59 lines
1.6 KiB
Bash
Executable File
59 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
USER=${1:-$USER}
|
|
USER_PW=${2-$USER_PW}
|
|
UHID=${UHID:-1000}
|
|
|
|
if [[ $USER ]]; then
|
|
echo "------- Adding USER: $USER with ID: $UHID ------"
|
|
|
|
cat <<DOC >> /etc/login.defs
|
|
SYS_UID_MAX $UHID"
|
|
SYS_GID_MAX $UHID"
|
|
DOC
|
|
|
|
source $LIB_DIR/verbose.lib
|
|
# echo loading acl package
|
|
# silence $INSTALL_PKGS acl
|
|
groupadd -g $UHID $USER
|
|
# user passwords implies system (sudo) login user
|
|
if [[ $USER_PW ]]; then
|
|
echo "login system user being created"
|
|
useradd -rm -s /bin/bash -G $USER,$([[ $(getent group sudo) ]] && echo sudo || echo wheel) -g $USER -u $UHID $USER
|
|
echo $USER groups: $(groups $USER)
|
|
chpasswd <<< "${USER}:${USER_PW}"
|
|
|
|
# SUDOERS Setup
|
|
cat <<SUDO >> /etc/sudoers.d/01-sudo-wheel
|
|
Defaults lecture = never
|
|
%wheel ALL=(ALL:ALL) ALL
|
|
%sudo ALL=(ALL:ALL) ALL
|
|
SUDO
|
|
chmod 440 /etc/sudoers.d/01-sudo-wheel
|
|
|
|
cat <<USER >> /etc/sudoers.d/02-$USER
|
|
$USER ALL = NOPASSWD:/bin/chown
|
|
$USER ALL = NOPASSWD:/bin/chmod
|
|
USER
|
|
chmod 440 /etc/sudoers.d/02-$USER
|
|
if [[ -f $USER-permits ]]; then
|
|
echo "--- $USER-permits file supplied copying to /etc/sudoers.d ---"
|
|
cat $USER-permits
|
|
cat $USER-permits >> /etc/sudoers.d/02-$USER
|
|
fi
|
|
else
|
|
home_dir=$([[ $USER_HOME ]] && echo "$USER_HOME" || echo "/opt/user" )
|
|
mkdir -p $home_dir
|
|
useradd -s /sbin/nologin -G $USER -g $USER -u $UHID $USER -d $home_dir
|
|
chown $USER:$USER $home_dir
|
|
fi
|
|
# shellcheck enable=add-default-case
|
|
# chmod -R g+rw /opt
|
|
# setfacl -d --set u::rwx,g::rwx,o::- /opt
|
|
cat /etc/passwd | grep $USER
|
|
echo "done------- Adding USER: $USER ------"
|
|
fi
|
|
|
|
|
|
|
|
|