315 lines
6.3 KiB
Plaintext
315 lines
6.3 KiB
Plaintext
|
#!/bin/bash
|
||
|
|
||
|
|
||
|
#################################################
|
||
|
## ##
|
||
|
## FTPsFTP ##
|
||
|
## function definitions ##
|
||
|
## ##
|
||
|
#################################################
|
||
|
|
||
|
|
||
|
# **** usage message ****
|
||
|
usage()
|
||
|
{
|
||
|
echo "usage: ftpsftp options
|
||
|
|
||
|
OPTIONS:
|
||
|
-h show this message
|
||
|
-s show stats (not yet implemented)
|
||
|
-a <username> add a user
|
||
|
-d <username> delete a user
|
||
|
-r <username> reset password for user
|
||
|
-q <username> (re)set the quota for user
|
||
|
-u update ftpsftp (pull from git)
|
||
|
-v show version information
|
||
|
|
||
|
"
|
||
|
}
|
||
|
|
||
|
|
||
|
# **** version message ****
|
||
|
version()
|
||
|
{
|
||
|
|
||
|
echo "FTPsFTP - standalone ftp/sftp server solution"
|
||
|
echo
|
||
|
echo "vesion: $version"
|
||
|
echo "author: $author"
|
||
|
echo
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
# **** am i root? ****
|
||
|
# this is now in bashlib
|
||
|
#amiroot()
|
||
|
#{
|
||
|
#if [ "$(whoami)" != "root" ]; then
|
||
|
# echo
|
||
|
# echo "sorry $USER, you need to gain root privileges to do this."
|
||
|
# echo
|
||
|
# exit 1;
|
||
|
#fi
|
||
|
#}
|
||
|
|
||
|
|
||
|
# **** ftpsftp update ****
|
||
|
update()
|
||
|
{
|
||
|
|
||
|
# checking for root privileges
|
||
|
amiroot
|
||
|
|
||
|
# pull updates from ftpsftp git repository
|
||
|
cd /opt/ftpsftp
|
||
|
git pull origin master
|
||
|
log info "update - ftpsftp was updated (maybe)"
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
# ***** calculating free quota *****
|
||
|
quotacalc()
|
||
|
{
|
||
|
|
||
|
local ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
|
||
|
local gblocks=$(repquota $quotamountpoint | grep 0 | awk '{print $4}')
|
||
|
set -- $gblocks
|
||
|
local quotacount=0
|
||
|
for var in "$@"; do
|
||
|
local quotacount=$(($quotacount+$var))
|
||
|
done
|
||
|
|
||
|
local gblocks=$quotacount
|
||
|
local fblocks=$(($ablocks-$gblocks))
|
||
|
local fsize=$((fblocks*1000/1024))
|
||
|
local fsize=${fsize:0:$((${#fsize}-3))}
|
||
|
|
||
|
# return result
|
||
|
echo $fsize
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
# **** set quota ****
|
||
|
quotaconf()
|
||
|
{
|
||
|
|
||
|
# checking for root privileges
|
||
|
amiroot
|
||
|
|
||
|
# checking if user exists
|
||
|
isuserthere $accname
|
||
|
|
||
|
# breaking up if user does not exist
|
||
|
if [ $? -eq "1" ]; then
|
||
|
echo "error: user does not exist."
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
# calculate free quota
|
||
|
local fsize=$(quotacalc)
|
||
|
|
||
|
local run="yes"
|
||
|
while [ $run = "yes" ]; do
|
||
|
echo "please specify quota for user $accname. (in megabytes)"
|
||
|
echo "maximum: $fsize"
|
||
|
read accquota
|
||
|
if [ -z "$accquota" ]; then
|
||
|
echo "this field is mandatory."
|
||
|
else
|
||
|
if [ $accquota -lt $fsize ]; then
|
||
|
local run="no"
|
||
|
else
|
||
|
echo "specified size too big or not a number. try again."
|
||
|
fi
|
||
|
fi
|
||
|
done
|
||
|
|
||
|
# set quota
|
||
|
accblockquota=$((accquota*1024))
|
||
|
setquota --all -u $accname $accblockquota $accblockquota 0 0
|
||
|
|
||
|
}
|
||
|
|
||
|
|
||
|
# **** check if user is already there or needs to be created ****
|
||
|
isuserthere()
|
||
|
{
|
||
|
|
||
|
id $accname &> /dev/null
|
||
|
if [ $? -eq "0" ]; then
|
||
|
return 0
|
||
|
else
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
}
|
||
|
|
||
|
##### user creation #####
|
||
|
add()
|
||
|
{
|
||
|
|
||
|
# am i root?
|
||
|
amiroot
|
||
|
|
||
|
# checking if user already exists
|
||
|
isuserthere
|
||
|
|
||
|
# breaking up if user already exists
|
||
|
if [ $? -eq "0" ]; then
|
||
|
echo "error: user already exists."
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
# choose ftp or sftp
|
||
|
echo "specify account type [sftp|ftp]"
|
||
|
read acctype
|
||
|
|
||
|
if [ $acctype = "sftp" ]; then
|
||
|
:
|
||
|
else
|
||
|
if [ $acctype = "ftp" ]; then
|
||
|
:
|
||
|
else
|
||
|
echo "i'm sorry, i need to break this up right now."
|
||
|
echo "it seams you can not understand some simple instructions."
|
||
|
exit 1
|
||
|
fi
|
||
|
fi
|
||
|
|
||
|
# read requester if configfile option is 1
|
||
|
while [ $trackrequester = "1" ]; do
|
||
|
echo "who orderd this account? (i'm tracking this for a greater good.)"
|
||
|
read accrequester
|
||
|
if [ -z "$accrequester" ]; then
|
||
|
echo "this field is mandatory."
|
||
|
else
|
||
|
trackrequester="notanymore"
|
||
|
fi
|
||
|
done
|
||
|
|
||
|
# set accport
|
||
|
if [ $acctype = "sftp" ]; then
|
||
|
local accport="22"
|
||
|
else
|
||
|
local accport="21"
|
||
|
fi
|
||
|
|
||
|
# get timestamp
|
||
|
local acctimestamp=$(date '+%d.%m.%Y %H:%M')
|
||
|
|
||
|
# create home, set its permissions and add the user to sftp/ftpgroup
|
||
|
if [ $acctype = "sftp" ]; then
|
||
|
mkdir -p $accpath/$acctype"_accounts"/$accname/data
|
||
|
# create the actual user (sftp)
|
||
|
useradd -d /data -M -U -s /usr/lib/sftp-server $accname
|
||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
|
||
|
usermod -G $sftpgroup $accname
|
||
|
else
|
||
|
mkdir -p $accpath/$acctype"_accounts"/$accname
|
||
|
# create the actual user (ftp)
|
||
|
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false $accname
|
||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
|
||
|
usermod -G $ftpgroup $accname
|
||
|
fi
|
||
|
|
||
|
# set password
|
||
|
local accpass=$(setpasswd)
|
||
|
|
||
|
# configure quota
|
||
|
quotaconf
|
||
|
|
||
|
# trigger logging
|
||
|
logging $acctype $accname $accpass $accquota $accrequester $acctimestamp
|
||
|
|
||
|
# print account data
|
||
|
echo
|
||
|
echo "account data"
|
||
|
echo
|
||
|
echo "host:" $acchost
|
||
|
echo "port:" $accport
|
||
|
echo "username:" $accname
|
||
|
echo "password:" $accpass
|
||
|
echo "quota:" $accquota"MB"
|
||
|
echo "directory:" $accpath/$acctype"_accounts"/$accname
|
||
|
echo "requester:" $accrequester
|
||
|
echo
|
||
|
|
||
|
}
|
||
|
|
||
|
# **** user deletion ****
|
||
|
delete()
|
||
|
{
|
||
|
|
||
|
# am i root?
|
||
|
amiroot
|
||
|
|
||
|
# checking if user exists
|
||
|
isuserthere
|
||
|
|
||
|
# breaking up if user does not exist
|
||
|
if [ $? -eq "1" ]; then
|
||
|
echo "error: user does not exist"
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
id -nG $accname | grep $sftpgroup &> /dev/null
|
||
|
if [ $? -eq "0" ]; then
|
||
|
deluser $accname &> /dev/null
|
||
|
rm -r $accpath/sftp_accounts/$accname
|
||
|
else
|
||
|
deluser $accname &> /dev/null
|
||
|
rm -r $accpath/ftp_accounts/$accname
|
||
|
fi
|
||
|
|
||
|
}
|
||
|
|
||
|
# **** generate password ****
|
||
|
setpasswd()
|
||
|
{
|
||
|
|
||
|
# checking if user exists
|
||
|
isuserthere
|
||
|
|
||
|
# breaking up if user does not exist
|
||
|
if [ $? -eq "1" ]; then
|
||
|
echo "error: user does not exist"
|
||
|
exit 1
|
||
|
fi
|
||
|
|
||
|
|
||
|
# generating password
|
||
|
local accpass=$(pwgen -snc 10 1)
|
||
|
echo $accpass > pass.txt
|
||
|
local accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 | awk '{print $2}')
|
||
|
rm pass.txt
|
||
|
|
||
|
# setting the password
|
||
|
usermod -p $accencpass $accname
|
||
|
|
||
|
# returning unencrypded password
|
||
|
echo $accpass
|
||
|
|
||
|
}
|
||
|
|
||
|
# **** logging ****
|
||
|
logging()
|
||
|
{
|
||
|
|
||
|
if [ $logging -eq "1" ]; then
|
||
|
echo $@ >> $acclogfile
|
||
|
fi
|
||
|
|
||
|
}
|
||
|
|
||
|
# **** statistics ****
|
||
|
stats()
|
||
|
{
|
||
|
|
||
|
echo "feature not yet implemented"
|
||
|
|
||
|
}
|
||
|
|