programing
Script for disabling users (follow up for creating user)
Just to follow up on my Blog posting of the creating users script, I give you my script for disabling users (disabling etc may come to follow).. So without further a-do, here we go:
PATH=$PATH:/usr/local/bin:/usr/bin:/usr/sbin:/sbin
PGM=`basename $0`
if [ $(id -u) -eq 0 ]; then
# Logging information
DATESTAMP=`date +%Y%m%d`
TIMESTAMP=`date +%H%M%S`
LOGDIR=/var/log/$PGM
# Find out who I am
ME=`whoami`
while [ $# -ge 1 ] ; do
case $1 in
-h*)
echo “Use: $PGM account”
exit
;;
-*) die “$PGM: unknown option \”$1\”" ;;
*) USER_TO_DIS=$1 ;;
esac
shift
done
# If no user is defined we have to get one
while [ "$USER_TO_DIS" = "" ] ; do
echo -n “Who do you want to disable? “
read USER_TO_DIS || die “” 0
done
# check to be sure that the person has an account on the local machine
egrep -s “^${USER_TO_DIS}:” /etc/passwd >/dev/null
case $? in
0)
echo “Disabling from password file”
lockit passwd.lock
egrep -v “^${USER_TO_DIS}:” /tmp/passwd.tmp
egrep “^${USER_TO_DIS}:” /etc/passwd | \
awk -F: ‘{print $1 “:*DISABLED*:” $3 “:” $4 “:” $5 “:” $6 “:” $7}’ >>/tmp/passwd.tmp
ed /tmp/passwd.tmp <
w
q
EOF
cmp /etc/passwd /tmp/passwd.tmp >/dev/null
case $? in
0) rm /tmp/passwd.tmp ;;
*)
mv /tmp/passwd.tmp /etc/passwd
;;
esac
chmod a-w /etc/passwd
chmod a+r /etc/passwd
unlockit passwd.lock
;;
1)
echo “$PGM: $USER_TO_DIS Does not have an account on $HOST”
;;
esac
egrep -s “[:,]${USER_TO_DIS}$|[:,]${USER_TO_DIS},” /etc/group >/dev/null
case $? in
0)
echo “Disabling from group file”
lockit group.lock
sed -e “s/\([:,]\)${USER_TO_DIS},/\1X${USER_TO_DIS},/” \
-e “s/\([:,]\)${USER_TO_DIS}$/\1X${USER_TO_DIS}/” \
/tmp/group.tmp
cmp /etc/group /tmp/group.tmp >/dev/null
case $? in
0) rm /tmp/group.tmp ;;
*)
mv /tmp/group.tmp /etc/group
#/etc/dist/bin/mail-group
;;
esac
chmod a-w /etc/group
chmod a+r /etc/group
unlockit group.lock
;;
1)
echo “$PGM: $USER_TO_DIS Does not have a group entry on $HOST”
;;
esac
# remove any left over mail spool file
rm -f /var/mail/${USER_TO_DIS}
# insure log directory exists
test -d $LOGDIR || mkdir -p $LOGDIR
LOGFILE=$LOGDIR/$DATESTAMP
# log what we do
echo “$TIMESTAMP-$ME $USER_TO_DIS” >>$LOGFILE
exit
else
echo “Only root may run $PGM”
exit 2
fi
Please any feedback is quite helpful, and any input to make the script better is obviously welcomed. Later I’ll post up some stuff for quarterly changes, enabling disabled users, and a few other things I’ve been putting together lately. Hope this series will be helpful.
Search
Loading ...Powered by
Tags
10.3 11.0 11.1 apache bash beta bootchart codeweavers compiz drivers emerald emulation esx fat ass tomato man filesystems flash fonts gnome grub ibm kde kde4 kernel knoppix linux lotus notes lvm Microsoft nomad nvidia openoffice opensuse performance repositories review scripting security tech tutorial ubuntu user management VMWare windows wine workstationArchives
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- February 2008
- January 2008
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
Ben Kevan's Blog
- Connecting to Linux via RDP using NOMAD on openSUSE 11.1
- Red Hat (RHT) Profits Soar, is Novell (NOVL) Next?
- Dropping KDE 3.5 for openSUSE 11.2 isn’t really a bad thing
- 5 Days on openSUSE 11.1 was an early X-Mas present
- Unexpected Downtime
- Amarok 2.0 Final Released - Shipping with openSUSE 11.1
- PCLinuxOS 2009 Beta 2 - Review, Thoughts and Screenshots
- Opera 10.0 Alpha 1 on openSUSE 11.1 - Review
- Ding Dong the Emeralds Back Compiz
- 11.1 Build Service Repositories being Built