144 lines
6.1 KiB
Bash
144 lines
6.1 KiB
Bash
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
# Debugging aktivieren
|
|
DEBUG_LOG="debug_apply_changes.log"
|
|
exec > >(tee -a "$DEBUG_LOG") 2>&1
|
|
set -x
|
|
|
|
source ./data_utils.sh
|
|
|
|
apply_changes_to_system() {
|
|
initialize_user_list
|
|
|
|
echo "Starte Änderungen am System..." | tee -a "$DEBUG_LOG"
|
|
|
|
# GID der Gruppe "fileserver" ermitteln oder anlegen
|
|
fileserver_gid=$(getent group fileserver | cut -d':' -f3 || echo "")
|
|
if [[ -z "$fileserver_gid" ]]; then
|
|
echo "Erstelle primäre Gruppe 'fileserver' mit GID 1000" | tee -a "$DEBUG_LOG"
|
|
groupadd --gid 1000 fileserver
|
|
fileserver_gid=1000
|
|
fi
|
|
|
|
# Vorschau vorbereiten
|
|
changes_preview=""
|
|
group_changes_preview=""
|
|
user_changes_preview=""
|
|
|
|
# Gruppenänderungen analysieren
|
|
echo "Analysiere Gruppenänderungen..." | tee -a "$DEBUG_LOG"
|
|
while read -r group_entry || [[ -n "$group_entry" ]]; do
|
|
group_name=$(echo "$group_entry" | cut -d':' -f1)
|
|
group_gid=$(echo "$group_entry" | cut -d':' -f2)
|
|
group_status=$(echo "$group_entry" | cut -d':' -f3)
|
|
|
|
if [[ "$group_status" == "aktiv" ]]; then
|
|
if getent group "$group_name" > /dev/null; then
|
|
existing_gid=$(getent group "$group_name" | cut -d':' -f3)
|
|
if [[ "$existing_gid" != "$group_gid" ]]; then
|
|
group_changes_preview+="Korrigiere GID der Gruppe $group_name: $existing_gid -> $group_gid\n"
|
|
fi
|
|
else
|
|
group_changes_preview+="Erstelle Gruppe $group_name mit GID $group_gid\n"
|
|
fi
|
|
elif [[ "$group_status" == "geloescht" && "$group_name" != "fileserver" ]]; then
|
|
if getent group "$group_name" > /dev/null; then
|
|
group_changes_preview+="Lösche Gruppe $group_name\n"
|
|
fi
|
|
fi
|
|
done < <(read_groups)
|
|
|
|
# Benutzeränderungen analysieren
|
|
echo "Analysiere Benutzeränderungen..." | tee -a "$DEBUG_LOG"
|
|
while read -r user_entry || [[ -n "$user_entry" ]]; do
|
|
user_name=$(echo "$user_entry" | cut -d':' -f1)
|
|
user_uid=$(echo "$user_entry" | cut -d':' -f2)
|
|
user_password=$(echo "$user_entry" | cut -d':' -f3)
|
|
user_groups=$(echo "$user_entry" | cut -d':' -f4 | tr ',' ' ')
|
|
user_status=$(echo "$user_entry" | cut -d':' -f5)
|
|
|
|
if [[ "$user_status" == "aktiv" ]]; then
|
|
if id "$user_name" > /dev/null 2>&1; then
|
|
user_changes_preview+="Aktualisiere Benutzer $user_name\n"
|
|
else
|
|
user_changes_preview+="Erstelle Benutzer $user_name mit UID $user_uid und Gruppen $user_groups\n"
|
|
fi
|
|
elif [[ "$user_status" == "geloescht" ]]; then
|
|
if id "$user_name" > /dev/null 2>&1; then
|
|
user_changes_preview+="Lösche Benutzer $user_name\n"
|
|
fi
|
|
fi
|
|
done < <(read_users)
|
|
|
|
# Vorschau anzeigen
|
|
changes_preview="Gruppenänderungen:\n$group_changes_preview\nBenutzeränderungen:\n$user_changes_preview"
|
|
dialog --msgbox "$changes_preview" 20 70
|
|
|
|
# Bestätigung abfragen
|
|
dialog --yesno "Möchten Sie die Änderungen anwenden?" 10 30
|
|
if [[ $? -ne 0 ]]; then
|
|
echo "Änderungen abgebrochen." | tee -a "$DEBUG_LOG"
|
|
return
|
|
fi
|
|
|
|
echo "Wende Änderungen im System an..." | tee -a "$DEBUG_LOG"
|
|
|
|
# Gruppenänderungen anwenden
|
|
echo "Wende Gruppenänderungen an..." | tee -a "$DEBUG_LOG"
|
|
while read -r group_entry || [[ -n "$group_entry" ]]; do
|
|
group_name=$(echo "$group_entry" | cut -d':' -f1)
|
|
group_gid=$(echo "$group_entry" | cut -d':' -f2)
|
|
group_status=$(echo "$group_entry" | cut -d':' -f3)
|
|
|
|
if [[ "$group_status" == "aktiv" ]]; then
|
|
if getent group "$group_name" > /dev/null; then
|
|
existing_gid=$(getent group "$group_name" | cut -d':' -f3)
|
|
if [[ "$existing_gid" != "$group_gid" ]]; then
|
|
echo "Korrigiere GID der Gruppe $group_name: $existing_gid -> $group_gid" | tee -a "$DEBUG_LOG"
|
|
groupmod --gid "$group_gid" "$group_name"
|
|
fi
|
|
else
|
|
echo "Erstelle Gruppe $group_name mit GID $group_gid" | tee -a "$DEBUG_LOG"
|
|
groupadd --gid "$group_gid" "$group_name"
|
|
fi
|
|
elif [[ "$group_status" == "geloescht" && "$group_name" != "fileserver" ]]; then
|
|
if getent group "$group_name" > /dev/null; then
|
|
echo "Lösche Gruppe $group_name" | tee -a "$DEBUG_LOG"
|
|
groupdel "$group_name"
|
|
fi
|
|
fi
|
|
done < <(read_groups)
|
|
|
|
# Benutzeränderungen anwenden
|
|
echo "Wende Benutzeränderungen an..." | tee -a "$DEBUG_LOG"
|
|
while read -r user_entry || [[ -n "$user_entry" ]]; do
|
|
user_name=$(echo "$user_entry" | cut -d':' -f1)
|
|
user_uid=$(echo "$user_entry" | cut -d':' -f2)
|
|
user_password=$(echo "$user_entry" | cut -d':' -f3)
|
|
user_groups=$(echo "$user_entry" | cut -d':' -f4 | tr ',' ' ')
|
|
user_status=$(echo "$user_entry" | cut -d':' -f5)
|
|
|
|
if [[ "$user_status" == "aktiv" ]]; then
|
|
if id "$user_name" > /dev/null 2>&1; then
|
|
echo "Aktualisiere Benutzer $user_name" | tee -a "$DEBUG_LOG"
|
|
usermod --uid "$user_uid" --gid "$fileserver_gid" --groups "$(echo "$user_groups" | tr ' ' ',')" "$user_name"
|
|
echo "$user_name:$(echo "$user_password" | openssl enc -aes-256-cbc -d -base64 -k "$DECRYPTION_KEY")" | chpasswd
|
|
else
|
|
echo "Erstelle Benutzer $user_name mit UID $user_uid und Gruppen $user_groups" | tee -a "$DEBUG_LOG"
|
|
useradd --uid "$user_uid" --gid "$fileserver_gid" --groups "$(echo "$user_groups" | tr ' ' ',')" "$user_name"
|
|
echo "$user_name:$(echo "$user_password" | openssl enc -aes-256-cbc -d -base64 -k "$DECRYPTION_KEY")" | chpasswd
|
|
fi
|
|
elif [[ "$user_status" == "geloescht" ]]; then
|
|
if id "$user_name" > /dev/null 2>&1; then
|
|
echo "Lösche Benutzer $user_name" | tee -a "$DEBUG_LOG"
|
|
userdel -r "$user_name"
|
|
fi
|
|
fi
|
|
done < <(read_users)
|
|
|
|
echo "Änderungen erfolgreich angewendet." | tee -a "$DEBUG_LOG"
|
|
}
|
|
|
|
apply_changes_to_system
|