F [ ‘{print $1}‘`
a2=`echo $line |awk -F ] ‘{print $2}‘`
n1=`echo $line |awk -F [ ‘{print $2}‘|awk -F \- ‘{print $1}‘`
n2=`echo $line |awk -F ] ‘{print $1}‘|awk -F \- ‘{print $NF}‘`
i=$n1
while [ "$i" -le "$n2" ]
do
if [ "${#i}" != "2" -o "$i" -gt 8 ]
then
echo "${a1}${i}${a2}" >>$HOSTFILE
i=`echo "$i + 1"|bc `
else
if [ $i == $n1 ]
then
echo ${a1}${i}${a2} >>$HOSTFILE
i=`echo "$i + 1"|bc `
i="0$i"
else
echo ${a1}${i}${a2}>>$HOSTFILE
i=`echo "$i + 1"|bc `
i="0$i"
fi
fi
done
fi
}
NEWUSER=echo $USERS|sed ‘s/,/ /g‘
NEWGROUP=echo $GROUP|sed ‘s/,/ /g‘
NEWHOSTLINE=echo $HOSTLINE|sed ‘s/,/ /g‘
LOGINUSER=echo $SUDO_USER
if [ ! -n "${LOGINUSER}" ]; then
LOGINUSER=/usr/bin/whoami
if [ "${LOGINUSER}" == "root" ]; then
echo "Cannot run commands directly as root! Please add username at the end of the command line"
exit 0
fi
fi
getucmd(){
for name in $NEWUSER
do
pwstring=grep ‘^‘$name‘:‘ $SHADOWFILE |awk -F‘:‘ ‘{print $2}‘
if [ "$DEL" != "YES" ] && [ "$LOCK" != "YES" ]
then
if [ grep ‘^‘$name‘:‘ $SHADOWFILE |wc -l
-eq 0 ]
then
ERROR=YES
echo "#Warning: User $name NOT FOUND!" >>$ERRORMSG
fi
if [ "$pwstring" == ‘$1$CXxqvrMo$WmxPVHULQfNzMBuR2GBKl1‘ ]
then
ERROR=YES
if [ $MAIL == YES ]
then
echo "#Warning: User $name password is by default" >> $ERRORMSG
echo "#Begin to send change passwd mailt to User $user"
/root/autotool/mail.sh $name
sleep 1
echo
echo "#mail send finished And CC to majun,gehailong,weijianjun check mail please "
else
echo "#Warning: User $name password is by default, Contact and change password." >>$ERRORMSG
fi
fi
fi
else
pwstring=`grep ‘^‘$name‘:‘ $SHADOWFILE |awk -F‘:‘ ‘{print $2}‘`
realname=`grep ‘^‘$name‘:‘ $SHADOWFILE |awk -F‘:‘ ‘{print $1}‘`
uid=`grep ‘^‘$name‘:‘ $PASSFILE |awk -F‘:‘ ‘{print $3}‘`
LinuxUserlock=$LinuxUserlock"/usr/bin/passwd -l $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
LinuxUserdel=$LinuxUserdel"/usr/sbin/userdel $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;sed -i \"/^$name ALL = (ALL) ALL$/d\" /etc/sudoers 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
FreebsdUserlock=$FreebsdUserlock"pw lock $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
FreebsdUserdel=$FreebsdUserdel"pw userdel $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;sed -i \"/^$name ALL = (ALL) ALL$/d\" /usr/local/etc/sudoers 2>> /dev/null 1>>/var/tmp/OK_\$TIMES;"
LdapUseradd=$LdapUseradd"if ! grep -qw $name /etc/pam.d/login_allow_users;then echo \"$name\" >>/etc/pam.d/login_allow_users;echo \"$name add Success\" >>/var/tmp/OK_\$TIMES;else echo \"$name already in white list\">>/var/tmp/ERR_\$TIMES;fi;"
LdapUserdel=$LdapUserdel"if grep -qw $name /etc/pam.d/login_allow_users;then sed -i \"/^$name$/d\" /etc/pam.d/login_allow_users;echo \"$name Del Success\" >>/var/tmp/OK_\$TIMES;else echo \"$name Not in white list\">>/var/tmp/ERR_\$TIMES;fi;"
LinuxUseradd=$LinuxUseradd"/usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
LinuxUseraddtog=$LinuxUseraddtog" if id "$name";then if grep -v ^$name: /etc/group|grep -w "$name" ;then usermod -a -G $GROUP "$name" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else usermod -G $GROUP "$name" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi ;else /usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘ "$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
FreebsdUseradd=$FreebsdUseradd"echo ‘"$pwstring"‘| pw useradd "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;"
LinuxUserupdate=$LinuxUserupdate"if id $name ;then /usr/sbin/usermod -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else /usr/sbin/useradd -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
#LinuxUserupdate=$LinuxUserupdate"if id $name ;then /usr/sbin/usermod -c \""$realname"\" -m -s /bin/bash -u "$uid" "$name" -p ‘"$pwstring"‘"$LG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
LinuxUserupdatep=$LinuxUserupdatep"if id $name >/dev/null 2>&1;then /usr/sbin/usermod -p ‘"$pwstring"‘ $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;getent shadow $name | awk -F : ‘{print \$2}‘ ;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
FreebsdUserupdate=$FreebsdUserupdate"if id $name ;then echo ‘"$pwstring"‘| pw usermod "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo ‘"$pwstring"‘| pw useradd "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;fi;"
#FreebsdUserupdate=$FreebsdUserupdate"if id $name ;then echo ‘"$pwstring"‘| pw usermod "$name" -s /bin/csh -m -c \""$realname"\" -u "$uid" -H 0"$FG" 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
FreebsdUserupdatep=$FreebsdUserupdatep"cp /etc/master.passwd /root/;/usr/sbin/pw user mod weijianjun -G wheel;/usr/sbin/pw user mod miaohongzhi -G wheel;if id $name >/dev/null 2>&1;then /usr/bin/chpass -p ‘$pwstring‘ $name 2>> /var/tmp/ERR_\$TIMES 1>>/var/tmp/OK_\$TIMES;/usr/bin/getent passwd $name| awk -F : ‘{print \$2}‘ ;else echo \"No user $name in this host\">> /var/tmp/ERR_\$TIMES ;fi;"
if [ "$SUDO" == YES ]
then
FreebsdSudo=$FreebsdSudo"if ! grep \"^$name ALL = (ALL) ALL\" /usr/local/etc/sudoers >/dev/null;then echo ‘"$name" ALL = (ALL) ALL‘ >> /usr/local/etc/sudoers;fi;"
fi
if [ "$SUDO" == YES ]
then
LinuxSudo=$LinuxSudo"if ! grep \"^$name ALL = (ALL) ALL\" /etc/sudoers >/dev/null;then echo ‘"$name" ALL = (ALL) ALL‘ >> /etc/sudoers;fi;"
fi
fi
done
#if [ "$FreebsdUseradd" = "" ] && [ "$LinuxUseradd" = "" ]; then
echo " "
exit
#fi
echo ‘TIMES=date +%s
‘ >>$CMDFILE
echo OStype=‘‘uname‘
‘ >>$CMDFILE
echo "if ! id ldaptest;then" >>$CMDFILE
echo if [ \$OStype = FreeBSD ]‘;‘ then >>$CMDFILE
echo "cp /usr/local/etc/sudoers /home/majun/sudosers_$TIMES" >>$CMDFILE
if [ "$LOCK" == "YES" ]
then
echo $FreebsdUserlock >>$CMDFILE
else
if [ "$DEL" == "YES" ]
then
echo $FreebsdUserdel >>$CMDFILE
else
if [ "$UPDP" == "YES" ]
then
echo $FreebsdUserupdatep >>$CMDFILE
else
if [ "$UPD" == "YES" ]
then
echo $FreebsdUserupdate >>$CMDFILE
else
echo "$FreebsdUseradd $FreebsdSudo" >>$CMDFILE
fi
fi
fi
fi
echo ‘else‘ >>$CMDFILE
echo "cp /etc/sudoers /home/majun/sudosers_$TIMES" >>$CMDFILE
if [ "$LOCK" == "YES" ]
then
echo $LinuxUserlock >>$CMDFILE
else
if [ "$DEL" == "YES" ]
then
echo $LinuxUserdel >>$CMDFILE
else
if [ "$UPDP" == "YES" ]
then
echo $LinuxUserupdatep >>$CMDFILE
else
if [ "$UPD" == "YES" ]
then
echo $LinuxUserupdate >>$CMDFILE
else
if [ ! -z $GROUP ]
then
echo "$LinuxUseraddtog $LinuxSudo" >>$CMDFILE
else
echo "$LinuxUseradd $LinuxSudo" >>$CMDFILE
fi
fi
fi
fi
fi
echo ‘fi‘ >>$CMDFILE
echo " " >>$CMDFILE
if [ "$DEL" != "YES" ]
then
for u in $NEWUSER
do
#echo "id $u 2>> /var/tmp/ERR\$TIMES 1>>/var/tmp/OK\$TIMES" >>$CMDFILE
echo "if id $u >/dev/null 2>&1; then" >>$CMDFILE
echo "id $u >>/var/tmp/OK\$TIMES" >>$CMDFILE
echo "else" >>$CMDFILE
echo "echo \"$u does not exist\" >> /var/tmp/ERR\$TIMES" >>$CMDFILE
echo "fi" >>$CMDFILE
done
fi
echo "else" >>$CMDFILE
if [ "$DEL" == "YES" ]
then
echo if [ \$OStype = FreeBSD ]‘;‘ then >>$CMDFILE
echo "$LdapUserdel $FreebsdSudo" >>$CMDFILE
echo "else" >>$CMDFILE
echo "$LdapUserdel $LinuxSudo" >>$CMDFILE
echo "fi" >>$CMDFILE
else
echo if [ \$OStype = FreeBSD ]‘;‘ then >>$CMDFILE
echo "$LdapUseradd $FreebsdSudo" >>$CMDFILE
echo "else" >>$CMDFILE
echo "$LdapUseradd $LinuxSudo" >>$CMDFILE
echo "fi" >>$CMDFILE
fi
echo "fi" >>$CMDFILE
echo ‘if [ -s "/var/tmp/ERR$TIMES" ] ‘ >>$CMDFILE
echo ‘then ‘ >>$CMDFILE
echo "if [ \$OStype = FreeBSD ] " >>$CMDFILE
echo ‘then‘ >>$CMDFILE
echo ‘ EMSG=`cat /var/tmp/ERR$TIMES‘ >>$CMDFILE<br/>echo ‘else‘ >>$CMDFILE<br/>echo ‘ EMSG=
cat /var/tmp/ERR$TIMES|xargs‘ >>$CMDFILE<br/>echo ‘fi‘ >>$CMDFILE<br/>echo ‘ EMSG="CMDERROR: $EMSG" ‘ >>$CMDFILE<br/>echo ‘fi ‘ >>$CMDFILE<br/>echo ‘OMSG=
cat /var/tmp/OK$TIMES|xargs`‘ >>$CMDFILE
echo ‘echo "$EMSG STDOUT:$OMSG" ‘ >>$CMDFILE
}
getgcmd(){
#if echo $GROUP |grep ‘,‘ && [ ! -z $USERS ]
#then
echo "Group name $GROUP is set , when add user to group ,only on group can be set"
exit
#fi
for group in $NEWGROUP
do
group=$NEWGROUP
cd /root/.speacc/
GID=`ls *_$group|awk -F \_ ‘{print $1}‘`
echo "if ! /usr/bin/id $group " >>$CMDFILE
echo "then " >>$CMDFILE
cat /root/.speacc/*_$group >>$CMDFILE 2>/dev/null
if [ $? != 0 ]
then
ERROR=YES
echo "Critical Group $group is not found" >>$ERRORMSG
fi
echo "fi" >>$CMDFILE
done
FG=" -G $GROUP"
LG=" -G $GROUP"
for g in $NEWGROUP
do
#echo "id $g" >>$CMDFILE
echo "if id $g >/dev/null 2>&1; then" >>$CMDFILE
echo "id $g" >>$CMDFILE
echo "else" >>$CMDFILE
echo "echo \"$g does not exist\" >> /var/tmp/ERR_\$TIMES" >>$CMDFILE
echo "fi" >>$CMDFILE
done
}
if [ ! -z $GROUP ]
then
echo ‘#!/bin/sh‘ >>$CMDFILE
getgcmd
fi
if [ ! -z $USERS ]
then
if [ -z $GROUP ]
then
echo ‘#!/bin/sh‘ >>$CMDFILE
fi
getucmd
fi
if [ "$ERROR" = "YES" ]
then
echo "------------------"
echo "| Notice Message |"
echo "------------------"
cat $ERRORMSG
exit
fi
cd $HOMEDIR
if [ ! -z "$HOSTLINE" ]
then
for line in $NEWHOSTLINE
do
#line="$HOSTLINE"
getline
done
if [ ! -z "$HOSTLIST" ]
then
echo "$0 -h and -f ARG only one can be set "
#echo ""
#print_help
exit
fi
else
if [ -z "$HOSTLIST" ]
then
echo "please set hostlist by use -h or -f ARG"
#echo ""
#print_help
exit
else
if [ ! -f "$HOSTLIST" ]
then
echo "Host list file $HOSTLIST is not found"
exit
fi
while read line
do
getline
done< $HOSTLIST
fi
fi
if [ "$SUDO" = "YES" ] && [ ! -z "$GROUP" ]
then
echo " -s | -g Only one can use"
exit
fi
echo "-----------------"
echo "| Add Command |"
echo "-----------------"
cat $CMDFILE
echo "-----------------"
echo "| Add hostlist |"
echo "-----------------"
cat $HOSTFILE
echo ""
if [ "$TEST" == YES ]
then
echo "-------------------------------------"
echo "|Run for test,Just show addhost info|"
echo "-------------------------------------"
exit
fi
echo "----------------------"
echo "|Begin to add Account|"
echo "----------------------"
echo "$GSSHFILE $CMDFILE $HOSTFILE"
$GSSHFILE $CMDFILE $HOSTFILE |tee $RESULTFILE 2>&1
HC=cat $HOSTFILE|wc -l
SC=grep SUCCESS $RESULTFILE|grep -v mismatch|grep -v CMDERR |wc -l
FC=grep -E "FAILED|mismatch|CMDERR" $RESULTFILE|wc -l
echo "-----------------" >$ADDINFOFILE
echo "| Add Command |" >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
cat $CMDFILE >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
echo "| Add hostlist |" >>$ADDINFOFILE
echo "-----------------" >>$ADDINFOFILE
cat $HOSTFILE >>$ADDINFOFILE
if [ $SC -gt 0 ]
then
echo ""
echo "**RESULT"
echo "All host Number is $HC , Success add host number=$SC"
echo "**RESULT"
#more $RESULTFILE
if [ $FC -gt 0 ]
then
echo ""
echo "*RESULT**"
echo "All host Number is $HC ,Failed host number is $FC "
echo "*RESULT**"
echo ""
echo "Error list are fellow"
echo ""
cat $RESULTFILE|grep -E "FAILED|mismatch|CMDERR"|awk -F \" ‘{print $2 " \t \t |INFO: " $10}‘|sort -n -k 1
#more $RESULTFILE
fi
else
echo "All Account add failed ,Error list are fellow"
echo ""
cat $RESULTFILE|grep -E "FAILED|mismatch|CMDERR"|awk -F \" ‘{print $2 " \t \t |INFO: " $10}‘|sort -n -k 1
fi
以上是关于帐号添加脚本的主要内容,如果未能解决你的问题,请参考以下文章