Linux基础知识之shell实现用户管理功能

[root@k8s-master shell]# more usermanager.sh 
#! /bin/bash
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[0;33m'
BLUE='\033[0;34m'
NC='\033[0m'
init() {
  [ "$(id -u)" -ne 0 ] && echo -e "${RED} ERROR: need root primission.${NC}" && exit 1
  if [ -f /etc/os-release ]; then
        . /etc/os-release
        OS=$NAME 

        if [[ $OS == *"CentOS Linux"* ]]; then
        PACKAGE_MANAGER="yum"
        USER_ADD_CMD="useradd"
        GROUP_ADD_CMD="groupadd"

        elif  [[ $OS == *"Ubuntu"* ]] || [[ $OS == *"Debian"* ]]; then
        PCKAGE_MANAGER="apt"
        USER_ADD_CMD="adduser"
        GROUP_ADD_CMD="addgroup"

        else
                echo -e "${YELLOW}note: unknown linux release: $OS, use common command ${NC}"
                PCKAGE_MANAGER="apt"
                USER_ADD_CMD="useradd"
                GROUP_ADD_CMD="groupadd"
        fi
  else
        echo -e "{RED} ERROR: cannot check system os ${NC}" && exit 1
  fi
  echo -e "${GREEN} checked: ${OS}${NC}"
}
user_exists() {
        id "$1" &>/dev/null
        return $?
}

group_exists() {
    grep -q "^$1:" /etc/group
        return $? 

}

add_user() {
        read -p "username: " username

        user_exists "username" && echo -e "${RED} user exists ${NC}" && return 1

        read -p "homedir(default/home/$username): " homedir

        homedir=${homedir:-/home/$username}

        read -p "Shell(default/bin/bash): " usershell

        usershell=${usershell:-/bin/bash}

        read -p "password: " userpass

        if [[ PACKAGE_MANAGER == "apt" ]]; then
        $USER_ADD_CMD $username --home $homedir --shell $usershell

        echo "$username:$userpass"| chpasswd

        else
                $USER_ADD_CMD -m -d $homedir -s $usershell $username
                echo "$userpass" | passwd --stdin $username
        fi
        [ $? -eq 0 ] && echo -e "${GREEN} user create success ${NC}" || echo -e "${RED} user create failed ${NC}"

        read -p "add sudo permission? (y/n): " add_sudo
        [[ $add_sudo == [yY] ]] && set_sudo_permission "$username"

}

delete_user() {
        read -p "need delete username: " username
        user_exists "$username" || {  echo -e "{$RED} user not exists ${NC}"; return 1;}

        read -p "delete homedir? (y/n): " del_home
        [[ $del_home == [yY] ]] && userdel -r $username || userdel $username
        [ $? -eq 0 ] && echo -e "${GREEN} user deleted ${NC}"|| echo -e "${RED} delete user failed ${NC}"
}

modify_user() {
        read -p "need modify username: " username
        user_exists "$username" || {  echo -e "{$RED} user not exists ${NC}"; return 1;}
        echo -e "1.change homedir 2.modify shell 3.change usergroup 4.back"

        read -p "choice: " choice

        case $choice in 

        1)      
                read -p "new homedir: " new_home
                usermod -d $new_home $username  && echo -e "${GREEN} change success${NC}" || echo -e "${RED} change failed ${NC}"
                ;;

        2)      
                read -p "new shell: " new_shell
                usermod -s $new_shell $username && echo -e "${GREEN} change success${NC}" || echo -e "${RED} change failed ${NC}"
                ;;

        3)  
                read -p "new usergroup: " new_group
                if ! group_exists "$new_group"; then
                        read -p "group not exists,if or not create? (y/n): " create_group
                [[ $create_group == [yY] ]] && $GROUP_ADD_CMD $new_group || return 1
                fi
                usermod -g $new_group $username && echo -e "${GREEN} change success${NC}" || echo -e "${RED} change failed${NC}"
                ;;
        4) return 0 ;;
        *) ;;
        esac
}

list_users() {
        echo -e "${BLUE} system user: ${NC}"
        echo -e "${YELLOW} username homedir  Shell ${NC}"
        echo "-----------------------------------"
        awk -F: '$3>=1000 && $3 < 65534 {print $3,$1,$6,$7}' /etc/passwd|sort -n|while read uid username homedir shell; do
        echo -e "${GREEN}$uid $username $homedir $shell${NC}"
        done
        echo -e "\n${BLUE}user account: $(awk -F: '$3>=1000 && $3 < 65534 {count++} END {print count}' /etc/passwd)${NC}"
}
manage_group() {
        local action=$1
        if [ "$action" = "add" ]; then
                read -p "new group_name: " groupname
        group_exists "$groupname" && echo -e "${RED} group exists ${NC}" && return 1
        $GROUP_ADD_CMD $groupname

        else
                read -p "need del group: " groupname
                group_exists "$groupname" || { echo -e "${RED}group not exists${NC}"; return 1; }
                groupdel $groupname
        fi 

        [ $? -eq 0 ] && echo -e "${GREEN} operatation success${NC}" || echo -e "${RED} operatation failed${NC}"
}

change_password() {
        read -p "username: " username
        user_exists "$username" || {  echo -e "{$RED} user not exists ${NC}"; return 1;}

        read -p "new password: " userpass

        if [[ $PACKAGE_MANAGER == "apt" ]]; then
                echo "$username:$userpass"|chpasswd
        else
                echo "$userpass"| passwd --stdin $username
        fi

        [ $? -eq 0 ] && echo -e "${GREEN} passwd already changed ${NC}" || echo -e "${RED} password change failed ${NC}"

}

set_sudo_permission() {
        local username=$1
        if [ -z "$username" ]; then
                read -p "username: " username
                user_exists "$username" || { echo -e "${RED} user not exists ${NC}"; return 1; }
        fi

        if [[ $PACKAGE_MANAGER == "apt" ]]; then
                usermod -aG sudo $username
                grep -q "^wheel:" /etc/group && usermod -aG wheel $username
        else
                usermod -aG wheel $username
        fi

        read -p "allow null sudo? (y/n): " nopass
        if [[ $nopass == [yY] ]]; then
                echo "$username ALL=(ALL) NOPASSWOD:ALL" >> /etc/sudoers.d/$username
                chmod 0440 /etc/sudoers.d/$username 
        fi
        echo -e "${GREEN} sudo permission already set ${NC}"
}
show_user_info() {
        read -p "username(display all users): " username
        [ -z $username ] && { list_users; return 0; }
        user_exists "$username" || { echo -e "${RED} user not exists ${NC}"; return 1; }

        uid=$(id -u $username)
        gid=$(id -g $username)
        groups=$(id -nG $username)
        homedir=$( grep "^$username:" /etc/passwd | cut -d: -f6)
        shell=$(grep "^$username:" /etc/passwd | cut -d: -f7)

        groups $username | grep -qE "\b(sudo|wheel)\b" && sudo_status="${GREEN} already permiss${NC}"|| sudo_status="${RED} not permiss${NC}"
        grep -q "^$username:!!" /etc/shadow 2>/dev/null && account_status="${RED} already locked${NC}"|| account_status="${GREEN} normal ${NC}"

        echo -e "${BLUE} user info: ${NC}"
        echo -e "UID: $uid\nGID: $gid\nhomedir: $homedir\nShell: $shell\ngroup:$groups\n sudo: $sudo_status\n status: $account_status"

        echo -e "\n${BLUE} last login: ${NC}"
        lastlog -u $username

}

main() {
        init
        while true; do
        clear
        echo 
        echo -e "${BLUE}|------------------------------------------------------|${NC}"
        echo -e "${BLUE}|--------------${NC}--${GREEN}Linux User Manager System${NC}-------------${BLUE}|${NC}"
        echo -e "${BLUE}|------------------------------------------------------|${NC}"
        echo 
        echo -e " ${GREEN} [1]${NC} adduser ${GREEN}[2]${NC} deleteuser ${GREEN}[3]${NC} changeuser"
        echo -e " ${GREEN} [4]${NC} listusers ${GREEN}[5]${NC} addgroup ${GREEN}[6]${NC} deletegroup"
        echo -e " ${GREEN} [7]${NC} changepassword ${GREEN}[8]${NC} setsudo ${GREEN}[9]${NC} userinfo"
        echo -e " ${RED} [0] ${NC} exit system"
        read -p "please choice opratation [0-9]: " choice
        echo

        case $choice in 
        1) add_user ;;
        2) delete_user ;;
        3) modify_user ;;
        4) list_users ;;
        5) manage_group "add" ;;
        6) manage_group "del" ;;
        7) change_password ;;
        8) set_sudo_permission ;;
        9) show_user_info ;;
        0) clear; exit 0 ;;
        *) ;;
        esac

        read -p "please press enter key continue..." dummy
        done
}
main