mirror of
https://github.com/ovh/the-bastion.git
synced 2025-01-09 00:44:49 +08:00
8d2aaf8d8f
Fixes #202
37 lines
1.3 KiB
Bash
Executable file
37 lines
1.3 KiB
Bash
Executable file
#! /usr/bin/env bash
|
|
# vim: set filetype=sh ts=4 sw=4 sts=4 et:
|
|
set -e
|
|
|
|
basedir=$(readlink -f "$(dirname "$0")"/../..)
|
|
# shellcheck source=lib/shell/functions.inc
|
|
. "$basedir"/lib/shell/functions.inc
|
|
|
|
if [ -z "$2" ] || [ -n "$3" ]; then
|
|
echo "Usage: $0 <NAME> <UID>"
|
|
echo "Note: UID can be the special value 'AUTO'"
|
|
exit 1
|
|
fi
|
|
|
|
if [ "$2" = AUTO ] || [ "$2" = auto ]; then
|
|
USER=root HOME=/root "$basedir/bin/plugin/restricted/accountCreate" '' '' '' '' --uid-auto --account "$1"
|
|
else
|
|
USER=root HOME=/root "$basedir/bin/plugin/restricted/accountCreate" '' '' '' '' --uid "$2" --account "$1"
|
|
fi
|
|
|
|
"$basedir"/bin/admin/grant-all-restricted-commands-to.sh "$1"
|
|
|
|
add_user_to_group_compat "$1" "osh-admin"
|
|
|
|
configline=$(BASEDIR="$basedir" ACCOUNT="$1" perl -e '
|
|
use lib $ENV{BASEDIR}."/lib/perl";
|
|
use JSON;
|
|
use OVH::Bastion;
|
|
my $C = OVH::Bastion::load_configuration();
|
|
if (!$C->value || ref $C->value->{adminAccounts} ne "ARRAY") { die "Could not add $ENV{ACCOUNT} in \"adminAccounts\" of bastion.conf, please do it manually!"; }
|
|
push @{ $C->value->{adminAccounts} }, $ENV{ACCOUNT};
|
|
print encode_json($C->value->{adminAccounts});
|
|
')
|
|
|
|
if [ -n "$configline" ]; then
|
|
sed_compat 's/^"adminAccounts": .*/"adminAccounts": '"$configline"',/' "$BASTION_ETC_DIR/bastion.conf"
|
|
fi
|