40 lines
1.1 KiB
Bash
Executable File
40 lines
1.1 KiB
Bash
Executable File
#!/bin/bash
|
|
USER=${1:-$USER}
|
|
USER_PW=${2-$USER_PW}
|
|
if [[ $USER ]]; then
|
|
echo "------- Adding USER: $USER ------"
|
|
source $LIB_DIR/verbose.lib
|
|
echo loading acl package
|
|
silence $INSTALL_PKGS acl
|
|
echo "------- Adding User: $USER ------"
|
|
groupadd -g 1001 $USER
|
|
useradd -rm -s /bin/bash -G host,$([[ $(getent group sudo) ]] && echo sudo || echo wheel) -g $USER -u 1001 $USER
|
|
echo $USER groups: $(groups $USER)
|
|
chpasswd <<< "sysadmin:${USER_PW:-$USER}"
|
|
# SUDOERS Setup
|
|
cat <<SUDO >> /etc/sudoers.d/01-sudo-wheel
|
|
Defaults lecture = never
|
|
%wheel ALL=(ALL:ALL) ALL
|
|
%sudo ALL=(ALL:ALL) ALL
|
|
SUDO
|
|
chmod 440 /etc/sudoers.d/01-sudo-wheel
|
|
cat <<USER >> /etc/sudoers.d/02-$USER
|
|
$USER ALL = NOPASSWD:/bin/chown
|
|
$USER ALL = NOPASSWD:/bin/chmod
|
|
USER
|
|
chmod 440 /etc/sudoers.d/02-$USER
|
|
if [[ -f $USER-permits ]]; then
|
|
echo "--- $USER-permits file supplied copying to /etc/sudoers.d ---"
|
|
cat $USER-permits
|
|
cat $USER-permits >> /etc/sudoers.d/02-$USER
|
|
fi
|
|
|
|
chmod g+rw /opt
|
|
setfacl -d --set u::rwx,g::rwx,o::- /opt
|
|
echo "done------- Adding USER: $USER ------"
|
|
fi
|
|
|
|
|
|
|
|
|