added old ftpsftp scripts
This commit is contained in:
parent
eeab75b35b
commit
89500d6376
|
@ -0,0 +1,33 @@
|
||||||
|
attention: the install procedure is broke at the moment..
|
||||||
|
|
||||||
|
## why are some variables defined in the configfile and some directly in the script?
|
||||||
|
the vars in the configfile are specific to your installation and can or should be changed. everything defined directly in the script should remain the same for every installation.
|
||||||
|
|
||||||
|
## features wanted
|
||||||
|
|
||||||
|
info option (or some sort of stats)
|
||||||
|
|
||||||
|
-- ftp user count
|
||||||
|
-- sftp user count
|
||||||
|
-- used disk space
|
||||||
|
-- used disk space by user
|
||||||
|
-- free disk space
|
||||||
|
-- free quota
|
||||||
|
-- quotamountpoint
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## functions
|
||||||
|
quotacalc ... gives back the free megabytes on the storage
|
||||||
|
quotaconf ... sets the quota for existing user
|
||||||
|
isuserthere ... checks if user exists or asks to create it
|
||||||
|
amiroot ... checks if there are root privileges (ends scripts if not)
|
||||||
|
update ... pulls updates from ftpsftp git repository
|
||||||
|
version ... prints version information
|
||||||
|
usage ... prints usage message
|
||||||
|
add ... adding a new user
|
||||||
|
delete ... delete an existing user
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
contact me if you have any questions: david@socialnerds.org
|
|
@ -0,0 +1,173 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
############################################
|
||||||
|
## ##
|
||||||
|
## FTP/sFTP Account Creation Script ##
|
||||||
|
## v0.2 ##
|
||||||
|
## Author: david@socialnerds.org ##
|
||||||
|
## ##
|
||||||
|
############################################
|
||||||
|
|
||||||
|
## script configuration section ##
|
||||||
|
accpath="/media/storage"
|
||||||
|
acchost="some.domain.org" # the dns name where your sever is reachable
|
||||||
|
sftpgroup="sftpusers" # this group must exist
|
||||||
|
trackrequester="yes" # switch to "no" if you do not want to track the requester
|
||||||
|
logging=1 # set this to 0 if you don't want any logging
|
||||||
|
logpath="/media/storage/logs" # there you want to create your logfile
|
||||||
|
logfile="accounts.log" # choose the logfile name here
|
||||||
|
jabberlog=1 # set this to 0 if you don't want jabber notifications
|
||||||
|
## following ist not necessary if jabberlog=0
|
||||||
|
jabberwatchdogs="admin@somedomain.org admin@someotherdomain.org"
|
||||||
|
jabberuser="jabber-account"
|
||||||
|
jabberserver="jabber-server"
|
||||||
|
jabberpass="jabber-account-password"
|
||||||
|
|
||||||
|
|
||||||
|
## am i root? ##
|
||||||
|
if [ "$(whoami)" != "root" ]; then
|
||||||
|
echo "only root can do this"
|
||||||
|
exit 1;
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## check for dependencys ##
|
||||||
|
# not yet implemented (sendxmpp, ssh, vsftpd, ..)
|
||||||
|
|
||||||
|
|
||||||
|
#clear
|
||||||
|
echo "" # just an empty line
|
||||||
|
echo "Welcome to the FTP/sFTP Account Creation Script (v0.2)"
|
||||||
|
## choose ftp or sftp
|
||||||
|
echo ""
|
||||||
|
echo "Which type of account you want to create? [sftp|ftp]"
|
||||||
|
read acctype
|
||||||
|
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
echo ""
|
||||||
|
else
|
||||||
|
if [ $acctype = "ftp" ]; then
|
||||||
|
echo ""
|
||||||
|
else
|
||||||
|
#clear
|
||||||
|
echo "I'm sorry, i need to break this up right now."
|
||||||
|
echo "It seams you can't understand some simple instructions.."
|
||||||
|
exit 1;
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
if [ -z $1 ]; then
|
||||||
|
needaccname="yes"
|
||||||
|
while [ $needaccname = "yes" ]; do
|
||||||
|
echo ""
|
||||||
|
echo "Enter Accountname:"
|
||||||
|
read accname
|
||||||
|
if [ -z $accname ]; then
|
||||||
|
echo "This field is mandatory."
|
||||||
|
else
|
||||||
|
needaccname="notanymore"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
accname=$1
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## quota
|
||||||
|
accquota="quota not yet implemented"
|
||||||
|
|
||||||
|
|
||||||
|
## requester
|
||||||
|
while [ $trackrequester = "yes" ]; do
|
||||||
|
echo ""
|
||||||
|
echo "Who orderd this account? (I'm tracking this for a greater good.)"
|
||||||
|
read accrequester
|
||||||
|
if [ -z "$accrequester" ]; then
|
||||||
|
echo "This field is mandatory."
|
||||||
|
else
|
||||||
|
trackrequester="notanymore"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
## set $accport
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
accport="22"
|
||||||
|
else
|
||||||
|
accport="21"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## get timestamp
|
||||||
|
acctimestamp=$(date '+%dr%B %Y %H:%M')
|
||||||
|
|
||||||
|
|
||||||
|
## gen password (acpass)
|
||||||
|
accpass=$(pwgen -snc 10 1)
|
||||||
|
echo $accpass > pass.txt
|
||||||
|
accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 |awk '{print $2}')
|
||||||
|
rm pass.txt
|
||||||
|
|
||||||
|
## create home, set its permissions and add the user to sftp/ftpgroup
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
# create the actual user (sftp)
|
||||||
|
useradd -d /data -M -U -s /usr/lib/sftp-server -p $accencpass $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
adduser $accname $sftpgroup
|
||||||
|
else
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname
|
||||||
|
# create the actual user (ftp)
|
||||||
|
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false -p $accencpass $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
|
||||||
|
echo $accname >> /etc/vsftpd.user_list
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## logging (log type, name, pass, quota, requester and timestamp)
|
||||||
|
if [ $logging = 1 ]; then
|
||||||
|
if [ -e $logpath/$logfile ]; then
|
||||||
|
cd $logpath
|
||||||
|
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
|
||||||
|
else
|
||||||
|
mkdir -p $logpath
|
||||||
|
cd $logpath
|
||||||
|
touch $logfile
|
||||||
|
echo "type name pass quota reguester timestamp" >> $logfile
|
||||||
|
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## jabber notification
|
||||||
|
if [ $jabberlog = 1 ]; then
|
||||||
|
echo "
|
||||||
|
This is your FTP/sFTP Server,
|
||||||
|
a "$acctype" account was just created.
|
||||||
|
Accountname:" $accname "
|
||||||
|
Quota:" $accquota "
|
||||||
|
Requester:" $accrequester | sendxmpp -r ftpcreation -u $jabberuser -j $jabberserver -p $jabberpass $jabberwatchdogs
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## account data output
|
||||||
|
#clear
|
||||||
|
echo ""
|
||||||
|
echo "Account data"
|
||||||
|
echo ""
|
||||||
|
echo "Host:" $acchost
|
||||||
|
echo "Port:" $accport
|
||||||
|
echo "Username:" $accname
|
||||||
|
echo "Password:" $accpass
|
||||||
|
echo "Quota:" $accquota
|
||||||
|
echo "Directory:" $accpath/$acctype"_accounts"/$accname
|
||||||
|
echo "Requester:" $accrequester
|
||||||
|
echo ""
|
||||||
|
echo "Everything is done"
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
|
|
@ -0,0 +1,215 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
############################################
|
||||||
|
## ##
|
||||||
|
## FTP/sFTP Account Creation Script ##
|
||||||
|
## v0.3 ##
|
||||||
|
## Author: david@socialnerds.org ##
|
||||||
|
## ##
|
||||||
|
############################################
|
||||||
|
|
||||||
|
## script configuration section ##
|
||||||
|
accpath="/srv/storage"
|
||||||
|
quotamountpoint="/srv/storage"
|
||||||
|
acchost="some.domain.org" # the dns name where your sever is reachable
|
||||||
|
sftpgroup="sftpusers" # this group must exist
|
||||||
|
trackrequester="yes" # switch to "no" if you do not want to track the requester
|
||||||
|
logging=1 # set this to 0 if you don't want any logging
|
||||||
|
logpath="/media/storage/logs" # there you want to create your logfile
|
||||||
|
logfile="accounts.log" # choose the logfile name here
|
||||||
|
jabberlog=0 # set this to 0 if you don't want jabber notifications
|
||||||
|
maillog=0
|
||||||
|
|
||||||
|
## following ist not necessary if jabberlog=0
|
||||||
|
jabberwatchdogs="admin@somedomain.org admin@someotherdomain.org"
|
||||||
|
jabberuser="jabber-account"
|
||||||
|
jabberserver="jabber-server"
|
||||||
|
jabberpass="jabber-account-password"
|
||||||
|
|
||||||
|
## do not touch
|
||||||
|
version="v0.3"
|
||||||
|
|
||||||
|
## am i root? ##
|
||||||
|
if [ "$(whoami)" != "root" ]; then
|
||||||
|
echo "only root can do this"
|
||||||
|
exit 1;
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## check for dependencys ##
|
||||||
|
# not yet implemented (sendxmpp, ssh, vsftpd, ..)
|
||||||
|
|
||||||
|
|
||||||
|
#clear
|
||||||
|
echo "" # just an empty line
|
||||||
|
echo "Welcome to the FTP/sFTP Account Creation Script ($version)"
|
||||||
|
## choose ftp or sftp
|
||||||
|
echo ""
|
||||||
|
echo "Which type of account you want to create? [sftp|ftp]"
|
||||||
|
read acctype
|
||||||
|
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
:
|
||||||
|
else
|
||||||
|
if [ $acctype = "ftp" ]; then
|
||||||
|
:
|
||||||
|
else
|
||||||
|
#clear
|
||||||
|
echo "I'm sorry, i need to break this up right now."
|
||||||
|
echo "It seams you can't understand some simple instructions.."
|
||||||
|
exit 1;
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
if [ -z $1 ]; then
|
||||||
|
needaccname="yes"
|
||||||
|
while [ $needaccname = "yes" ]; do
|
||||||
|
echo ""
|
||||||
|
echo "Enter Accountname:"
|
||||||
|
read accname
|
||||||
|
if [ -z $accname ]; then
|
||||||
|
echo "This field is mandatory."
|
||||||
|
else
|
||||||
|
needaccname="notanymore"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
else
|
||||||
|
accname=$1
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## quota
|
||||||
|
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
|
||||||
|
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
|
||||||
|
set -- $gblocks
|
||||||
|
quotacount=0
|
||||||
|
for var in "$@"
|
||||||
|
do
|
||||||
|
quotacount=$(($quotacount+$var))
|
||||||
|
|
||||||
|
done
|
||||||
|
|
||||||
|
gblocks=$quotacount
|
||||||
|
fblocks=$(($ablocks-$gblocks))
|
||||||
|
fsize=${fblocks:0:$((${#fblocks}-3))}
|
||||||
|
|
||||||
|
|
||||||
|
needaccquota="yes"
|
||||||
|
while [ $needaccquota = "yes" ]; do
|
||||||
|
echo ""
|
||||||
|
echo "Please specify how much diskspace this account should provide. (in Megabytes)"
|
||||||
|
echo "Maximum: $fsize"
|
||||||
|
read accquota
|
||||||
|
if [ -z "$accquota" ]; then
|
||||||
|
echo "This field is mandatory."
|
||||||
|
else
|
||||||
|
if [ $accquota -lt $fsize ]; then
|
||||||
|
needaccquota="notanymore"
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
echo "Specified size too big or not a number. Try again."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
## requester
|
||||||
|
while [ $trackrequester = "yes" ]; do
|
||||||
|
echo ""
|
||||||
|
echo "Who orderd this account? (I'm tracking this for a greater good.)"
|
||||||
|
read accrequester
|
||||||
|
if [ -z "$accrequester" ]; then
|
||||||
|
echo "This field is mandatory."
|
||||||
|
else
|
||||||
|
trackrequester="notanymore"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
## set $accport
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
accport="22"
|
||||||
|
else
|
||||||
|
accport="21"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## get timestamp
|
||||||
|
acctimestamp=$(date '+%d.%m.%Y %H:%M')
|
||||||
|
|
||||||
|
|
||||||
|
## gen password (acpass)
|
||||||
|
accpass=$(pwgen -snc 10 1)
|
||||||
|
echo $accpass > pass.txt
|
||||||
|
accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 |awk '{print $2}')
|
||||||
|
rm pass.txt
|
||||||
|
|
||||||
|
## create home, set its permissions and add the user to sftp/ftpgroup
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
# create the actual user (sftp)
|
||||||
|
useradd -d /data -M -U -s /usr/lib/sftp-server -p $accencpass $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
usermod -G $sftpgroup $accname
|
||||||
|
else
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname
|
||||||
|
# create the actual user (ftp)
|
||||||
|
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false -p $accencpass $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
|
||||||
|
echo $accname >> /etc/vsftpd.user_list
|
||||||
|
fi
|
||||||
|
|
||||||
|
## configure quota
|
||||||
|
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
|
||||||
|
|
||||||
|
|
||||||
|
## logging (log type, name, pass, quota, requester and timestamp)
|
||||||
|
if [ $logging = 1 ]; then
|
||||||
|
if [ -e $logpath/$logfile ]; then
|
||||||
|
cd $logpath
|
||||||
|
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
|
||||||
|
else
|
||||||
|
mkdir -p $logpath
|
||||||
|
cd $logpath
|
||||||
|
touch $logfile
|
||||||
|
echo "type name pass quota reguester timestamp" >> $logfile
|
||||||
|
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> $logfile
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
echo ""
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## jabber notification
|
||||||
|
if [ $jabberlog = 1 ]; then
|
||||||
|
echo "
|
||||||
|
This is your FTP/sFTP Server,
|
||||||
|
a "$acctype" account was just created.
|
||||||
|
Accountname:" $accname "
|
||||||
|
Quota:" $accquota"MB" "
|
||||||
|
Requester:" $accrequester | sendxmpp -r ftpcreation -u $jabberuser -j $jabberserver -p $jabberpass $jabberwatchdogs
|
||||||
|
fi
|
||||||
|
|
||||||
|
## mail notification
|
||||||
|
if [ $maillog = 1 ]; then
|
||||||
|
echo "mail notification is not yet implemented"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## account data output
|
||||||
|
#clear
|
||||||
|
echo ""
|
||||||
|
echo "Account data"
|
||||||
|
echo ""
|
||||||
|
echo "Host:" $acchost
|
||||||
|
echo "Port:" $accport
|
||||||
|
echo "Username:" $accname
|
||||||
|
echo "Password:" $accpass
|
||||||
|
echo "Quota:" $accquota"MB"
|
||||||
|
echo "Directory:" $accpath/$acctype"_accounts"/$accname
|
||||||
|
echo "Requester:" $accrequester
|
||||||
|
echo ""
|
||||||
|
echo "Everything is done"
|
||||||
|
|
||||||
|
exit 0
|
||||||
|
|
|
@ -0,0 +1,510 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
## ##
|
||||||
|
## FTPsFTP ##
|
||||||
|
## standalone ftp/sftp server solution ##
|
||||||
|
## ##
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# **** do not touch as long as you are not me ****
|
||||||
|
version="v0.4.1b"
|
||||||
|
author="david@socialnerds.org"
|
||||||
|
giturl="http://git.gitorious.org/aec/ftpsftp.git"
|
||||||
|
|
||||||
|
|
||||||
|
# **** usage message ****
|
||||||
|
usage()
|
||||||
|
{
|
||||||
|
cat << EOF
|
||||||
|
usage: ftpsftp options
|
||||||
|
|
||||||
|
OPTIONS:
|
||||||
|
-h show this message
|
||||||
|
-i install ftpsftp on this ubuntu box
|
||||||
|
-a <username> add a user
|
||||||
|
-d <username> delete a user (not yet implemented)
|
||||||
|
-r <username> reset password for user (not yet implemented)
|
||||||
|
-q <username> (re)set the quota for user ****new feature****
|
||||||
|
-u update ftpsftp (pull from git)
|
||||||
|
-v version information
|
||||||
|
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# **** version message ****
|
||||||
|
version()
|
||||||
|
{
|
||||||
|
echo
|
||||||
|
echo "FTPsFTP - standalone ftp/sftp server solution"
|
||||||
|
echo
|
||||||
|
echo "vesion: $version"
|
||||||
|
echo "author: $author"
|
||||||
|
echo
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# **** am i root? ****
|
||||||
|
amiroot()
|
||||||
|
{
|
||||||
|
if [ "$(whoami)" != "root" ]; then
|
||||||
|
echo
|
||||||
|
echo "sorry $USER, you need to gain root privileges to do this."
|
||||||
|
echo
|
||||||
|
exit 1;
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
# **** installation routine ****
|
||||||
|
installation()
|
||||||
|
{
|
||||||
|
|
||||||
|
## am i root?
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
|
||||||
|
## installing dependencies
|
||||||
|
echo "info: trying to install dependencies via apt"
|
||||||
|
apt-get update
|
||||||
|
apt-get install -y vsftpd ssh quota quotatool makepasswd pwgen git-core vim
|
||||||
|
|
||||||
|
|
||||||
|
## reading configuration from user (stdin)
|
||||||
|
echo "specify under which path the account home dirs should be stored (no tailing slash)"
|
||||||
|
read accpath
|
||||||
|
echo "specify the mointpoint of the device where your accounts are stored (needed for quota config)"
|
||||||
|
read quotamountpoint
|
||||||
|
echo "specify the fqdn of your host"
|
||||||
|
read acchost
|
||||||
|
echo "specify a system group for your sftp users [default: sftpusers]"
|
||||||
|
read sftpgroup
|
||||||
|
if [ -z $sftpgroup ]; then
|
||||||
|
sftpgroup="sftpusers"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## creating needed directorys
|
||||||
|
echo "info: creating directorys"
|
||||||
|
mkdir -p /etc/ftpsftp
|
||||||
|
mkdir -p /var/log/ftpsftp
|
||||||
|
mkdir -p /opt
|
||||||
|
|
||||||
|
|
||||||
|
## creating configfiles and logfiles
|
||||||
|
echo "info: creating configuration and log files"
|
||||||
|
echo "$USER" > /etc/vsftpd.chroot_list
|
||||||
|
touch /etc/vsftpd.user_list
|
||||||
|
echo "type name pass quota reguester timestamp" > /var/log/ftpsftp/accounts.log
|
||||||
|
#touch /var/log/ftpsftp/system.log #not yet in use
|
||||||
|
echo '## ftpsftp configuration file ##
|
||||||
|
|
||||||
|
accpath="'$accpath'" # this should point to where your accounts should be located
|
||||||
|
quotamountpoint="'$quotamountpoint'" # mount point for quota configuration
|
||||||
|
acchost="'$acchost'" # the dns name where your sever is reachable
|
||||||
|
sftpgroup="'$sftpgroup'" # system group
|
||||||
|
trackrequester="1" # switch to 0 if you do not want to track the account requester
|
||||||
|
logging="1" # set this to 0 if you do not want any logging
|
||||||
|
mailnotification="0" # set this to 0 if you do not want any mail notifications (not yet implemented)
|
||||||
|
|
||||||
|
' > /etc/ftpsftp/ftpsftp.conf
|
||||||
|
|
||||||
|
|
||||||
|
## cloning master of ftpsftp git repo
|
||||||
|
echo "info: cloning files from git repository to /opt/ftpsftp"
|
||||||
|
cd /opt
|
||||||
|
git clone $giturl
|
||||||
|
|
||||||
|
|
||||||
|
## set symlink for script in /usr/local/bin
|
||||||
|
echo "info: creating symlink for script in /usr/local/bin"
|
||||||
|
cd /usr/local/bin
|
||||||
|
ln -s /opt/ftpsftp/ftpsftp.sh ftpsftp
|
||||||
|
|
||||||
|
|
||||||
|
## configure quota
|
||||||
|
echo "info: configuring quota in fstab for $quotamountpoint"
|
||||||
|
storageopt=$(cat /etc/fstab | grep $quotamountpoint | awk '{print $4}')
|
||||||
|
sed -i 's/'$storageopt'/'$storageopt',usrquota/' /etc/fstab
|
||||||
|
umount $quotamountpoint
|
||||||
|
mount -a
|
||||||
|
/etc/init.d/quota restart
|
||||||
|
|
||||||
|
|
||||||
|
## configure vsftp
|
||||||
|
cp /etc/vsftpd.conf /etc/vsftpd.conf_orig
|
||||||
|
#sed -i 's/#listen_ipv6=YES/listen_ipv6=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#write_enable=YES/write_enable=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#local_umask=022/local_umask=0007\nfile_open_mode=0770/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#chroot_list_enable=YES/chroot_list_enable=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#chroot_list_file=\/etc\/vsftpd.chroot_list/chroot_list_file=\/etc\/vsftpd.chroot_list/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to '$acchost'./' /etc/vsftpd.conf
|
||||||
|
|
||||||
|
echo "
|
||||||
|
## added by ftpsftp
|
||||||
|
userlist_enable=YES
|
||||||
|
userlist_deny=NO
|
||||||
|
userlist_file=/etc/vsftpd.user_list
|
||||||
|
" >> /etc/vsftpd.conf
|
||||||
|
/etc/init.d/vsftpd restart
|
||||||
|
|
||||||
|
|
||||||
|
## configure sshd
|
||||||
|
echo "info: configuring ssh server"
|
||||||
|
addgroup $sftpgroup
|
||||||
|
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_orig
|
||||||
|
sed -i 's/Subsystem sftp \/usr\/lib\/openssh\/sftp-server/Subsystem sftp internal-sftp/' /etc/ssh/sshd_config
|
||||||
|
|
||||||
|
echo "
|
||||||
|
|
||||||
|
##### ssh configuration done by ftpsftp ############
|
||||||
|
|
||||||
|
AllowGroups admin $sftpgroup
|
||||||
|
|
||||||
|
Match group sftpusers
|
||||||
|
ChrootDirectory $accpath/sftp_accounts/%u
|
||||||
|
X11Forwarding no
|
||||||
|
AllowTcpForwarding no
|
||||||
|
ForceCommand internal-sftp
|
||||||
|
|
||||||
|
####################################################
|
||||||
|
|
||||||
|
" >> /etc/ssh/sshd_config
|
||||||
|
|
||||||
|
/etc/init.d/ssh restart
|
||||||
|
|
||||||
|
## adding shells
|
||||||
|
echo "
|
||||||
|
/bin/false
|
||||||
|
/usr/lib/sftp-server
|
||||||
|
" >> /etc/shells
|
||||||
|
|
||||||
|
|
||||||
|
echo "you can now delete this script."
|
||||||
|
echo "all you need is in /opt/ftpsftp, /etc/ftpsftp and /var/log/ftpsftp."
|
||||||
|
echo 'everything is set to create your first user. try "ftpsftp -a <username>"'
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##### ftpsftp update #####
|
||||||
|
update()
|
||||||
|
{
|
||||||
|
|
||||||
|
## am i root?
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
cd /opt/ftpsftp
|
||||||
|
git pull origin master
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##### user creation #####
|
||||||
|
add()
|
||||||
|
{
|
||||||
|
|
||||||
|
## am i root?
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
|
||||||
|
## set accname
|
||||||
|
accname=$1
|
||||||
|
|
||||||
|
|
||||||
|
## check if installed
|
||||||
|
|
||||||
|
|
||||||
|
## reading configfile
|
||||||
|
source /etc/ftpsftp/ftpsftp.conf
|
||||||
|
|
||||||
|
|
||||||
|
## choose ftp or sftp
|
||||||
|
echo "specify account type [sftp|ftp]"
|
||||||
|
read acctype
|
||||||
|
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
:
|
||||||
|
else
|
||||||
|
if [ $acctype = "ftp" ]; then
|
||||||
|
:
|
||||||
|
else
|
||||||
|
echo "i'm sorry, i need to break this up right now."
|
||||||
|
echo "it seams you can not understand some simple instructions."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## quota
|
||||||
|
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
|
||||||
|
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
|
||||||
|
set -- $gblocks
|
||||||
|
quotacount=0
|
||||||
|
for var in "$@"
|
||||||
|
do
|
||||||
|
quotacount=$(($quotacount+$var))
|
||||||
|
done
|
||||||
|
|
||||||
|
gblocks=$quotacount
|
||||||
|
fblocks=$(($ablocks-$gblocks))
|
||||||
|
fsize=${fblocks:0:$((${#fblocks}-3))}
|
||||||
|
|
||||||
|
needaccquota="yes"
|
||||||
|
while [ $needaccquota = "yes" ]; do
|
||||||
|
echo "please specify how much diskspace this account should provide. (in megabytes)"
|
||||||
|
echo "maximum: $fsize"
|
||||||
|
read accquota
|
||||||
|
if [ -z "$accquota" ]; then
|
||||||
|
echo "this field is mandatory."
|
||||||
|
else
|
||||||
|
if [ $accquota -lt $fsize ]; then
|
||||||
|
needaccquota="notanymore"
|
||||||
|
else
|
||||||
|
echo "specified size too big or not a number. try again."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
## requester
|
||||||
|
while [ $trackrequester = "1" ]; do
|
||||||
|
echo "who orderd this account? (i'm tracking this for a greater good.)"
|
||||||
|
read accrequester
|
||||||
|
if [ -z "$accrequester" ]; then
|
||||||
|
echo "this field is mandatory."
|
||||||
|
else
|
||||||
|
trackrequester="notanymore"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
## set $accport
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
accport="22"
|
||||||
|
else
|
||||||
|
accport="21"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## get timestamp
|
||||||
|
acctimestamp=$(date '+%d.%m.%Y %H:%M')
|
||||||
|
|
||||||
|
|
||||||
|
## gen password (accpass)
|
||||||
|
accpass=$(pwgen -snc 10 1)
|
||||||
|
echo $accpass > pass.txt
|
||||||
|
accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 | awk '{print $2}')
|
||||||
|
rm pass.txt
|
||||||
|
|
||||||
|
|
||||||
|
## create home, set its permissions and add the user to sftp/ftpgroup
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
# create the actual user (sftp)
|
||||||
|
useradd -d /data -M -U -s /usr/lib/sftp-server -p $accencpass $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
usermod -G $sftpgroup $accname
|
||||||
|
else
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname
|
||||||
|
# create the actual user (ftp)
|
||||||
|
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false -p $accencpass $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
|
||||||
|
echo $accname >> /etc/vsftpd.user_list
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
## configure quota
|
||||||
|
accquota=$((accquota/1000*1024))
|
||||||
|
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
|
||||||
|
|
||||||
|
|
||||||
|
## trigger log
|
||||||
|
logging
|
||||||
|
|
||||||
|
|
||||||
|
## account data output
|
||||||
|
echo
|
||||||
|
echo "account data"
|
||||||
|
echo
|
||||||
|
echo "host:" $acchost
|
||||||
|
echo "port:" $accport
|
||||||
|
echo "username:" $accname
|
||||||
|
echo "password:" $accpass
|
||||||
|
echo "quota:" $accquota"mb"
|
||||||
|
echo "directory:" $accpath/$acctype"_accounts"/$accname
|
||||||
|
echo "requester:" $accrequester
|
||||||
|
echo
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##### user deletion #####
|
||||||
|
delete()
|
||||||
|
{
|
||||||
|
|
||||||
|
## am i root?
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
accname=$1
|
||||||
|
echo "feature not yet implemented"
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##### password reset #####
|
||||||
|
reset()
|
||||||
|
{
|
||||||
|
|
||||||
|
## am i root?
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
accname=$1
|
||||||
|
echo "feature not yet implemented"
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
resetquota()
|
||||||
|
{
|
||||||
|
|
||||||
|
accname=$1
|
||||||
|
|
||||||
|
## reading configfile
|
||||||
|
source /etc/ftpsftp/ftpsftp.conf
|
||||||
|
|
||||||
|
## quota calc
|
||||||
|
ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
|
||||||
|
gblocks=$(repquota $quotamountpoint | grep 000 | awk '{print $4}')
|
||||||
|
set -- $gblocks
|
||||||
|
quotacount=0
|
||||||
|
for var in "$@"
|
||||||
|
do
|
||||||
|
quotacount=$(($quotacount+$var))
|
||||||
|
done
|
||||||
|
|
||||||
|
gblocks=$quotacount
|
||||||
|
fblocks=$(($ablocks-$gblocks))
|
||||||
|
fsize=${fblocks:0:$((${#fblocks}-3))}
|
||||||
|
|
||||||
|
needaccquota="yes"
|
||||||
|
while [ $needaccquota = "yes" ]; do
|
||||||
|
echo "please specify how much diskspace this account should provide. (in megabytes)"
|
||||||
|
echo "maximum: $fsize"
|
||||||
|
read accquota
|
||||||
|
if [ -z "$accquota" ]; then
|
||||||
|
echo "this field is mandatory."
|
||||||
|
else
|
||||||
|
if [ $accquota -lt $fsize ]; then
|
||||||
|
needaccquota="notanymore"
|
||||||
|
else
|
||||||
|
echo "specified size too big or not a number. try again."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
## set quota
|
||||||
|
accquota=$((accquota/1000*1024))
|
||||||
|
setquota --all -u $accname $accquota"000" $accquota"000" 0 0
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
##### logging #####
|
||||||
|
logging()
|
||||||
|
{
|
||||||
|
|
||||||
|
if [ $logging = 1 ]; then
|
||||||
|
echo $acctype $accname $accpass $accquota $accrequester $acctimestamp >> /var/log/ftpsftp/accounts.log
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##### mail notification #####
|
||||||
|
#mailnotification()
|
||||||
|
#{
|
||||||
|
#
|
||||||
|
#if [ $maillog = 1 ]; then
|
||||||
|
# echo "mail notification is not yet implemented"
|
||||||
|
#fi
|
||||||
|
#
|
||||||
|
#}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
##### processing options #####
|
||||||
|
while getopts "h,i,a:,d:,r:,q:,u,v" OPTION; do
|
||||||
|
case $OPTION in
|
||||||
|
h)
|
||||||
|
usage
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
i)
|
||||||
|
installation
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
a)
|
||||||
|
name=$OPTARG
|
||||||
|
run="yes"
|
||||||
|
while [ $run = "yes" ]; do
|
||||||
|
add $name
|
||||||
|
echo "do you want to create another user? (yes/no)"
|
||||||
|
read run
|
||||||
|
if [[ $run = "yes" ]] || [[ $run = "y" ]]; then
|
||||||
|
echo "specify account name"
|
||||||
|
read name
|
||||||
|
run="yes"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
d)
|
||||||
|
rmuser=$OPTARG
|
||||||
|
delete $rmuser
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
r)
|
||||||
|
rpuser=$OPTARG
|
||||||
|
reset $rpuser
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
q)
|
||||||
|
squser=$OPTARG
|
||||||
|
resetquota $squser
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
u)
|
||||||
|
update
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
v)
|
||||||
|
version
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
?)
|
||||||
|
usage
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
## print usage message if no option is given
|
||||||
|
if [ -z $1 ]; then
|
||||||
|
usage
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
## end of script
|
||||||
|
exit 0
|
|
@ -0,0 +1,314 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
## ##
|
||||||
|
## FTPsFTP ##
|
||||||
|
## function definitions ##
|
||||||
|
## ##
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
|
||||||
|
# **** usage message ****
|
||||||
|
usage()
|
||||||
|
{
|
||||||
|
echo "usage: ftpsftp options
|
||||||
|
|
||||||
|
OPTIONS:
|
||||||
|
-h show this message
|
||||||
|
-s show stats (not yet implemented)
|
||||||
|
-a <username> add a user
|
||||||
|
-d <username> delete a user
|
||||||
|
-r <username> reset password for user
|
||||||
|
-q <username> (re)set the quota for user
|
||||||
|
-u update ftpsftp (pull from git)
|
||||||
|
-v show version information
|
||||||
|
|
||||||
|
"
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# **** version message ****
|
||||||
|
version()
|
||||||
|
{
|
||||||
|
|
||||||
|
echo "FTPsFTP - standalone ftp/sftp server solution"
|
||||||
|
echo
|
||||||
|
echo "vesion: $version"
|
||||||
|
echo "author: $author"
|
||||||
|
echo
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# **** am i root? ****
|
||||||
|
# this is now in bashlib
|
||||||
|
#amiroot()
|
||||||
|
#{
|
||||||
|
#if [ "$(whoami)" != "root" ]; then
|
||||||
|
# echo
|
||||||
|
# echo "sorry $USER, you need to gain root privileges to do this."
|
||||||
|
# echo
|
||||||
|
# exit 1;
|
||||||
|
#fi
|
||||||
|
#}
|
||||||
|
|
||||||
|
|
||||||
|
# **** ftpsftp update ****
|
||||||
|
update()
|
||||||
|
{
|
||||||
|
|
||||||
|
# checking for root privileges
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
# pull updates from ftpsftp git repository
|
||||||
|
cd /opt/ftpsftp
|
||||||
|
git pull origin master
|
||||||
|
log info "update - ftpsftp was updated (maybe)"
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# ***** calculating free quota *****
|
||||||
|
quotacalc()
|
||||||
|
{
|
||||||
|
|
||||||
|
local ablocks=$(df | grep $quotamountpoint | awk '{print $2}')
|
||||||
|
local gblocks=$(repquota $quotamountpoint | grep 0 | awk '{print $4}')
|
||||||
|
set -- $gblocks
|
||||||
|
local quotacount=0
|
||||||
|
for var in "$@"; do
|
||||||
|
local quotacount=$(($quotacount+$var))
|
||||||
|
done
|
||||||
|
|
||||||
|
local gblocks=$quotacount
|
||||||
|
local fblocks=$(($ablocks-$gblocks))
|
||||||
|
local fsize=$((fblocks*1000/1024))
|
||||||
|
local fsize=${fsize:0:$((${#fsize}-3))}
|
||||||
|
|
||||||
|
# return result
|
||||||
|
echo $fsize
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# **** set quota ****
|
||||||
|
quotaconf()
|
||||||
|
{
|
||||||
|
|
||||||
|
# checking for root privileges
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
# checking if user exists
|
||||||
|
isuserthere $accname
|
||||||
|
|
||||||
|
# breaking up if user does not exist
|
||||||
|
if [ $? -eq "1" ]; then
|
||||||
|
echo "error: user does not exist."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# calculate free quota
|
||||||
|
local fsize=$(quotacalc)
|
||||||
|
|
||||||
|
local run="yes"
|
||||||
|
while [ $run = "yes" ]; do
|
||||||
|
echo "please specify quota for user $accname. (in megabytes)"
|
||||||
|
echo "maximum: $fsize"
|
||||||
|
read accquota
|
||||||
|
if [ -z "$accquota" ]; then
|
||||||
|
echo "this field is mandatory."
|
||||||
|
else
|
||||||
|
if [ $accquota -lt $fsize ]; then
|
||||||
|
local run="no"
|
||||||
|
else
|
||||||
|
echo "specified size too big or not a number. try again."
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# set quota
|
||||||
|
accblockquota=$((accquota*1024))
|
||||||
|
setquota --all -u $accname $accblockquota $accblockquota 0 0
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# **** check if user is already there or needs to be created ****
|
||||||
|
isuserthere()
|
||||||
|
{
|
||||||
|
|
||||||
|
id $accname &> /dev/null
|
||||||
|
if [ $? -eq "0" ]; then
|
||||||
|
return 0
|
||||||
|
else
|
||||||
|
return 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
##### user creation #####
|
||||||
|
add()
|
||||||
|
{
|
||||||
|
|
||||||
|
# am i root?
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
# checking if user already exists
|
||||||
|
isuserthere
|
||||||
|
|
||||||
|
# breaking up if user already exists
|
||||||
|
if [ $? -eq "0" ]; then
|
||||||
|
echo "error: user already exists."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# choose ftp or sftp
|
||||||
|
echo "specify account type [sftp|ftp]"
|
||||||
|
read acctype
|
||||||
|
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
:
|
||||||
|
else
|
||||||
|
if [ $acctype = "ftp" ]; then
|
||||||
|
:
|
||||||
|
else
|
||||||
|
echo "i'm sorry, i need to break this up right now."
|
||||||
|
echo "it seams you can not understand some simple instructions."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
# read requester if configfile option is 1
|
||||||
|
while [ $trackrequester = "1" ]; do
|
||||||
|
echo "who orderd this account? (i'm tracking this for a greater good.)"
|
||||||
|
read accrequester
|
||||||
|
if [ -z "$accrequester" ]; then
|
||||||
|
echo "this field is mandatory."
|
||||||
|
else
|
||||||
|
trackrequester="notanymore"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
# set accport
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
local accport="22"
|
||||||
|
else
|
||||||
|
local accport="21"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# get timestamp
|
||||||
|
local acctimestamp=$(date '+%d.%m.%Y %H:%M')
|
||||||
|
|
||||||
|
# create home, set its permissions and add the user to sftp/ftpgroup
|
||||||
|
if [ $acctype = "sftp" ]; then
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
# create the actual user (sftp)
|
||||||
|
useradd -d /data -M -U -s /usr/lib/sftp-server $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname/data
|
||||||
|
usermod -G $sftpgroup $accname
|
||||||
|
else
|
||||||
|
mkdir -p $accpath/$acctype"_accounts"/$accname
|
||||||
|
# create the actual user (ftp)
|
||||||
|
useradd -d $accpath/$acctype"_accounts"/$accname -M -U -s /bin/false $accname
|
||||||
|
chown -R $accname\: $accpath/$acctype"_accounts"/$accname
|
||||||
|
usermod -G $ftpgroup $accname
|
||||||
|
fi
|
||||||
|
|
||||||
|
# set password
|
||||||
|
local accpass=$(setpasswd)
|
||||||
|
|
||||||
|
# configure quota
|
||||||
|
quotaconf
|
||||||
|
|
||||||
|
# trigger logging
|
||||||
|
logging $acctype $accname $accpass $accquota $accrequester $acctimestamp
|
||||||
|
|
||||||
|
# print account data
|
||||||
|
echo
|
||||||
|
echo "account data"
|
||||||
|
echo
|
||||||
|
echo "host:" $acchost
|
||||||
|
echo "port:" $accport
|
||||||
|
echo "username:" $accname
|
||||||
|
echo "password:" $accpass
|
||||||
|
echo "quota:" $accquota"MB"
|
||||||
|
echo "directory:" $accpath/$acctype"_accounts"/$accname
|
||||||
|
echo "requester:" $accrequester
|
||||||
|
echo
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
# **** user deletion ****
|
||||||
|
delete()
|
||||||
|
{
|
||||||
|
|
||||||
|
# am i root?
|
||||||
|
amiroot
|
||||||
|
|
||||||
|
# checking if user exists
|
||||||
|
isuserthere
|
||||||
|
|
||||||
|
# breaking up if user does not exist
|
||||||
|
if [ $? -eq "1" ]; then
|
||||||
|
echo "error: user does not exist"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
id -nG $accname | grep $sftpgroup &> /dev/null
|
||||||
|
if [ $? -eq "0" ]; then
|
||||||
|
deluser $accname &> /dev/null
|
||||||
|
rm -r $accpath/sftp_accounts/$accname
|
||||||
|
else
|
||||||
|
deluser $accname &> /dev/null
|
||||||
|
rm -r $accpath/ftp_accounts/$accname
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
# **** generate password ****
|
||||||
|
setpasswd()
|
||||||
|
{
|
||||||
|
|
||||||
|
# checking if user exists
|
||||||
|
isuserthere
|
||||||
|
|
||||||
|
# breaking up if user does not exist
|
||||||
|
if [ $? -eq "1" ]; then
|
||||||
|
echo "error: user does not exist"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# generating password
|
||||||
|
local accpass=$(pwgen -snc 10 1)
|
||||||
|
echo $accpass > pass.txt
|
||||||
|
local accencpass=$(makepasswd --clearfrom=pass.txt --crypt-md5 | awk '{print $2}')
|
||||||
|
rm pass.txt
|
||||||
|
|
||||||
|
# setting the password
|
||||||
|
usermod -p $accencpass $accname
|
||||||
|
|
||||||
|
# returning unencrypded password
|
||||||
|
echo $accpass
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
# **** logging ****
|
||||||
|
logging()
|
||||||
|
{
|
||||||
|
|
||||||
|
if [ $logging -eq "1" ]; then
|
||||||
|
echo $@ >> $acclogfile
|
||||||
|
fi
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
# **** statistics ****
|
||||||
|
stats()
|
||||||
|
{
|
||||||
|
|
||||||
|
echo "feature not yet implemented"
|
||||||
|
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,116 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
## ##
|
||||||
|
## FTPsFTP ##
|
||||||
|
## standalone ftp/sftp server solution ##
|
||||||
|
## ##
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
|
||||||
|
# **** do not touch as long as you are not me ****
|
||||||
|
version="v0.5_beta"
|
||||||
|
author="david@socialnerds.org"
|
||||||
|
giturl="git://git.socialnerds.org/ftpsftp.git"
|
||||||
|
logwhat="ftpsftp"
|
||||||
|
log2stdout="1"
|
||||||
|
|
||||||
|
functionfile="/opt/ftpsftp/ftpsftp.func"
|
||||||
|
configfile="/etc/ftpsftp.conf"
|
||||||
|
|
||||||
|
|
||||||
|
# **** read function definitions and config file ****
|
||||||
|
if [ -r $functionfile ]; then
|
||||||
|
source $functionfile
|
||||||
|
else
|
||||||
|
echo "error: functionfile not found."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -r $configfile ]; then
|
||||||
|
source $configfile
|
||||||
|
else
|
||||||
|
echo "error: configuration file not found."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
# **** load bashlib ****
|
||||||
|
# need for some better routine to include bashlib
|
||||||
|
if [ -d $bashlibpath ]; then
|
||||||
|
source $bashlibpath/main
|
||||||
|
source $bashlibpath/logengine
|
||||||
|
log debug "preflight - logengine loaded"
|
||||||
|
else
|
||||||
|
echo "ERROR: bashlib not found"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# **** processing options ****
|
||||||
|
while getopts "h,s,a:,d:,r:,q:,u,v" OPTION; do
|
||||||
|
case $OPTION in
|
||||||
|
h)
|
||||||
|
usage
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
s)
|
||||||
|
stats
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
a)
|
||||||
|
accname=$OPTARG
|
||||||
|
run="yes"
|
||||||
|
while [ $run = "yes" ]; do
|
||||||
|
add
|
||||||
|
echo "do you want to create another user? (yes/no)"
|
||||||
|
read run
|
||||||
|
if [[ $run = "yes" ]] || [[ $run = "y" ]]; then
|
||||||
|
echo "specify account name"
|
||||||
|
read accname
|
||||||
|
run="yes"
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
d)
|
||||||
|
accname=$OPTARG
|
||||||
|
delete
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
r)
|
||||||
|
accname=$OPTARG
|
||||||
|
accpass=$(setpasswd)
|
||||||
|
echo "the new password for user $accname is: $accpass"
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
q)
|
||||||
|
accname=$OPTARG
|
||||||
|
quotaconf
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
u)
|
||||||
|
update
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
v)
|
||||||
|
version
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
?)
|
||||||
|
usage
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
|
||||||
|
# **** print usage message if no option is given ****
|
||||||
|
if [ -z $1 ]; then
|
||||||
|
usage
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# **** end of script ****
|
||||||
|
exit 0
|
|
@ -0,0 +1,207 @@
|
||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
|
||||||
|
#################################################
|
||||||
|
## ##
|
||||||
|
## FTPsFTP ##
|
||||||
|
## installation script ##
|
||||||
|
## ##
|
||||||
|
#################################################
|
||||||
|
|
||||||
|
|
||||||
|
# **** ftpsftp installation routine ****
|
||||||
|
|
||||||
|
# **** configuration section ****
|
||||||
|
giturl="http://git.gitorious.org/aec/ftpsftp.git"
|
||||||
|
acclogfile="/var/log/ftpsftp_accounts.log" #changed
|
||||||
|
logfile="/var/log/ftpsftp.log" #new
|
||||||
|
configfile="/etc/ftpsftp.conf" #changed
|
||||||
|
reporoot="/opt" #new
|
||||||
|
|
||||||
|
|
||||||
|
# **** am i root? ****
|
||||||
|
if [ "$(whoami)" != "root" ]; then
|
||||||
|
echo
|
||||||
|
echo "$USER, in order to do this you need to gain root privileges."
|
||||||
|
echo
|
||||||
|
exit 1;
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# **** uninstall ****
|
||||||
|
if [ -z $1 ]; then
|
||||||
|
:
|
||||||
|
elif [ $1 = "--uninstall" ]; then
|
||||||
|
# **** removing files ****
|
||||||
|
rm -r $reporoot/ftpsftp
|
||||||
|
rm $logfile
|
||||||
|
rm $acclogfile
|
||||||
|
rm $configfile
|
||||||
|
rm /etc/vsftpd.chroot_list
|
||||||
|
rm /usr/local/bin/ftpsftp
|
||||||
|
rm /etc/fstab
|
||||||
|
mv /etc/fstab_orig /etc/fstab
|
||||||
|
rm cp /etc/vsftpd.conf
|
||||||
|
mv /etc/vsftpd.conf_orig /etc/vsftpd.conf
|
||||||
|
rm /etc/vsftpd.group_list
|
||||||
|
rm cp /etc/pam.d/vsftpd
|
||||||
|
mv /etc/pam.d/vsftpd_orig /etc/pam.d/vsftpd
|
||||||
|
rm /etc/ssh/sshd_config
|
||||||
|
mv /etc/ssh/sshd_config_orig /etc/ssh/sshd_config
|
||||||
|
rm /etc/shells
|
||||||
|
mv /etc/shells_orig /etc/shells
|
||||||
|
|
||||||
|
# **** removing groups ****
|
||||||
|
#delgroup $sftpgroup
|
||||||
|
#delgroup $ftpgroup
|
||||||
|
echo "info: everything except the system groups and the packages installed with apt successfully removed"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# **** installing dependencies ****
|
||||||
|
echo "info: trying to install dependencies via apt"
|
||||||
|
apt-get update
|
||||||
|
apt-get install -y vsftpd ssh quota quotatool makepasswd pwgen git-core vim
|
||||||
|
|
||||||
|
|
||||||
|
# **** reading configuration from user ****
|
||||||
|
echo "specify under which path the account home dirs should be stored (no tailing slash)"
|
||||||
|
read accpath
|
||||||
|
|
||||||
|
echo "specify the mointpoint of the device where your accounts are stored (needed for quota config)"
|
||||||
|
read quotamountpoint
|
||||||
|
|
||||||
|
echo "specify the fqdn of your host"
|
||||||
|
read acchost
|
||||||
|
|
||||||
|
echo "specify a system group for your sftp users [default: sftpusers]"
|
||||||
|
read sftpgroup
|
||||||
|
if [ -z $sftpgroup ]; then
|
||||||
|
sftpgroup="sftpusers"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "specify a system group for your ftp users [default: ftpusers]"
|
||||||
|
read ftpgroup
|
||||||
|
if [ -z $ftpgroup ]; then
|
||||||
|
ftpgroup="ftpusers"
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# **** creating needed directorys ****
|
||||||
|
# just in case, they should be already there
|
||||||
|
echo "info: creating directorys"
|
||||||
|
mkdir -p /var/log
|
||||||
|
mkdir -p $reporoot
|
||||||
|
|
||||||
|
|
||||||
|
# **** creating configfiles and logfiles ****
|
||||||
|
echo "info: creating configuration and log files"
|
||||||
|
|
||||||
|
# creating chroot_list
|
||||||
|
echo "$USER" > /etc/vsftpd.chroot_list
|
||||||
|
|
||||||
|
# creating log files
|
||||||
|
echo "type name pass quota reguester timestamp" > $acclogfile
|
||||||
|
touch $logfile
|
||||||
|
|
||||||
|
# create ftpsftp configuration file (default: /etc/ftpsftp/ftpsftp.conf)
|
||||||
|
echo '## ftpsftp configuration file ##
|
||||||
|
|
||||||
|
accpath="'$accpath'" # this should point to where your accounts should be located
|
||||||
|
quotamountpoint="'$quotamountpoint'" # mount point for quota configuration
|
||||||
|
acchost="'$acchost'" # the dns name where your sever is reachable
|
||||||
|
sftpgroup="'$sftpgroup'" # system group
|
||||||
|
ftpgroup="'$ftpgroup'" # system group
|
||||||
|
trackrequester="1" # switch to 0 if you do not want to track the account requester
|
||||||
|
logging="1" # set this to 0 if you do not want any logging
|
||||||
|
|
||||||
|
' > $configfile
|
||||||
|
|
||||||
|
|
||||||
|
# **** cloning master branch of ftpsftp git repo ****
|
||||||
|
echo "info: cloning files from git repository to /opt/ftpsftp"
|
||||||
|
cd $reporoot
|
||||||
|
git clone $giturl
|
||||||
|
|
||||||
|
|
||||||
|
# **** set symlink for script in /usr/local/bin ****
|
||||||
|
echo "info: creating symlink for script in /usr/local/bin"
|
||||||
|
cd /usr/local/bin
|
||||||
|
ln -s $reporoot/ftpsftp/ftpsftp.sh ftpsftp
|
||||||
|
|
||||||
|
|
||||||
|
# **** configure quota ****
|
||||||
|
echo "info: configuring quota in fstab for $quotamountpoint"
|
||||||
|
cp /etc/fstab /etc/fstab_orig
|
||||||
|
cat /etc/fstab | grep -v $quotamountpoint > /etc/~fstab
|
||||||
|
storageopt=$(cat /etc/fstab | grep $quotamountpoint | awk '{print $4}')
|
||||||
|
sed -i 's/'$storageopt'/'$storageopt',usrquota/' /etc/fstab
|
||||||
|
cat /etc/fstab | grep $quotamountpoint >> /etc/~fstab
|
||||||
|
rm /etc/fstab && mv /etc/~fstab /etc/fstab
|
||||||
|
umount $quotamountpoint
|
||||||
|
mount -a
|
||||||
|
/etc/init.d/quota restart
|
||||||
|
|
||||||
|
|
||||||
|
# **** configure vsftp ****
|
||||||
|
cp /etc/vsftpd.conf /etc/vsftpd.conf_orig
|
||||||
|
#sed -i 's/#listen_ipv6=YES/listen_ipv6=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#write_enable=YES/write_enable=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#local_umask=022/local_umask=0007\nfile_open_mode=0770/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#chroot_local_user=YES/chroot_local_user=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#chroot_list_enable=YES/chroot_list_enable=YES/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#chroot_list_file=\/etc\/vsftpd.chroot_list/chroot_list_file=\/etc\/vsftpd.chroot_list/' /etc/vsftpd.conf
|
||||||
|
sed -i 's/#ftpd_banner=Welcome to blah FTP service./ftpd_banner=Welcome to '$acchost'./' /etc/vsftpd.conf
|
||||||
|
|
||||||
|
|
||||||
|
# creating vsftpd.group_list (used by pam)
|
||||||
|
addgroup $ftpgroup
|
||||||
|
echo "
|
||||||
|
$ftpgroup
|
||||||
|
admin
|
||||||
|
" > /etc/vsftpd.group_list
|
||||||
|
|
||||||
|
# adding group list to pam.d
|
||||||
|
cp /etc/pam.d/vsftpd /etc/pam.d/vsftpd_orig
|
||||||
|
sed '2 a auth required pam_listfile.so item=group sense=allow file=/etc/vsftpd.group_list onerr=fail' /etc/pam.d/vsftpd > /etc/pam.d/vsftpd_new
|
||||||
|
rm /etc/pam.d/vsftpd && mv /etc/pam.d/vsftpd_new /etc/pam.d/vsftpd
|
||||||
|
|
||||||
|
# restarting ftp service
|
||||||
|
/etc/init.d/vsftpd restart
|
||||||
|
|
||||||
|
|
||||||
|
# **** configure sshd ****
|
||||||
|
echo "info: configuring ssh server"
|
||||||
|
addgroup $sftpgroup
|
||||||
|
cp /etc/ssh/sshd_config /etc/ssh/sshd_config_orig
|
||||||
|
sed -i 's/Subsystem sftp \/usr\/lib\/openssh\/sftp-server/Subsystem sftp internal-sftp/' /etc/ssh/sshd_config
|
||||||
|
|
||||||
|
echo "
|
||||||
|
|
||||||
|
##### ssh configuration done by ftpsftp ############
|
||||||
|
AllowGroups admin $sftpgroup
|
||||||
|
|
||||||
|
Match group sftpusers
|
||||||
|
ChrootDirectory $accpath/sftp_accounts/%u
|
||||||
|
X11Forwarding no
|
||||||
|
AllowTcpForwarding no
|
||||||
|
ForceCommand internal-sftp
|
||||||
|
|
||||||
|
" >> /etc/ssh/sshd_config
|
||||||
|
|
||||||
|
/etc/init.d/ssh restart
|
||||||
|
|
||||||
|
## adding shells
|
||||||
|
cp /etc/shells /etc/shells_orig
|
||||||
|
echo "
|
||||||
|
/bin/false
|
||||||
|
/usr/lib/sftp-server
|
||||||
|
" >> /etc/shells
|
||||||
|
|
||||||
|
|
||||||
|
echo "you can now delete this script."
|
||||||
|
echo "all you need is in $reporoot/ftpsftp, $configfile, $acclogfile and $logfile"
|
||||||
|
echo 'everything should be set to create your first user. try "ftpsftp -a <username>"'
|
||||||
|
echo
|
||||||
|
|
||||||
|
exit 0
|
Loading…
Reference in New Issue