mirror of
https://github.com/ChrisTitusTech/linutil.git
synced 2024-12-24 12:29:44 +00:00
feat: Add User Manager (#393)
* Add User Control Panel * Fix non posix * Split script * Update userguide.md * Update utility_functions.sh * Remove clear * Add checkEnv
This commit is contained in:
parent
265fbbbd54
commit
f64fa2bd12
|
@ -30,3 +30,11 @@
|
|||
## Security Features
|
||||
|
||||
- **Firewall Baselines**: Sets up firewall rules.
|
||||
|
||||
## Utilities
|
||||
|
||||
- **Monitor Control**: Controls monitor settings on X11.
|
||||
- **Bluetooth Control**: Controls Bluetooth settings.
|
||||
- **Wifi Control**: Controls WiFi settings.
|
||||
- **Numlock Control**: Sets up Numlock on boot.
|
||||
- **User Account Manager**: Manage users and groups.
|
||||
|
|
|
@ -112,4 +112,27 @@ matches = true
|
|||
[[data.entries]]
|
||||
name = "Set Brightness"
|
||||
script = "monitor-control/set_brightness.sh"
|
||||
matches = true
|
||||
matches = true
|
||||
|
||||
[[data]]
|
||||
name = "User Account Manager"
|
||||
|
||||
[[data.entries]]
|
||||
name = "Add User"
|
||||
script = "user-account-manager/add_user.sh"
|
||||
|
||||
[[data.entries]]
|
||||
name = "Change Password"
|
||||
script = "user-account-manager/change_password.sh"
|
||||
|
||||
[[data.entries]]
|
||||
name = "Delete User"
|
||||
script = "user-account-manager/delete_user.sh"
|
||||
|
||||
[[data.entries]]
|
||||
name = "Add User To Groups"
|
||||
script = "user-account-manager/add_to_group.sh"
|
||||
|
||||
[[data.entries]]
|
||||
name = "Remove User From Groups"
|
||||
script = "user-account-manager/remove_from_group.sh"
|
35
tabs/utils/user-account-manager/add_to_group.sh
Executable file
35
tabs/utils/user-account-manager/add_to_group.sh
Executable file
|
@ -0,0 +1,35 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. ../../common-script.sh
|
||||
. ./utility_functions.sh
|
||||
|
||||
clear
|
||||
printf "%b\n" "${YELLOW}Add to group${RC}"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
username=$(promptUsername "" "non-root") || exit 1
|
||||
user_groups=$(groups "$username" | cut -d: -f2 | sort | tr '\n' ' ')
|
||||
|
||||
printf "%b\n" "${YELLOW}Groups user $username is in:${RC} $user_groups"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
available_groups=$(cut -d: -f1 /etc/group | sort | tr '\n' ' ')
|
||||
|
||||
printf "%b\n" "${YELLOW}Available groups:${RC} $available_groups"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
read -p "Enter the groups you want to add user $username to (space-separated): " groups
|
||||
|
||||
checkEmpty "$groups" || exit 1
|
||||
checkGroupAvailabe "$groups" "$available_groups" || exit 1
|
||||
|
||||
groups_to_add=$(echo "$groups" | tr ' ' ',')
|
||||
|
||||
read -p "Are you sure you want to add user $username to $groups_to_add? [Y/N]: " confirm
|
||||
confirmAction || exit 1
|
||||
|
||||
$ESCALATION_TOOL usermod -aG $groups_to_add "$username"
|
||||
|
||||
printf "%b\n" "${GREEN}User successfully added to the $groups_to_add${RC}"
|
||||
|
||||
checkEnv
|
26
tabs/utils/user-account-manager/add_user.sh
Executable file
26
tabs/utils/user-account-manager/add_user.sh
Executable file
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. ../../common-script.sh
|
||||
. ./utility_functions.sh
|
||||
|
||||
clear
|
||||
printf "%b\n" "${YELLOW}Create a new user${RC}"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
username=$(promptUsername "add" "non-root") || exit 1
|
||||
|
||||
# Check if username is valid
|
||||
if ! echo "$username" | grep '^[a-z][-a-z0-9_]*$' > /dev/null; then
|
||||
printf "%b\n" "${RED}Username must only contain letters, numbers, hyphens, and underscores. It cannot start with a number or contain spaces.${RC}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
password=$(promptPassword) || exit 1
|
||||
|
||||
$ESCALATION_TOOL useradd -m "$username" -g users -s /bin/bash
|
||||
echo "$username:$password" | $ESCALATION_TOOL chpasswd
|
||||
|
||||
printf "%b\n" "${GREEN}User $username created successfully${RC}"
|
||||
printf "%b\n" "${GREEN}To add additional groups use Add User To Groups${RC}"
|
||||
|
||||
checkEnv
|
19
tabs/utils/user-account-manager/change_password.sh
Executable file
19
tabs/utils/user-account-manager/change_password.sh
Executable file
|
@ -0,0 +1,19 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. ../../common-script.sh
|
||||
. ./utility_functions.sh
|
||||
|
||||
clear
|
||||
printf "%b\n" "${YELLOW}Change password${RC}"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
username=$(promptUsername "" "root") || exit 1
|
||||
password=$(promptPassword) || exit 1
|
||||
|
||||
read -p "Are you sure you want to change password for $username? [Y/N]: " confirm
|
||||
confirmAction || exit 1
|
||||
|
||||
echo "$username:$password" | $ESCALATION_TOOL chpasswd
|
||||
printf "%b\n" "${GREEN}Password changed successfully${RC}"
|
||||
|
||||
checkEnv
|
26
tabs/utils/user-account-manager/delete_user.sh
Executable file
26
tabs/utils/user-account-manager/delete_user.sh
Executable file
|
@ -0,0 +1,26 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. ../../common-script.sh
|
||||
. ./utility_functions.sh
|
||||
|
||||
clear
|
||||
printf "%b\n" "${YELLOW}Delete a user${RC}"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
username=$(promptUsername "" "non-root") || exit 1
|
||||
|
||||
# Check if current user
|
||||
if [ "$username" = "$USER" ]; then
|
||||
printf "%b\n" "${RED}Cannot delete the current user${RC}"
|
||||
printf "%b\n" "${RED}Press [Enter] to continue...${RC}"
|
||||
read dummy
|
||||
return
|
||||
fi
|
||||
|
||||
read -p "Are you sure you want to delete user $username? [Y/N]: " confirm
|
||||
confirmAction || exit 1
|
||||
|
||||
$ESCALATION_TOOL userdel --remove "$username" 2>/dev/null
|
||||
printf "%b\n" "${GREEN}User $username deleted successfully${RC}"
|
||||
|
||||
checkEnv
|
30
tabs/utils/user-account-manager/remove_from_group.sh
Executable file
30
tabs/utils/user-account-manager/remove_from_group.sh
Executable file
|
@ -0,0 +1,30 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. ../../common-script.sh
|
||||
. ./utility_functions.sh
|
||||
|
||||
clear
|
||||
printf "%b\n" "${YELLOW}Remove from group${RC}"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
username=$(promptUsername "" "non-root") || exit 1
|
||||
user_groups=$(groups "$username" | cut -d: -f2 | sort | tr '\n' ' ')
|
||||
|
||||
printf "%b\n" "${YELLOW}Groups user $username is in:${RC} $user_groups"
|
||||
printf "%b\n" "${YELLOW}=================${RC}"
|
||||
|
||||
read -p "Enter the groups you want to remove user from $username (space-separated): " groups
|
||||
|
||||
checkEmpty "$groups" || exit 1
|
||||
checkGroupAvailabe "$groups" "$user_groups" || exit 1
|
||||
|
||||
groups_to_remove=$(echo "$groups" | tr ' ' ',')
|
||||
|
||||
read -p "Are you sure you want to remove user $username from $groups_to_remove? [Y/N]: " confirm
|
||||
confirmAction || exit 1
|
||||
|
||||
$ESCALATION_TOOL usermod -rG $groups_to_remove "$username"
|
||||
|
||||
printf "%b\n" "${GREEN}User successfully removed from $groups_to_remove${RC}"
|
||||
|
||||
checkEnv
|
100
tabs/utils/user-account-manager/utility_functions.sh
Executable file
100
tabs/utils/user-account-manager/utility_functions.sh
Executable file
|
@ -0,0 +1,100 @@
|
|||
#!/bin/sh -e
|
||||
|
||||
. ../../common-script.sh
|
||||
|
||||
# Prompt for username
|
||||
promptUsername() {
|
||||
read -p "Enter the username: " username
|
||||
|
||||
checkEmpty "$username";
|
||||
|
||||
if [ "$1" = "add" ]; then
|
||||
checkUserExistence "$username" "$1"
|
||||
else
|
||||
checkUserExistence "$username" "$1"
|
||||
checkReservedUsername "$username" "$2"
|
||||
fi
|
||||
echo "$username"
|
||||
}
|
||||
|
||||
|
||||
# Prompt for password
|
||||
promptPassword() {
|
||||
stty -echo
|
||||
read -p "Enter the password (PASSWORD IS HIDDEN): " password1
|
||||
echo >&2
|
||||
read -p "Re-enter the password (PASSWORD IS HIDDEN): " password2
|
||||
echo >&2
|
||||
stty echo
|
||||
|
||||
if ! checkEmpty "$password1"; then
|
||||
promptPassword
|
||||
fi
|
||||
|
||||
if [ "$password1" != "$password2" ]; then
|
||||
printf "%b\n" "${RED}Passwords do not match${RC}" >&2
|
||||
promptPassword
|
||||
else
|
||||
echo $password1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check if input is empty
|
||||
checkEmpty() {
|
||||
if [ -z "$1" ]; then
|
||||
printf "%b\n" "${RED}Empty value is not allowed${RC}" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check if user exists
|
||||
checkUserExistence() {
|
||||
if [ "$2" = "add" ]; then
|
||||
if id "$1" > /dev/null 2>&1; then
|
||||
printf "%b\n" "${RED}User already exists${RC}" >&2
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
if ! id "$1" > /dev/null 2>&1; then
|
||||
printf "%b\n" "${RED}User does not exist${RC}" >&2
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Check if user is reserved
|
||||
checkReservedUsername() {
|
||||
uid=$(id -u "$1")
|
||||
if [ "$2" = "root" ]; then
|
||||
if [ "$uid" -le 999 ] && [ "$uid" -ne 0 ]; then
|
||||
printf "%b\n" "${RED}Cannot modify system users${RC}" >&2
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
if [ "$(id -u "$1")" -le 999 ]; then
|
||||
printf "%b\n" "${RED}Cannot modify system users${RC}" >&2
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# Check if user is reserved
|
||||
confirmAction() {
|
||||
if [ "$confirm" != "y" ] && [ "$confirm" != "Y" ]; then
|
||||
printf "%b\n" "${RED}Cancelled operation...${RC}" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
# Check if group is available
|
||||
checkGroupAvailabe() {
|
||||
for group in $1; do
|
||||
if ! echo "$2" | grep -wq "$group"; then
|
||||
printf "%b\n" "${RED}Group $group not avaiable${RC}" >&2
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
checkEnv
|
||||
checkEscalationTool
|
Loading…
Reference in New Issue
Block a user