Ask Your Question
0

How would you replace this script.

asked 2015-10-22 12:52:33 -0500

pacneil gravatar image

updated 2015-10-22 13:46:54 -0500

ramindk gravatar image

This is part of 14 procedure script that is done during provisioning of a system. I've replaced the other 13 and this one has me stumped. Any ideas?

 # Missing home directories
pwck -r | grep "does not exist" | while read MISSING_HOME;
do
    MISSING_DIR=$(echo $MISSING_HOME | cut -d"\`" -f3 | cut -d"'" -f1);
    MISSING_USER=$(echo $MISSING_HOME | cut -d"\`" -f2 | cut -d"'" -f1);
    USER_GROUP=$(grep "$MISSING_USER" /etc/passwd | cut -d":" -f4);
    echo "FIXING missing home for: $MISSING_USER:$USER_GROUP - $MISSING_DIR";
    mkdir $MISSING_DIR;
    chown $MISSING_USER:$USER_GROUP $MISSING_DIR;
    chmod 750 $MISSING_DIR;
    FIXED_DIR=$(ls -lLad $MISSING_DIR);
    if [ -e $MISSING_DIR ]; then
        echo "FIXED: $FIXED_DIR";
    else
        echo "ERROR: Unable to create $MISSING_USER home directory: $FIXED_DIR";
    fi
done;
edit retag flag offensive close merge delete

2 Answers

Sort by ยป oldest newest most voted
1

answered 2015-10-22 13:52:17 -0500

ramindk gravatar image

I wouldn't. I'd use Puppet to create the users and their home dirs at the same time. I'd also use Puppet to manage /etc/login.defs before creating users so their home dirs are created with the correct permissions rather than changing them after the fact.

Trying to replicate scripts in Puppet is almost always the wrong way to look at things. Instead describe the final state of the machine.

edit flag offensive delete link more
0

answered 2015-10-23 04:37:54 -0500

hvm gravatar image

These actions seem - to me - best done by a script, indeed. Puppet might help you as well, but this depends on your situation and number of users.

Puppet calls binaries on the system to obtain desired state, so why not add a 'binary' to the toolkit?

This script offers serious room for improvement, though:

MISSING_DIR=$(echo $MISSING_HOME | cut -d"\`" -f3 | cut -d"'" -f1);

MISSING_DIR only allows for home dirs without spaces (assumption) - put quotes around $( .... )

USER_GROUP=$(grep "$MISSING_USER" /etc/passwd | cut -d":" -f4);

Here, a missing user called 'john' would match with 'johnny' AND 'johnr'. Better use grep "^${MISSING_USER}:" /etc/passwd

You're not checking exit codes for mkdir, chown and chmod and you only check for existance at the end. This could be a regular file or symlink from the start and there's no way to know or correct it.

As you're parsing /etc/passwd anyway, you could read it line by line so you'll have all the information in one go:

A simple example, check and improve first :-)

# check 'getent passwd' as well
cat /etc/passwd | while read line
do
  username="$(echo "${line}" | cut -f1 -d:)"
  userid="$(echo "${line}"      | cut -f3 -d:)"
  groupid="$(echo "${line}"    | cut -f4 -d:)"
  homedir="$(echo "${line}"   | cut -f6 -d:)"

  [ -d "${homedir}" ] && continue

  mkdir -m 750 "${homedir}" || echo "error: problem creating homedir ${homedir}" >&2
  chown -R "${userid}:${groupid}" "${homedir}" || echo "error: problem chowning homedir ${homedir}" >&2

  if [ -d "${homedir}" ]
  then
    echo "Done: ${homedir} created for ${username}"
    exit 0
  else
    echo "Unknown problem: please investigate ${homedir} for ${username}"
    exit 1
  fi
done

Additionally, I would create a 'fatal error' function like this:

fatal() {
  echo "Fatal error: $1" >&2
  exit 1
}

and replace the error messages above with a call to 'fatal'.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2015-10-22 12:52:33 -0500

Seen: 84 times

Last updated: Oct 22 '15