david/scripts
david
/
scripts
1
1
Fork 0
Code

added old ftpsftp scripts

This commit is contained in:
david 2013-06-06 10:52:30 +02:00
parent eeab75b35b
commit 89500d6376
7 changed files with 1568 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
ftpsftp/README.please Normal file
View File

@ -0,0 +1,33 @@
attention: the install procedure is broke at the moment..
## why are some variables defined in the configfile and some directly in the script?
the vars in the configfile are specific to your installation and can or should be changed. everything defined directly in the script should remain the same for every installation.
## features wanted
info option (or some sort of stats)
-- ftp user count
-- sftp user count
-- used disk space
-- used disk space by user
-- free disk space
-- free quota
-- quotamountpoint
## functions
quotacalc ... gives back the free megabytes on the storage
quotaconf ... sets the quota for existing user
isuserthere ... checks if user exists or asks to create it
amiroot ... checks if there are root privileges (ends scripts if not)
update ... pulls updates from ftpsftp git repository
version ... prints version information
usage ... prints usage message
add ... adding a new user
delete ... delete an existing user
contact me if you have any questions: david@socialnerds.org

173
ftpsftp/archive/addaccount_v0.2.sh Normal file
View File

@ -0,0 +1,173 @@
#!/bin/bash
############################################
## ##
## FTP/sFTP Account Creation Script ##
## v0.2 ##
## Author: david@socialnerds.org ##
## ##
############################################
## script configuration section ##
accpath="/media/storage"
acchost="some.domain.org" # the dns name where your sever is reachable
sftpgroup="sftpusers" # this group must exist
trackrequester="yes" # switch to "no" if you do not want to track the requester
logging=1 # set this to 0 if you don't want any logging
logpath="/media/storage/logs" # there you want to create your logfile
logfile="accounts.log" # choose the logfile name here
jabberlog=1 # set this to 0 if you don't want jabber notifications
## following ist not necessary if jabberlog=0
jabberwatchdogs="admin@somedomain.org admin@someotherdomain.org"
jabberuser="jabber-account"
jabberserver="jabber-server"
jabberpass="jabber-account-password"
## am i root? ##
if [ "$(whoami)" != "root" ]; then
echo "only root can do this"
exit 1;
fi
## check for dependencys ##
# not yet implemented (sendxmpp, ssh, vsftpd, ..)
#clear
echo "" # just an empty line
echo "Welcome to the FTP/sFTP Account Creation Script (v0.2)"
## choose ftp or sftp
echo ""
echo "Which type of account you want to create? [sftp|ftp]"
read acctype
if [ $acctype = "sftp" ]; then
echo ""
else
if [ $acctype = "ftp" ]; then
echo ""
else
#clear
echo "I'm sorry, i need to break this up right now."
echo "It seams you can't understand some simple instructions.."
exit 1;
fi
fi
if [ -z $1 ]; then
needaccname="yes"
while [ $needaccname = "yes" ]; do
echo ""
echo "Enter Accountname:"
read accname
if [ -z $accname ]; then
echo "This field is mandatory."
else
needaccname="notanymore"
fi
done
else
accname=$1
fi
## quota
accquota="quota not yet implemented"
## requester
while [ $trackrequester = "yes" ]; do
echo ""
echo "Who orderd this account? (I'm tracking this for a greater good.)"
read accrequester
if [ -z "$accrequester" ]; then
echo "This field is mandatory."
else
trackrequester="notanymore"
fi
done
## set $accport
if [ $acctype = "sftp" ]; then
accport="22"
else
accport="21"
fi
## get timestamp
acctimestamp=$(date '+%dr%B %Y %H:%M')
## gen password (acpass)
accpass=$(pwgen -snc 10 1)
echo $accpass > pass.txt
accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 |awk '{print $2}')
rm pass.txt
## create home, set its permissions and add the user to sftp/ftpgroup
if [ $acctype = "sftp" ]; then
mkdir -p $accpath/$acctype"_accounts"/$accname/data
# create the actual user (sftp)
useradd -d /data -M -U -s /usr/lib/sftp-server -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
adduser $accname $sftpgroup
else
mkdir -p $accpath/$acctype"_accounts"/$accname
# create the actual user (ftp)
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
echo $accname >> /etc/vsftpd.user_list
fi
## logging (log type, name, pass, quota, requester and timestamp)
if [ $logging = 1 ]; then
if [ -e $logpath/$logfile ]; then
cd $logpath
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
else
mkdir -p $logpath
cd $logpath
touch $logfile
echo "type name pass quota reguester timestamp" >> $logfile
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
fi
else
echo ""
fi
## jabber notification
if [ $jabberlog = 1 ]; then
echo "
This is your FTP/sFTP Server,
a "$acctype" account was just created.
Accountname:" $accname "
Quota:" $accquota "
Requester:" $accrequester | sendxmpp -r ftpcreation -u $jabberuser -j $jabberserver -p $jabberpass $jabberwatchdogs
else
echo ""
fi
## account data output
#clear
echo ""
echo "Account data"
echo ""
echo "Host:" $acchost
echo "Port:" $accport
echo "Username:" $accname
echo "Password:" $accpass
echo "Quota:" $accquota
echo "Directory:" $accpath/$acctype"_accounts"/$accname
echo "Requester:" $accrequester
echo ""
echo "Everything is done"
exit 0

215
ftpsftp/archive/addaccount_v0.3.sh Normal file
View File

@ -0,0 +1,215 @@
#!/bin/bash
############################################
## ##
## FTP/sFTP Account Creation Script ##
## v0.3 ##
## Author: david@socialnerds.org ##
## ##
############################################
## script configuration section ##
accpath="/srv/storage"
quotamountpoint="/srv/storage"
acchost="some.domain.org" # the dns name where your sever is reachable
sftpgroup="sftpusers" # this group must exist
trackrequester="yes" # switch to "no" if you do not want to track the requester
logging=1 # set this to 0 if you don't want any logging
logpath="/media/storage/logs" # there you want to create your logfile
logfile="accounts.log" # choose the logfile name here
jabberlog=0 # set this to 0 if you don't want jabber notifications
maillog=0
## following ist not necessary if jabberlog=0
jabberwatchdogs="admin@somedomain.org admin@someotherdomain.org"
jabberuser="jabber-account"
jabberserver="jabber-server"
jabberpass="jabber-account-password"
## do not touch
version="v0.3"
## am i root? ##
if [ "$(whoami)" != "root" ]; then
echo "only root can do this"
exit 1;
fi
## check for dependencys ##
# not yet implemented (sendxmpp, ssh, vsftpd, ..)
#clear
echo "" # just an empty line
echo "Welcome to the FTP/sFTP Account Creation Script ($version)"
## choose ftp or sftp
echo ""
echo "Which type of account you want to create? [sftp|ftp]"
read acctype
if [ $acctype = "sftp" ]; then
:
else
if [ $acctype = "ftp" ]; then
:
else
#clear
echo "I'm sorry, i need to break this up right now."
echo "It seams you can't understand some simple instructions.."
exit 1;
fi
fi
if [ -z $1 ]; then
needaccname="yes"
while [ $needaccname = "yes" ]; do
echo ""
echo "Enter Accountname:"
read accname
if [ -z $accname ]; then
echo "This field is mandatory."
else
needaccname="notanymore"
fi
done
else
accname=$1
fi
## quota
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
set -- $gblocks
quotacount=0
for var in "$@"
do
quotacount=$(($quotacount+$var))
done
gblocks=$quotacount
fblocks=$(($ablocks-$gblocks))
fsize=${fblocks:0:$((${#fblocks}-3))}
needaccquota="yes"
while [ $needaccquota = "yes" ]; do
echo ""
echo "Please specify how much diskspace this account should provide. (in Megabytes)"
echo "Maximum: $fsize"
read accquota
if [ -z "$accquota" ]; then
echo "This field is mandatory."
else
if [ $accquota -lt $fsize ]; then
needaccquota="notanymore"
else
echo ""
echo "Specified size too big or not a number. Try again."
fi
fi
done
## requester
while [ $trackrequester = "yes" ]; do
echo ""
echo "Who orderd this account? (I'm tracking this for a greater good.)"
read accrequester
if [ -z "$accrequester" ]; then
echo "This field is mandatory."
else
trackrequester="notanymore"
fi
done
## set $accport
if [ $acctype = "sftp" ]; then
accport="22"
else
accport="21"
fi
## get timestamp
acctimestamp=$(date '+%d.%m.%Y %H:%M')
## gen password (acpass)
accpass=$(pwgen -snc 10 1)
echo $accpass > pass.txt
accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 |awk '{print $2}')
rm pass.txt
## create home, set its permissions and add the user to sftp/ftpgroup
if [ $acctype = "sftp" ]; then
mkdir -p $accpath/$acctype"_accounts"/$accname/data
# create the actual user (sftp)
useradd -d /data -M -U -s /usr/lib/sftp-server -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
usermod -G $sftpgroup $accname
else
mkdir -p $accpath/$acctype"_accounts"/$accname
# create the actual user (ftp)
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
echo $accname >> /etc/vsftpd.user_list
fi
## configure quota
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
## logging (log type, name, pass, quota, requester and timestamp)
if [ $logging = 1 ]; then
if [ -e $logpath/$logfile ]; then
cd $logpath
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
else
mkdir -p $logpath
cd $logpath
touch $logfile
echo "type name pass quota reguester timestamp" >> $logfile
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
fi
else
echo ""
fi
## jabber notification
if [ $jabberlog = 1 ]; then
echo "
This is your FTP/sFTP Server,
a "$acctype" account was just created.
Accountname:" $accname "
Quota:" $accquota"MB" "
Requester:" $accrequester | sendxmpp -r ftpcreation -u $jabberuser -j $jabberserver -p $jabberpass $jabberwatchdogs
fi
## mail notification
if [ $maillog = 1 ]; then
echo "mail notification is not yet implemented"
fi
## account data output
#clear
echo ""
echo "Account data"
echo ""
echo "Host:" $acchost
echo "Port:" $accport
echo "Username:" $accname
echo "Password:" $accpass
echo "Quota:" $accquota"MB"
echo "Directory:" $accpath/$acctype"_accounts"/$accname
echo "Requester:" $accrequester
echo ""
echo "Everything is done"
exit 0

510
ftpsftp/archive/ftpsftp_v0.4.1b.sh Normal file
View File

@ -0,0 +1,510 @@
#!/bin/bash
#################################################
## ##
## FTPsFTP ##
## standalone ftp/sftp server solution ##
## ##
#################################################
# **** do not touch as long as you are not me ****
version="v0.4.1b"
author="david@socialnerds.org"
giturl="http://git.gitorious.org/aec/ftpsftp.git"
# **** usage message ****
usage()
{
cat << EOF
usage: ftpsftp options
OPTIONS:
-h show this message
-i install ftpsftp on this ubuntu box
-a <username> add a user
-d <username> delete a user (not yet implemented)
-r <username> reset password for user (not yet implemented)
-q <username> (re)set the quota for user ****new feature****
-u update ftpsftp (pull from git)
-v version information
EOF
}
# **** version message ****
version()
{
echo
echo "FTPsFTP - standalone ftp/sftp server solution"
echo
echo "vesion: $version"
echo "author: $author"
echo
}
# **** am i root? ****
amiroot()
{
if [ "$(whoami)" != "root" ]; then
echo
echo "sorry $USER, you need to gain root privileges to do this."
echo
exit 1;
fi
}
# **** installation routine ****
installation()
{
## am i root?
amiroot
## installing dependencies
echo "info: trying to install dependencies via apt"
apt-get update
apt-get install -y vsftpd ssh quota quotatool makepasswd pwgen git-core vim
## reading configuration from user (stdin)
echo "specify under which path the account home dirs should be stored (no tailing slash)"
read accpath
echo "specify the mointpoint of the device where your accounts are stored (needed for quota config)"
read quotamountpoint
echo "specify the fqdn of your host"
read acchost
echo "specify a system group for your sftp users [default: sftpusers]"
read sftpgroup
if [ -z $sftpgroup ]; then
sftpgroup="sftpusers"
fi
## creating needed directorys
echo "info: creating directorys"
mkdir -p /etc/ftpsftp
mkdir -p /var/log/ftpsftp
mkdir -p /opt
## creating configfiles and logfiles
echo "info: creating configuration and log files"
echo "$USER" > /etc/vsftpd.chroot_list
touch /etc/vsftpd.user_list
echo "type name pass quota reguester timestamp" > /var/log/ftpsftp/accounts.log
#touch /var/log/ftpsftp/system.log #not yet in use
echo '## ftpsftp configuration file ##
accpath="'$accpath'" # this should point to where your accounts should be located
quotamountpoint="'$quotamountpoint'" # mount point for quota configuration
acchost="'$acchost'" # the dns name where your sever is reachable
sftpgroup="'$sftpgroup'" # system group
trackrequester="1" # switch to 0 if you do not want to track the account requester
logging="1" # set this to 0 if you do not want any logging
mailnotification="0" # set this to 0 if you do not want any mail notifications (not yet implemented)
' > /etc/ftpsftp/ftpsftp.conf
## cloning master of ftpsftp git repo
echo "info: cloning files from git repository to /opt/ftpsftp"
cd /opt
git clone $giturl
## set symlink for script in /usr/local/bin
echo "info: creating symlink for script in /usr/local/bin"
cd /usr/local/bin
ln -s /opt/ftpsftp/ftpsftp.sh ftpsftp
## configure quota
echo "info: configuring quota in fstab for $quotamountpoint"
storageopt=$(cat /etc/fstab | grep $quotamountpoint | awk '{print $4}')
sed -i 's/'$storageopt'/'$storageopt',usrquota/' /etc/fstab
umount $quotamountpoint
mount -a
/etc/init.d/quota restart
## configure vsftp
cp /etc/vsftpd.conf /etc/vsftpd.conf_orig
#sed -i 's/#listen_ipv6=YES/listen_ipv6=YES/' /etc/vsftpd.conf
sed -i 's/#write_enable=YES/write_enable=YES/' /etc/vsftpd.conf
sed -i 's/#local_umask=022/local_umask=0007\nfile_open_mode=0770/' /etc/vsftpd.conf
sed -i 's/#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd.conf
sed -i 's/#chroot_list_enable=YES/chroot_list_enable=YES/' /etc/vsftpd.conf
sed -i 's/#chroot_list_file=\/etc\/vsftpd.chroot_list/chroot_list_file=\/etc\/vsftpd.chroot_list/' /etc/vsftpd.conf
sed -i 's/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to '$acchost'./' /etc/vsftpd.conf
echo "
## added by ftpsftp
userlist_enable=YES
userlist_deny=NO
userlist_file=/etc/vsftpd.user_list
" >> /etc/vsftpd.conf
/etc/init.d/vsftpd restart
## configure sshd
echo "info: configuring ssh server"
addgroup $sftpgroup
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_orig
sed -i 's/Subsystem sftp \/usr\/lib\/openssh\/sftp-server/Subsystem sftp internal-sftp/' /etc/ssh/sshd_config
echo "
##### ssh configuration done by ftpsftp ############
AllowGroups admin $sftpgroup
Match group sftpusers
ChrootDirectory $accpath/sftp_accounts/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
####################################################
" >> /etc/ssh/sshd_config
/etc/init.d/ssh restart
## adding shells
echo "
/bin/false
/usr/lib/sftp-server
" >> /etc/shells
echo "you can now delete this script."
echo "all you need is in /opt/ftpsftp, /etc/ftpsftp and /var/log/ftpsftp."
echo 'everything is set to create your first user. try "ftpsftp -a <username>"'
}
##### ftpsftp update #####
update()
{
## am i root?
amiroot
cd /opt/ftpsftp
git pull origin master
}
##### user creation #####
add()
{
## am i root?
amiroot
## set accname
accname=$1
## check if installed
## reading configfile
source /etc/ftpsftp/ftpsftp.conf
## choose ftp or sftp
echo "specify account type [sftp|ftp]"
read acctype
if [ $acctype = "sftp" ]; then
:
else
if [ $acctype = "ftp" ]; then
:
else
echo "i'm sorry, i need to break this up right now."
echo "it seams you can not understand some simple instructions."
exit 1
fi
fi
## quota
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
set -- $gblocks
quotacount=0
for var in "$@"
do
quotacount=$(($quotacount+$var))
done
gblocks=$quotacount
fblocks=$(($ablocks-$gblocks))
fsize=${fblocks:0:$((${#fblocks}-3))}
needaccquota="yes"
while [ $needaccquota = "yes" ]; do
echo "please specify how much diskspace this account should provide. (in megabytes)"
echo "maximum: $fsize"
read accquota
if [ -z "$accquota" ]; then
echo "this field is mandatory."
else
if [ $accquota -lt $fsize ]; then
needaccquota="notanymore"
else
echo "specified size too big or not a number. try again."
fi
fi
done
## requester
while [ $trackrequester = "1" ]; do
echo "who orderd this account? (i'm tracking this for a greater good.)"
read accrequester
if [ -z "$accrequester" ]; then
echo "this field is mandatory."
else
trackrequester="notanymore"
fi
done
## set $accport
if [ $acctype = "sftp" ]; then
accport="22"
else
accport="21"
fi
## get timestamp
acctimestamp=$(date '+%d.%m.%Y %H:%M')
## gen password (accpass)
accpass=$(pwgen -snc 10 1)
echo $accpass > pass.txt
accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 | awk '{print $2}')
rm pass.txt
## create home, set its permissions and add the user to sftp/ftpgroup
if [ $acctype = "sftp" ]; then
mkdir -p $accpath/$acctype"_accounts"/$accname/data
# create the actual user (sftp)
useradd -d /data -M -U -s /usr/lib/sftp-server -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
usermod -G $sftpgroup $accname
else
mkdir -p $accpath/$acctype"_accounts"/$accname
# create the actual user (ftp)
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false -p $accencpass $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
echo $accname >> /etc/vsftpd.user_list
fi
## configure quota
accquota=$((accquota/1000*1024))
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
## trigger log
logging
## account data output
echo
echo "account data"
echo
echo "host:" $acchost
echo "port:" $accport
echo "username:" $accname
echo "password:" $accpass
echo "quota:" $accquota"mb"
echo "directory:" $accpath/$acctype"_accounts"/$accname
echo "requester:" $accrequester
echo
}
##### user deletion #####
delete()
{
## am i root?
amiroot
accname=$1
echo "feature not yet implemented"
}
##### password reset #####
reset()
{
## am i root?
amiroot
accname=$1
echo "feature not yet implemented"
}
resetquota()
{
accname=$1
## reading configfile
source /etc/ftpsftp/ftpsftp.conf
## quota calc
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
set -- $gblocks
quotacount=0
for var in "$@"
do
quotacount=$(($quotacount+$var))
done
gblocks=$quotacount
fblocks=$(($ablocks-$gblocks))
fsize=${fblocks:0:$((${#fblocks}-3))}
needaccquota="yes"
while [ $needaccquota = "yes" ]; do
echo "please specify how much diskspace this account should provide. (in megabytes)"
echo "maximum: $fsize"
read accquota
if [ -z "$accquota" ]; then
echo "this field is mandatory."
else
if [ $accquota -lt $fsize ]; then
needaccquota="notanymore"
else
echo "specified size too big or not a number. try again."
fi
fi
done
## set quota
accquota=$((accquota/1000*1024))
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
}
##### logging #####
logging()
{
if [ $logging = 1 ]; then
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> /var/log/ftpsftp/accounts.log
fi
}
##### mail notification #####
#mailnotification()
#{
#
#if [ $maillog = 1 ]; then
# echo "mail notification is not yet implemented"
#fi
#
#}
##### processing options #####
while getopts "h,i,a:,d:,r:,q:,u,v" OPTION; do
case $OPTION in
h)
usage
exit 0
;;
i)
installation
exit 0
;;
a)
name=$OPTARG
run="yes"
while [ $run = "yes" ]; do
add $name
echo "do you want to create another user? (yes/no)"
read run
if [[ $run = "yes" ]] || [[ $run = "y" ]]; then
echo "specify account name"
read name
run="yes"
fi
done
exit 0
;;
d)
rmuser=$OPTARG
delete $rmuser
exit 0
;;
r)
rpuser=$OPTARG
reset $rpuser
exit 0
;;
q)
squser=$OPTARG
resetquota $squser
exit 0
;;
u)
update
exit 0
;;
v)
version
exit 0
;;
?)
usage
exit 1
;;
esac
done
## print usage message if no option is given
if [ -z $1 ]; then
usage
exit 1
fi
## end of script
exit 0

314
ftpsftp/ftpsftp.func Normal file
View File

@ -0,0 +1,314 @@
#!/bin/bash
#################################################
## ##
## FTPsFTP ##
## function definitions ##
## ##
#################################################
# **** usage message ****
usage()
{
echo "usage: ftpsftp options
OPTIONS:
-h show this message
-s show stats (not yet implemented)
-a <username> add a user
-d <username> delete a user
-r <username> reset password for user
-q <username> (re)set the quota for user
-u update ftpsftp (pull from git)
-v show version information
"
}
# **** version message ****
version()
{
echo "FTPsFTP - standalone ftp/sftp server solution"
echo
echo "vesion: $version"
echo "author: $author"
echo
}
# **** am i root? ****
# this is now in bashlib
#amiroot()
#{
#if [ "$(whoami)" != "root" ]; then
# echo
# echo "sorry $USER, you need to gain root privileges to do this."
# echo
# exit 1;
#fi
#}
# **** ftpsftp update ****
update()
{
# checking for root privileges
amiroot
# pull updates from ftpsftp git repository
cd /opt/ftpsftp
git pull origin master
log info "update - ftpsftp was updated (maybe)"
}
# ***** calculating free quota *****
quotacalc()
{
local ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
local gblocks=$(repquota $quotamountpoint | grep 0 | awk '{print $4}')
set -- $gblocks
local quotacount=0
for var in "$@"; do
local quotacount=$(($quotacount+$var))
done
local gblocks=$quotacount
local fblocks=$(($ablocks-$gblocks))
local fsize=$((fblocks*1000/1024))
local fsize=${fsize:0:$((${#fsize}-3))}
# return result
echo $fsize
}
# **** set quota ****
quotaconf()
{
# checking for root privileges
amiroot
# checking if user exists
isuserthere $accname
# breaking up if user does not exist
if [ $? -eq "1" ]; then
echo "error: user does not exist."
exit 1
fi
# calculate free quota
local fsize=$(quotacalc)
local run="yes"
while [ $run = "yes" ]; do
echo "please specify quota for user $accname. (in megabytes)"
echo "maximum: $fsize"
read accquota
if [ -z "$accquota" ]; then
echo "this field is mandatory."
else
if [ $accquota -lt $fsize ]; then
local run="no"
else
echo "specified size too big or not a number. try again."
fi
fi
done
# set quota
accblockquota=$((accquota*1024))
setquota --all -u $accname $accblockquota $accblockquota 0 0
}
# **** check if user is already there or needs to be created ****
isuserthere()
{
id $accname &> /dev/null
if [ $? -eq "0" ]; then
return 0
else
return 1
fi
}
##### user creation #####
add()
{
# am i root?
amiroot
# checking if user already exists
isuserthere
# breaking up if user already exists
if [ $? -eq "0" ]; then
echo "error: user already exists."
exit 1
fi
# choose ftp or sftp
echo "specify account type [sftp|ftp]"
read acctype
if [ $acctype = "sftp" ]; then
:
else
if [ $acctype = "ftp" ]; then
:
else
echo "i'm sorry, i need to break this up right now."
echo "it seams you can not understand some simple instructions."
exit 1
fi
fi
# read requester if configfile option is 1
while [ $trackrequester = "1" ]; do
echo "who orderd this account? (i'm tracking this for a greater good.)"
read accrequester
if [ -z "$accrequester" ]; then
echo "this field is mandatory."
else
trackrequester="notanymore"
fi
done
# set accport
if [ $acctype = "sftp" ]; then
local accport="22"
else
local accport="21"
fi
# get timestamp
local acctimestamp=$(date '+%d.%m.%Y %H:%M')
# create home, set its permissions and add the user to sftp/ftpgroup
if [ $acctype = "sftp" ]; then
mkdir -p $accpath/$acctype"_accounts"/$accname/data
# create the actual user (sftp)
useradd -d /data -M -U -s /usr/lib/sftp-server $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
usermod -G $sftpgroup $accname
else
mkdir -p $accpath/$acctype"_accounts"/$accname
# create the actual user (ftp)
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false $accname
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
usermod -G $ftpgroup $accname
fi
# set password
local accpass=$(setpasswd)
# configure quota
quotaconf
# trigger logging
logging $acctype $accname $accpass $accquota $accrequester $acctimestamp
# print account data
echo
echo "account data"
echo
echo "host:" $acchost
echo "port:" $accport
echo "username:" $accname
echo "password:" $accpass
echo "quota:" $accquota"MB"
echo "directory:" $accpath/$acctype"_accounts"/$accname
echo "requester:" $accrequester
echo
}
# **** user deletion ****
delete()
{
# am i root?
amiroot
# checking if user exists
isuserthere
# breaking up if user does not exist
if [ $? -eq "1" ]; then
echo "error: user does not exist"
exit 1
fi
id -nG $accname | grep $sftpgroup &> /dev/null
if [ $? -eq "0" ]; then
deluser $accname &> /dev/null
rm -r $accpath/sftp_accounts/$accname
else
deluser $accname &> /dev/null
rm -r $accpath/ftp_accounts/$accname
fi
}
# **** generate password ****
setpasswd()
{
# checking if user exists
isuserthere
# breaking up if user does not exist
if [ $? -eq "1" ]; then
echo "error: user does not exist"
exit 1
fi
# generating password
local accpass=$(pwgen -snc 10 1)
echo $accpass > pass.txt
local accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 | awk '{print $2}')
rm pass.txt
# setting the password
usermod -p $accencpass $accname
# returning unencrypded password
echo $accpass
}
# **** logging ****
logging()
{
if [ $logging -eq "1" ]; then
echo $@ >> $acclogfile
fi
}
# **** statistics ****
stats()
{
echo "feature not yet implemented"
}

116
ftpsftp/ftpsftp.sh Executable file
View File

@ -0,0 +1,116 @@
#!/bin/bash
#################################################
## ##
## FTPsFTP ##
## standalone ftp/sftp server solution ##
## ##
#################################################
# **** do not touch as long as you are not me ****
version="v0.5_beta"
author="david@socialnerds.org"
giturl="git://git.socialnerds.org/ftpsftp.git"
logwhat="ftpsftp"
log2stdout="1"
functionfile="/opt/ftpsftp/ftpsftp.func"
configfile="/etc/ftpsftp.conf"
# **** read function definitions and config file ****
if [ -r $functionfile ]; then
source $functionfile
else
echo "error: functionfile not found."
exit 1
fi
if [ -r $configfile ]; then
source $configfile
else
echo "error: configuration file not found."
exit 1
fi
# **** load bashlib ****
# need for some better routine to include bashlib
if [ -d $bashlibpath ]; then
source $bashlibpath/main
source $bashlibpath/logengine
log debug "preflight - logengine loaded"
else
echo "ERROR: bashlib not found"
exit 1
fi
# **** processing options ****
while getopts "h,s,a:,d:,r:,q:,u,v" OPTION; do
case $OPTION in
h)
usage
exit 0
;;
s)
stats
exit 0
;;
a)
accname=$OPTARG
run="yes"
while [ $run = "yes" ]; do
add
echo "do you want to create another user? (yes/no)"
read run
if [[ $run = "yes" ]] || [[ $run = "y" ]]; then
echo "specify account name"
read accname
run="yes"
fi
done
exit 0
;;
d)
accname=$OPTARG
delete
exit 0
;;
r)
accname=$OPTARG
accpass=$(setpasswd)
echo "the new password for user $accname is: $accpass"
exit 0
;;
q)
accname=$OPTARG
quotaconf
exit 0
;;
u)
update
exit 0
;;
v)
version
exit 0
;;
?)
usage
exit 1
;;
esac
done
# **** print usage message if no option is given ****
if [ -z $1 ]; then
usage
exit 1
fi
# **** end of script ****
exit 0

207
ftpsftp/install.sh Executable file
View File

@ -0,0 +1,207 @@
#!/bin/bash
#################################################
## ##
## FTPsFTP ##
## installation script ##
## ##
#################################################
# **** ftpsftp installation routine ****
# **** configuration section ****
giturl="http://git.gitorious.org/aec/ftpsftp.git"
acclogfile="/var/log/ftpsftp_accounts.log" #changed
logfile="/var/log/ftpsftp.log" #new
configfile="/etc/ftpsftp.conf" #changed
reporoot="/opt" #new
# **** am i root? ****
if [ "$(whoami)" != "root" ]; then
echo
echo "$USER, in order to do this you need to gain root privileges."
echo
exit 1;
fi
# **** uninstall ****
if [ -z $1 ]; then
:
elif [ $1 = "--uninstall" ]; then
# **** removing files ****
rm -r $reporoot/ftpsftp
rm $logfile
rm $acclogfile
rm $configfile
rm /etc/vsftpd.chroot_list
rm /usr/local/bin/ftpsftp
rm /etc/fstab
mv /etc/fstab_orig /etc/fstab
rm cp /etc/vsftpd.conf
mv /etc/vsftpd.conf_orig /etc/vsftpd.conf
rm /etc/vsftpd.group_list
rm cp /etc/pam.d/vsftpd
mv /etc/pam.d/vsftpd_orig /etc/pam.d/vsftpd
rm /etc/ssh/sshd_config
mv /etc/ssh/sshd_config_orig /etc/ssh/sshd_config
rm /etc/shells
mv /etc/shells_orig /etc/shells
# **** removing groups ****
#delgroup $sftpgroup
#delgroup $ftpgroup
echo "info: everything except the system groups and the packages installed with apt successfully removed"
fi
# **** installing dependencies ****
echo "info: trying to install dependencies via apt"
apt-get update
apt-get install -y vsftpd ssh quota quotatool makepasswd pwgen git-core vim
# **** reading configuration from user ****
echo "specify under which path the account home dirs should be stored (no tailing slash)"
read accpath
echo "specify the mointpoint of the device where your accounts are stored (needed for quota config)"
read quotamountpoint
echo "specify the fqdn of your host"
read acchost
echo "specify a system group for your sftp users [default: sftpusers]"
read sftpgroup
if [ -z $sftpgroup ]; then
sftpgroup="sftpusers"
fi
echo "specify a system group for your ftp users [default: ftpusers]"
read ftpgroup
if [ -z $ftpgroup ]; then
ftpgroup="ftpusers"
fi
# **** creating needed directorys ****
# just in case, they should be already there
echo "info: creating directorys"
mkdir -p /var/log
mkdir -p $reporoot
# **** creating configfiles and logfiles ****
echo "info: creating configuration and log files"
# creating chroot_list
echo "$USER" > /etc/vsftpd.chroot_list
# creating log files
echo "type name pass quota reguester timestamp" > $acclogfile
touch $logfile
# create ftpsftp configuration file (default: /etc/ftpsftp/ftpsftp.conf)
echo '## ftpsftp configuration file ##
accpath="'$accpath'" # this should point to where your accounts should be located
quotamountpoint="'$quotamountpoint'" # mount point for quota configuration
acchost="'$acchost'" # the dns name where your sever is reachable
sftpgroup="'$sftpgroup'" # system group
ftpgroup="'$ftpgroup'" # system group
trackrequester="1" # switch to 0 if you do not want to track the account requester
logging="1" # set this to 0 if you do not want any logging
' > $configfile
# **** cloning master branch of ftpsftp git repo ****
echo "info: cloning files from git repository to /opt/ftpsftp"
cd $reporoot
git clone $giturl
# **** set symlink for script in /usr/local/bin ****
echo "info: creating symlink for script in /usr/local/bin"
cd /usr/local/bin
ln -s $reporoot/ftpsftp/ftpsftp.sh ftpsftp
# **** configure quota ****
echo "info: configuring quota in fstab for $quotamountpoint"
cp /etc/fstab /etc/fstab_orig
cat /etc/fstab | grep -v $quotamountpoint > /etc/~fstab
storageopt=$(cat /etc/fstab | grep $quotamountpoint | awk '{print $4}')
sed -i 's/'$storageopt'/'$storageopt',usrquota/' /etc/fstab
cat /etc/fstab | grep $quotamountpoint >> /etc/~fstab
rm /etc/fstab && mv /etc/~fstab /etc/fstab
umount $quotamountpoint
mount -a
/etc/init.d/quota restart
# **** configure vsftp ****
cp /etc/vsftpd.conf /etc/vsftpd.conf_orig
#sed -i 's/#listen_ipv6=YES/listen_ipv6=YES/' /etc/vsftpd.conf
sed -i 's/#write_enable=YES/write_enable=YES/' /etc/vsftpd.conf
sed -i 's/#local_umask=022/local_umask=0007\nfile_open_mode=0770/' /etc/vsftpd.conf
sed -i 's/#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd.conf
sed -i 's/#chroot_list_enable=YES/chroot_list_enable=YES/' /etc/vsftpd.conf
sed -i 's/#chroot_list_file=\/etc\/vsftpd.chroot_list/chroot_list_file=\/etc\/vsftpd.chroot_list/' /etc/vsftpd.conf
sed -i 's/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to '$acchost'./' /etc/vsftpd.conf
# creating vsftpd.group_list (used by pam)
addgroup $ftpgroup
echo "
$ftpgroup
admin
" > /etc/vsftpd.group_list
# adding group list to pam.d
cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd_orig
sed '2 a auth required pam_listfile.so item=group sense=allow file=/etc/vsftpd.group_list onerr=fail' /etc/pam.d/vsftpd > /etc/pam.d/vsftpd_new
rm /etc/pam.d/vsftpd && mv /etc/pam.d/vsftpd_new /etc/pam.d/vsftpd
# restarting ftp service
/etc/init.d/vsftpd restart
# **** configure sshd ****
echo "info: configuring ssh server"
addgroup $sftpgroup
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_orig
sed -i 's/Subsystem sftp \/usr\/lib\/openssh\/sftp-server/Subsystem sftp internal-sftp/' /etc/ssh/sshd_config
echo "
##### ssh configuration done by ftpsftp ############
AllowGroups admin $sftpgroup
Match group sftpusers
ChrootDirectory $accpath/sftp_accounts/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp
" >> /etc/ssh/sshd_config
/etc/init.d/ssh restart
## adding shells
cp /etc/shells /etc/shells_orig
echo "
/bin/false
/usr/lib/sftp-server
" >> /etc/shells
echo "you can now delete this script."
echo "all you need is in $reporoot/ftpsftp, $configfile, $acclogfile and $logfile"
echo 'everything should be set to create your first user. try "ftpsftp -a <username>"'
echo
exit 0