ovh/the-bastion
1
1
Fork 0
mirror of https://github.com/ovh/the-bastion.git synced 2025-01-06 15:31:56 +08:00
Code Issues Projects Releases Packages Wiki Activity
the-bastion/bin/admin/rename-group.sh
Stéphane Lesimple 902508f7d1 fix: update undocumented rename-group.sh script
2023-05-31 17:34:34 +02:00

102 lines
3 KiB
Bash
Executable file
Raw Blame History

#! /usr/bin/env bash
# vim: set filetype=sh ts=4 sw=4 sts=4 et:
basedir=$(readlink -f "$(dirname "$0")"/../..)
from=$1
to=$2
if [ -n "$3" ] || [ -z "$2" ] ; then
echo "Usage: $0 original_group_name new_group_name"
exit 2
fi
fail()
{
echo "Error, will not proceed: $*"
exit 1
}
really_run_commands=0
_run()
{
local ret
if [ "$really_run_commands" = "1" ] ; then
echo "Executing: $*"
"$@"; ret=$?
echo "... return code: $ret"
else
echo "DRY RUN: would execute: $*"
fi
}
batchrun()
{
getent group "key$from" >/dev/null || fail "group key$from doesn't exist"
getent group "key$to" >/dev/null && fail "group key$to already exists"
_run groupmod -n "key$to" "key$from"
getent passwd "key$from" >/dev/null || fail "user key$from doesn't exist"
getent passwd "key$to" >/dev/null && fail "user key$to already exists"
test -d "/home/key$from" || fail "directory /home/key$from doesn't exists"
test -d "/home/key$to" && fail "directory /home/key$to already exists"
_run usermod -m -d /home/"key$to" -l "key$to" "key$from"
for suffix in gatekeeper aclkeeper owner; do
if getent group "key$from-$suffix" >/dev/null ; then
getent group "key$to-$suffix" >/dev/null && fail "group key$to-$suffix already exists"
_run groupmod -n "key$to-$suffix" "key$from-$suffix"
fi
done
test -d "/home/keykeeper/key$from" || fail "directory /home/keykeeper/key$from doesn't exists"
test -d "/home/keykeeper/key$to" && fail "directory /home/keykeeper/key$to already exists"
_run mv -v "/home/keykeeper/key$from" "/home/keykeeper/key$to"
keykeeper="/home/keykeeper/key$from"
[ "$really_run_commands" = "1" ] && keykeeper="/home/keykeeper/key$to"
# shellcheck disable=SC2044
for key in $(find "$keykeeper"/ -type f -name "id_*$from*" ! -name "*.pub")
do
test -e "$key" || continue
test -e "$key.pub" || fail "file $key.pub doesn't exist"
keyto=$(echo "$key" | sed -re "s/(id_.*)$from/\\1$to/")
test -e "$keyto" && fail "file $keyto already exists"
test -e "$keyto.pub" && fail "file $keyto.pub already exists"
_run mv -v "$key" "$keyto"
_run mv -v "$key.pub" "$keyto.pub"
done
for account in /home/allowkeeper/*/
do
fromfile="$account/allowed.partial.$from"
tofile="$account/allowed.partial.$to"
test -e "$fromfile" || continue
test -e "$tofile" && fail "file $tofile already exists"
_run mv -v "$fromfile" "$tofile"
done
for account in /home/allowkeeper/*/
do
fromfile="$account/allowed.ip.$from"
tofile="$account/allowed.ip.$to"
test -L "$fromfile" || continue
test -e "$tofile" && fail "file $tofile already exists"
_run rm -vf "$fromfile"
_run ln -vs "/home/key$to/allowed.ip" "$tofile"
done
_run "$basedir"/bin/sudogen/generate-sudoers.sh create group "key$to"
_run "$basedir"/bin/sudogen/generate-sudoers.sh delete group "key$from"
}
really_run_commands=0
batchrun
echo
echo "OK to proceed ? (CTRL+C to abort)"
# shellcheck disable=SC2034
read -r ___
really_run_commands=1
batchrun
echo "Done."
Reference in a new issue View git blame Copy permalink