90 lines
3.0 KiB
Bash
90 lines
3.0 KiB
Bash
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
REMOTE_SCRIPT="remote_apply_changes.sh"
|
|
|
|
# Skriptvorlage mit Debugging
|
|
cat << 'EOF' > "$REMOTE_SCRIPT"
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
exec > >(tee -a /var/log/remote_apply_changes.log) 2>&1
|
|
set -x
|
|
|
|
# Sicherstellen, dass die erforderlichen Gruppen existieren
|
|
create_group_if_not_exists() {
|
|
local group_name="\$1"
|
|
local group_gid="\$2"
|
|
if ! getent group "\$group_name" > /dev/null; then
|
|
echo "Erstelle Gruppe: \$group_name mit GID \$group_gid"
|
|
groupadd --gid "\$group_gid" "\$group_name"
|
|
else
|
|
echo "Gruppe \$group_name existiert bereits."
|
|
fi
|
|
}
|
|
|
|
# Sicherstellen, dass der Benutzer existiert
|
|
create_or_update_user() {
|
|
local username="\$1"
|
|
local uid="\$2"
|
|
local password="\$3"
|
|
local primary_group="\$4"
|
|
local additional_groups="\$5"
|
|
|
|
if id "\$username" > /dev/null 2>&1; then
|
|
echo "Aktualisiere Benutzer: \$username"
|
|
usermod --uid "\$uid" --gid "\$primary_group" --groups "\$additional_groups" "\$username"
|
|
else
|
|
echo "Erstelle Benutzer: \$username"
|
|
useradd --uid "\$uid" --gid "\$primary_group" --groups "\$additional_groups" "\$username"
|
|
fi
|
|
echo "\$username:\$password" | chpasswd
|
|
}
|
|
|
|
# Gruppenänderungen anwenden
|
|
apply_group_changes() {
|
|
while read -r group_entry || [[ -n "\$group_entry" ]]; do
|
|
group_name=\$(echo "\$group_entry" | cut -d':' -f1)
|
|
group_gid=\$(echo "\$group_entry" | cut -d':' -f2)
|
|
group_status=\$(echo "\$group_entry" | cut -d':' -f3)
|
|
|
|
if [[ "\$group_status" == "aktiv" ]]; then
|
|
create_group_if_not_exists "\$group_name" "\$group_gid"
|
|
elif [[ "\$group_status" == "geloescht" ]]; then
|
|
if getent group "\$group_name" > /dev/null; then
|
|
echo "Lösche Gruppe: \$group_name"
|
|
groupdel "\$group_name"
|
|
fi
|
|
fi
|
|
done < <(grep -E '^[^#]' /etc/encrypted_users.list | awk '/^\[groups\]/ {skip=1; next} skip {print}')
|
|
}
|
|
|
|
# Benutzeränderungen anwenden
|
|
apply_user_changes() {
|
|
while read -r user_entry || [[ -n "\$user_entry" ]]; do
|
|
username=\$(echo "\$user_entry" | cut -d':' -f1)
|
|
uid=\$(echo "\$user_entry" | cut -d':' -f2)
|
|
password=\$(echo "\$user_entry" | cut -d':' -f3)
|
|
groups=\$(echo "\$user_entry" | cut -d':' -f4)
|
|
status=\$(echo "\$user_entry" | cut -d':' -f5)
|
|
|
|
if [[ "\$status" == "aktiv" ]]; then
|
|
primary_group="fileserver"
|
|
create_or_update_user "\$username" "\$uid" "\$password" "\$primary_group" "\$groups"
|
|
elif [[ "\$status" == "geloescht" ]]; then
|
|
if id "\$username" > /dev/null 2>&1; then
|
|
echo "Lösche Benutzer: \$username"
|
|
userdel -r "\$username"
|
|
fi
|
|
fi
|
|
done < <(grep -E '^[^#]' /etc/encrypted_users.list | awk '/^\[users\]/ {skip=1; next} skip {print}')
|
|
}
|
|
|
|
echo "Beginne Änderungen auf dem Server..."
|
|
apply_group_changes
|
|
apply_user_changes
|
|
echo "Änderungen abgeschlossen."
|
|
EOF
|
|
|
|
chmod +x "$REMOTE_SCRIPT"
|
|
echo "Remote-Skript $REMOTE_SCRIPT erfolgreich erstellt."
|