2011-09-13 11:41:51 +02:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
# WARNING 1: probably contains bashisms galore. If you don't have bash,
|
|
|
|
# please install it.
|
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# NOTE 1: this script is run as root.
|
2011-09-13 11:41:51 +02:00
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# ------------------------------------------------------------------------------
|
2011-09-13 11:41:51 +02:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# BEGIN site-local changes
|
2011-09-13 11:41:51 +02:00
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# the full path to the new login shell to replace these users' existing shell
|
|
|
|
new_shell="/usr/local/bin/gl-shell"
|
2011-09-13 11:41:51 +02:00
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
my_chsh() {
|
|
|
|
# please replace with appropriate command for your OS/distro. This one is
|
|
|
|
# suitable at least for Fedora, maybe others also
|
|
|
|
chsh -s $new_shell $1 >&2
|
|
|
|
}
|
2011-09-13 11:41:51 +02:00
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# remove these 2 lines after you have done your customisation
|
|
|
|
[ -f /tmp/done.gl-shell-setup ] || { echo please customise $0 before using >&2; exit 1; }
|
2011-09-13 11:41:51 +02:00
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# END site-local changes
|
2011-09-13 11:41:51 +02:00
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
die() { echo "FATAL: $@" >&2; exit 1; }
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
euid=$(perl -e 'print $>')
|
|
|
|
if [ "$euid" = "0" ]
|
|
|
|
then
|
|
|
|
|
|
|
|
[ -n "$1" ] || die "need a valid username"
|
|
|
|
user=$1
|
|
|
|
id $user >/dev/null || die "need a valid username"
|
|
|
|
|
|
|
|
# now fix up the user's login shell
|
|
|
|
my_chsh $user
|
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
pubkey="$PWD/$user.pub"
|
|
|
|
[ -f "$pubkey" ] && {
|
|
|
|
echo "$user.pub already exists. Shell changed, exiting..." >&2
|
|
|
|
exit 0
|
|
|
|
}
|
|
|
|
|
2011-09-13 11:41:51 +02:00
|
|
|
# drat... 'cd ~$user` doesn't work...
|
|
|
|
cd $(bash -c "echo ~$user") || die "can't cd to $user's home directory"
|
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# now set up her rsa key, creating it if needed. This will get used if
|
|
|
|
# she comes in via password or without agent forwarding.
|
2011-09-13 11:41:51 +02:00
|
|
|
[ -d .ssh ] || {
|
|
|
|
mkdir .ssh
|
|
|
|
chown $user .ssh
|
|
|
|
chmod go-w .ssh
|
|
|
|
}
|
2011-11-15 12:47:16 +01:00
|
|
|
|
2011-09-13 11:41:51 +02:00
|
|
|
[ -f .ssh/id_rsa.pub ] || {
|
2011-11-15 12:47:16 +01:00
|
|
|
ssh-keygen -q -N "" -f .ssh/id_rsa >&2
|
2011-09-13 11:41:51 +02:00
|
|
|
chown $user .ssh/id_rsa .ssh/id_rsa.pub
|
|
|
|
chmod go-rw .ssh/id_rsa
|
|
|
|
chmod go-w .ssh/id_rsa.pub
|
|
|
|
}
|
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
# create alice.pub
|
|
|
|
cat .ssh/id_rsa.pub > $pubkey
|
2011-09-13 11:41:51 +02:00
|
|
|
|
|
|
|
exit 0
|
|
|
|
|
|
|
|
else
|
|
|
|
|
2011-11-15 12:47:16 +01:00
|
|
|
die "needs to run as root"
|
2011-09-13 11:41:51 +02:00
|
|
|
|
|
|
|
fi
|