78 lines
2.8 KiB
Bash
78 lines
2.8 KiB
Bash
#!/bin/bash
|
|
|
|
set -euo pipefail
|
|
|
|
USER_LIST="/tmp/encrypted_users.list"
|
|
DECRYPTION_KEY="IhrGeheimerSchlüssel"
|
|
|
|
# Funktion: Datei prüfen
|
|
check_user_list_file() {
|
|
if [[ ! -f "$USER_LIST" ]]; then
|
|
echo "Benutzerliste $USER_LIST existiert nicht. Abbruch."
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
apply_group_changes() {
|
|
echo "Beginne Gruppenänderungen..."
|
|
while read -r group_entry; do
|
|
group_name=$(echo "$group_entry" | cut -d: -f1)
|
|
group_gid=$(echo "$group_entry" | cut -d: -f2)
|
|
group_status=$(echo "$group_entry" | cut -d: -f3)
|
|
|
|
if [[ "$group_status" == "aktiv" ]]; then
|
|
if ! getent group "$group_name" &>/dev/null; then
|
|
echo "Erstelle Gruppe: $group_name mit GID $group_gid"
|
|
groupadd --gid "$group_gid" "$group_name"
|
|
fi
|
|
elif [[ "$group_status" == "geloescht" ]]; then
|
|
if getent group "$group_name" &>/dev/null; then
|
|
echo "Lösche Gruppe: $group_name"
|
|
groupdel "$group_name"
|
|
fi
|
|
fi
|
|
done < <(awk '/^\[groups\]/ {skip=1; next} skip {print}' "$USER_LIST")
|
|
}
|
|
|
|
apply_user_changes() {
|
|
echo "Beginne Benutzeränderungen..."
|
|
while read -r user_entry; do
|
|
username=$(echo "$user_entry" | cut -d: -f1)
|
|
uid=$(echo "$user_entry" | cut -d: -f2)
|
|
password=$(echo "$user_entry" | cut -d: -f3)
|
|
groups=$(echo "$user_entry" | cut -d: -f4)
|
|
status=$(echo "$user_entry" | cut -d: -f5)
|
|
|
|
if [[ "$status" == "aktiv" ]]; then
|
|
primary_group="fileserver"
|
|
additional_groups=$(echo "$groups" | tr ',' '\n' | grep -v "$primary_group" | tr '\n' ',' | sed 's/,$//')
|
|
|
|
if ! id "$username" &>/dev/null; then
|
|
echo "Erstelle Benutzer: $username"
|
|
useradd --uid "$uid" --gid "$primary_group" --groups "$additional_groups" "$username"
|
|
|
|
# Passwort setzen mit chpasswd
|
|
echo "$username:$(echo "$password" | openssl enc -d -aes-256-cbc -base64 -pass pass:"$DECRYPTION_KEY")" | chpasswd
|
|
else
|
|
echo "Benutzer $username existiert bereits. Aktualisiere Gruppen und Passwort..."
|
|
usermod -g "$primary_group" -G "$additional_groups" "$username"
|
|
|
|
# Passwort aktualisieren
|
|
echo "$username:$(echo "$password" | openssl enc -d -aes-256-cbc -base64 -pass pass:"$DECRYPTION_KEY")" | chpasswd
|
|
fi
|
|
elif [[ "$status" == "geloescht" ]]; then
|
|
if id "$username" &>/dev/null; then
|
|
echo "Lösche Benutzer: $username"
|
|
userdel -r "$username"
|
|
fi
|
|
fi
|
|
done < <(awk '/^\[users\]/ {skip=1; next} skip {print}' "$USER_LIST")
|
|
}
|
|
|
|
echo "Beginne Änderungen auf dem Server..."
|
|
check_user_list_file
|
|
apply_group_changes
|
|
apply_user_changes
|
|
echo "Änderungen abgeschlossen."
|
|
|