aherman
/
the-bastion
mirror of https://github.com/ovh/the-bastion
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: update undocumented rename-group.sh script

Browse Source
pull/398/head
Stéphane Lesimple 3 years ago committed by Stéphane Lesimple
parent d5dd119f83
commit 902508f7d1
1 changed files with 17 additions and 25 deletions
Show Stats Download Patch File Download Diff File

42
bin/admin/rename-group.sh
Unescape View File

@ -1,5 +1,7 @@
#! /usr/bin/env bash
# vim: set filetype=sh ts=4 sw=4 sts=4 et:
basedir=$(readlink -f "$(dirname "$0")"/../..)
from=$1
to=$2
@ -18,10 +20,11 @@ really_run_commands=0
_run()
{
local ret
if [ "$really_run_commands" = "1" ] ; then
echo "Executing: $*"
read -r ___
"$@"
"$@"; ret=$?
echo "... return code: $ret"
else
echo "DRY RUN: would execute: $*"
fi
@ -35,35 +38,21 @@ _run groupmod -n "key$to" "key$from"
getent passwd "key$from" >/dev/null || fail "user key$from doesn't exist"
getent passwd "key$to" >/dev/null && fail "user key$to already exists"
_run usermod -l "key$to" "key$from"
if getent group "key$from-gatekeeper" >/dev/null ; then
# key$from-gatekeeper might not exist if the group name was too long from the beginning
getent group "key$to-gatekeeper" >/dev/null && fail "group key$to-gatekeeper already exists"
_run groupmod -n "key$to-gatekeeper" "key$from-gatekeeper"
fi
if getent group "key$from-owner" >/dev/null ; then
# key$from-owner sometimes doesn't exist for old groups, so nevermind
getent group "key$to-owner" >/dev/null && fail "group key$to-owner already exists"
_run groupmod -n "key$to-owner" "key$from-owner"
fi
test -d "/home/key$from" || fail "directory /home/key$from doesn't exists"
test -d "/home/key$to" && fail "directory /home/key$to already exists"
_run mv -v "/home/key$from" "/home/key$to"
_run usermod -m -d /home/"key$to" -l "key$to" "key$from"
for suffix in gatekeeper aclkeeper owner; do
if getent group "key$from-$suffix" >/dev/null ; then
getent group "key$to-$suffix" >/dev/null && fail "group key$to-$suffix already exists"
_run groupmod -n "key$to-$suffix" "key$from-$suffix"
fi
done
test -d "/home/keykeeper/key$from" || fail "directory /home/keykeeper/key$from doesn't exists"
test -d "/home/keykeeper/key$to" && fail "directory /home/keykeeper/key$to already exists"
_run mv -v "/home/keykeeper/key$from" "/home/keykeeper/key$to"
if test -e "/etc/sudoers.d/osh-group-key$from" ; then
# if exists, will move it
test -e "/etc/sudoers.d/osh-group-key$to" && fail "file /etc/sudoers.d/osh-group-key$to already exists"
_run mv -v "/etc/sudoers.d/osh-group-key$from" "/etc/sudoers.d/osh-group-key$to"
_run sed -i -re "s/key$from/key$to/g" "/etc/sudoers.d/osh-group-key$to"
fi
keykeeper="/home/keykeeper/key$from"
[ "$really_run_commands" = "1" ] && keykeeper="/home/keykeeper/key$to"
# shellcheck disable=SC2044
@ -96,13 +85,16 @@ do
_run rm -vf "$fromfile"
_run ln -vs "/home/key$to/allowed.ip" "$tofile"
done
_run "$basedir"/bin/sudogen/generate-sudoers.sh create group "key$to"
_run "$basedir"/bin/sudogen/generate-sudoers.sh delete group "key$from"
}
really_run_commands=0
batchrun
echo
echo "OK to proceed ? (CTRL+C to abort). You'll still have to validate each commands I'm going to run"
echo "OK to proceed ? (CTRL+C to abort)"
# shellcheck disable=SC2034
read -r ___
really_run_commands=1

Write Preview
Loading…
Cancel
Save