#!/bin/bash set -ex THIS_DIR=$( cd "$( dirname "${BASH_SOURCE[0]:-${(%):-%x}}" )" && pwd ) touch_user() { test -n "$1" if id -u $1 1>/dev/null 2>&1; then return fi if ! getent group nasp ; then echo "Group 'nasp' does not exist\!" exit 1 fi adduser \ --shell /bin/bash \ --disabled-password \ --home /home/$1 \ --gecos "nasp member" \ $1 usermod -a -G nasp $1 mkdir -p /home2/$1 chown $1: /home2/$1 } update_key() { tmp_path="/tmp/authorized_keys_$1" dest_path="/home/$1/.ssh/authorized_keys" dest_dir=$(dirname "$dest_path") echo "# This file is autoly generated. Changes here will not work." > "$tmp_path" for file in $(find "$THIS_DIR/../authorized_keys/$1" -type f); do (echo "# key file: ${file#*authorized_keys/}";cat "$file"; echo) >> "$tmp_path" done if [[ ! -d "$dest_dir" ]]; then mkdir -p "$dest_dir" chown $1:$1 "$dest_dir" chmod 700 "$dest_dir" fi cat "$tmp_path" > "$dest_path" rm "$tmp_path" chown $1:$1 "$dest_path" chmod 600 "$dest_path" } main() { cp "$THIS_DIR/nasp" "/etc/sudoers.d/nasp" for file in "$THIS_DIR"/../authorized_keys/* ; do if [[ ! -d "$file" ]]; then continue fi username=$(basename $file) touch_user $username update_key $username done } main