From 64533dee4a7d0b473d1aa41f282d23430615e422 Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 10:45:57 -0300
Subject: [PATCH 1/9] Remove local-accounts crons script
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
.../scripts/local_accounts-cron_script | 23 -------------------
1 file changed, 23 deletions(-)
delete mode 100755 server/modules/local-accounts/opt/openslx/scripts/local_accounts-cron_script
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local_accounts-cron_script b/server/modules/local-accounts/opt/openslx/scripts/local_accounts-cron_script
deleted file mode 100755
index 61b399c7..00000000
--- a/server/modules/local-accounts/opt/openslx/scripts/local_accounts-cron_script
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/ash
-
-# create .patches for next session
-
-if [ -d /home/openslx ]; then
- > /home/openslx/.local_accounts.session
- echo "Wipping last local_accounts session"
- users=$(diff -u /home/openslx/.passwd.backup /etc/passwd | grep -e '^-[^-]' | cut -d":" -f1)
- #users=$(diff -u /home/openslx/.passwd.backup /etc/passwd | grep -e '^+[^+]\|^-[^-]' | cut -d":" -f1)
- users=${users}${IFS}$(diff -u /home/openslx/.shadow.backup /etc/shadow | grep -e '^+[^+]' | cut -d":" -f1)
- for user in ${users}; do
- echo -e "\t"${user}
- if [ $(echo ${user} | cut -c1) = '-' ]; then
- echo ${user} >> /home/openslx/.local_accounts.session
- elif [ $(echo ${user} | cut -c1) = '+' ]; then
- uuser=$(echo ${user} | cut -c2-) #usingned user
- userdetail=${user}
- userdetail=${userdetail}":"$(cat /etc/shadow | grep -e ^${uuser} | cut -d":" -f2-3)
- userdetail=${userdetail}":"$(cat /etc/passwd | grep -e ^${uuser} | cut -d":" -f3-4)
- echo ${userdetail} >> /home/openslx/.local_accounts.session
- fi
- done
-fi
--
GitLab
From 9262dca442251d87398f1410f2ddd62deb2817ec Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 10:47:10 -0300
Subject: [PATCH 2/9] new way of creating local-accounts users, can be executed
during run time that will rebuild users info
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
.../opt/openslx/scripts/local-accounts.sh | 138 ++++++++
.../openslx/scripts/systemd-local_accounts | 320 +-----------------
2 files changed, 143 insertions(+), 315 deletions(-)
create mode 100755 server/modules/local-accounts/opt/openslx/scripts/local-accounts.sh
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts.sh
new file mode 100755
index 00000000..6771121d
--- /dev/null
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts.sh
@@ -0,0 +1,138 @@
+#!/bin/ash
+
+#Check if the user running this code has permissoes to run it
+if [ "$(/opt/openslx/bin/id -u)" != "0" ]; then
+ echo $0": Você não possue as permissoes necessárias para realizar essa operação"
+ exit 1
+else
+ echo $0": Você tem permissoes para executar esse programa"
+fi
+
+if [ -z "$1" ];then
+ . /opt/openslx/config || { echo "Could not source config!"; exit 23; }
+else
+ . "$1" || { echo "Could not source custom config!"; exit 23; }
+fi
+
+for file in passwd group shadow; do
+ if [ -e /home/openslx/localaccounts/bak/$file ]; then
+ echo $0": Copying "$file" from backup"
+ cp /home/openslx/localaccounts/bak/$file /etc/$file
+ fi
+done
+
+unset IFS
+set $SLX_USERS
+
+# parse config variable
+while (( [ $# -gt 0 ] )); do
+ # get the respective line for passwd, shadow and group
+ # shift advances the line $1 refers to
+ # since it doesn't check if there are 3 lines to parse,
+ # the program may misbehave in an insecure way
+ # if config file is corrupted or invalid.
+ passwdf=$(echo $1 | cut -d'=' -f2)
+ shift
+ shadowf=$(echo $1 | cut -d'=' -f2)
+ shift
+ groupf=$(echo $1 | cut -d'=' -f2)
+ shift
+
+ # parse each line (stored on variables by the code above) for needed info
+ username=$( echo $passwdf | cut -d':' -f1 )
+ uID=$( echo $passwdf | cut -d':' -f3 )
+ globalID=$( echo $uID | grep -e "^3....$" )
+
+ groupname=$( echo $groupf | cut -d':' -f1 )
+ gID=$( echo $groupf | cut -d':' -f3 )
+ globalGID=$( echo $gID | grep -e "^3....$" )
+
+ # global users have to belong to a group with the same name
+ if [ "$username" = "$groupname" ]; then
+ # checks if the user's id is in the correct range
+ # if the user is not global globalID and globalGID will be empty
+ # because grep will not find anything
+ if [ -n "$globalID" ] && [ -n "$globalGID" ]; then
+ /opt/openslx/scripts/adduser.sh "$passwdf" "$groupf" "$shadowf" "global"
+ fi
+ fi
+done
+
+#add groups to global users
+for line in $SLX_GROUPS; do
+ echo $0": "$line
+ IFS=,
+ set $line
+ username=$1
+ shift
+ while (( [ $# -gt 0 ] )); do
+ echo $0:"addusertogroup "$username" "$1
+ temp=$(mktemp)
+ firstuser=$( cat /etc/group | grep -e "^$1:.*:.*:$" )
+ if [ -n "$firstuser" ]; then
+ sed -e "s/^$1.*/&$username/" /etc/group > $temp
+ else
+ sed -e "s/^$1.*/&,$username/" /etc/group > $temp
+ fi
+ cp $temp /etc/group
+ chown root:root /etc/group
+ chmod 644 /etc/group
+ rm $temp
+ shift
+ done
+ unset IFS
+done
+
+# instanciates the configuration file
+if [ ! -e /home/openslx/localaccounts/.config ]; then
+ echo $0": Configuration of local users doesn't exist, creating a blank one"
+ > /home/openslx/localaccounts/.config
+fi
+unset IFS
+users=$(cat /home/openslx/localaccounts/.config);
+set $users
+
+# parse config file until EOF
+while (( [ $# -gt 0 ] )); do
+ # get the respective line for passwd, shadow and group
+ # shift advances the line $1 refers to
+ # since it doesn't check if there are 3 lines to parse,
+ # the program may misbehave in an insecure way
+ # if config file is corrupted or invalid.
+ passwdf=$(echo $1 | cut -d'=' -f2)
+ shift
+ shadowf=$(echo $1 | cut -d'=' -f2)
+ shift
+ groupf=$(echo $1 | cut -d'=' -f2)
+ shift
+
+ # parse each line (stored on variables by the code above) for needed info
+ username=$( echo $passwdf | cut -d':' -f1 )
+ uID=$( echo $passwdf | cut -d':' -f3 )
+ localID=$( echo $uID | grep -e "^2....$" -e "^1....$" )
+
+ groupname=$( echo $groupf | cut -d':' -f1 )
+ gID=$( echo $groupf | cut -d':' -f3 )
+ localGID=$( echo $gID | grep -e "^2....$" -e "^1....$" )
+
+ # local users have to belong to a group with the same name
+ if [ "$username" = "$groupname" ]; then
+ # checks if the user's id is in the correct range
+ # if the user is not local localID and localGID will be empty
+ # because grep will not find anything
+ if [ -n "$localID" ] && [ -n "$localGID" ]; then
+ /opt/openslx/scripts/adduser.sh "$passwdf" "$groupf" "$shadowf"
+ fi
+ fi
+done
+
+
+#Rebuild pendrive users
+for pen in $(ls -tr /dev/disk/by-id/usb*); do
+ dev=$(readlink -f "$pen")
+ dev=$(echo "$dev" | cut -d'/' -f3)
+
+ #call insert data
+ /opt/openslx/scripts/local-accounts_insert-data.sh "$dev"
+ #echo "$dev"
+done
diff --git a/server/modules/local-accounts/opt/openslx/scripts/systemd-local_accounts b/server/modules/local-accounts/opt/openslx/scripts/systemd-local_accounts
index a54d9c0e..b42ac819 100755
--- a/server/modules/local-accounts/opt/openslx/scripts/systemd-local_accounts
+++ b/server/modules/local-accounts/opt/openslx/scripts/systemd-local_accounts
@@ -1,320 +1,10 @@
#!/bin/ash
-. /opt/openslx/config || { echo "Could not source config!"; exit 23; }
-
-#Declaring custom vars
-SERVERSTARTUID=55000
-SERVERSTARTGUID=55000
-
-SERVERIDRANGE=2000
-
-USERSH="/bin/bash"
-
-
-#How the whole program works, It recivies server users in the var 'SLX_USERS', each user has a pattern:
-#[A]ctivated/[D]eactivated,Username,EncryptedPassword
-#If the user is Deactivated, whe just jump a uid and a guid so it is equal for every user every boot
-#If the user is Activated, whe need to check if it is Deleated or Not in the local machine, if is deleated we add the user to a tmp file
-#and do not create this user, at the end, we just copy this tmp file to the patch file so in the next boot it is deleted as well
-#Now there is only one patch file, if the user has a '-' in this it is not created, if it has a '+' it is a local user and is has a pattern:
-#username,password,uid,guid
-#Local users can only be created after a sentinel user so there is plenty of ids for server users.
-
-
-
-#generate new user with useradd and insert password in /etc/shadow if exists
-#This function recivies uid,guid,user,encrypted pass
-create_user(){
- username=$1
- password=$2
- lasttime=$3
- uid=$4
- guid=$5
-
-
- if [ -z ${password} ]; then
- password="!"
- fi
-
- if [ -z ${lasttime} ]; then
- lasttime=$(echo "$(date +%s) / 86400" | bc)
- fi
-
- #Check if the user alrealy exist
- #if it does, we update the password, and subtract the lastuid and lastguid(global)
- #if not we create
- userline=$(cat /etc/passwd | grep -e ^${username})
- if [ $? -eq 0 ]; then
- echo "User: ${username}, alrealy exist, seeing if the password is diferent"
- curpass=$(cat /etc/shadow | grep -e ^${username} | cut -d":" -f2)
-
- if [ ! '${curpass}' = '${password}' ]; then
- echo -e "Password is diferent."
- echo -e "\tCur: ${curpass}"
- echo -e "\tNew: ${password}"
- sed -i "s|^${username}:[^:]*:[^:]*:|${username}:${password}:${lasttime}:|" "/etc/shadow"
- else
- echo "Both passwords are the same"
- fi
-
- lastuid=$(echo "$lastuid - 1" | bc)
- lastguid=$(echo "$lastguid - 1" | bc)
- else
- echo "User: ${username}, does not exist, creating it"
- #i need to create on paswd.
- newuser=${username}":x:"${uid}":"${guid}"::/home/"${username}":${USERSH}"
- echo "Adding ${username}:"
- echo -e "\tTo passwd, like this:"
- echo -e "\t"${newuser}
- echo ${newuser} >> /etc/passwd
-
- newuser=${username}":"${password}":"${lasttime}":0:99999:7:::"
- echo -e "\tTo shadow, like this:"
- echo -e "\t"${newuser}
- echo ${newuser} >> /etc/shadow
- echo ${newuser} >> /etc/shadow-
-
- newuser=${username}":!:"${guid}":"
- echo -e "\tTo group, like this:"
- echo -e "\t"${newuser}
- echo ${newuser} >> /etc/group
- fi
-
- if cat /etc/passwd | grep -e "^${username}:" > /dev/null; then
- if [ "$foundhome" = "Yes" ]; then
- if ( [ ! -d /home/${username} ] ); then
- echo -e "\tMaking home to ${username} at /home/${username}"
- mkdir /home/${username}
- chown -R "${username}:${username}" "/home/${username}"
- else
- echo -e "\tUser ${username}, already has a home at /home/${username}"
- fi
- else
- echo -e "\tSince I could not find \home, cant make home to ${username}"
- fi
-
- return 0
- else
- return 1
- fi
-}
-
-remove_line(){
- tmp=mktemp
- cat $2 | grep -ve $1 > $tmp
- if diff $2 $tmp > /dev/null; then
- rm $tmp
- return 1
- else
- mv $tmp $2
- return 0
- fi
-}
-
-# check if the /home partition exists
-if mount | grep "/home" > /dev/null; then
- echo "/home partition found"
- foundhome="Yes"
-else
- echo "Could not find 'home' partition."
- echo "Will create home folder on ram. (Non persistent)"
- mkdir /home/
- foundhome="Yes"
-fi
-
-#discover last used id and guid, and if it is less than 1000 starts on 1000;
-lastuid=$(echo $(cat /etc/passwd | tail -1 | cut -d":" -f3) + 1 | bc)
-lastguid=$(echo $(cat /etc/group | tail -1 | cut -d":" -f3) + 1 | bc)
-echo "Found uid=${lastuid} guid=${lastguid}"
-
-if [ ${lastuid} -lt ${SERVERSTARTUID} ]; then
- lastuid=${SERVERSTARTUID}
-fi
-if [ ${lastguid} -lt ${SERVERSTARTGUID} ]; then
- lastguid=${SERVERSTARTGUID}
-fi
-
-echo " "
-echo " "
-
-#try to create the 'openslx' user in whose home dir backups and patch files will be stored
-#create openslx user
-echo "Current uid=${lastuid} guid=${lastguid}"
-if create_user "openslx" "${OPENSLX_PASS}" "" "${lastuid}" "${lastguid}"; then
- echo "User openslx, created succefully"
- lastuid=$(echo "$lastuid + 1" | bc)
- lastguid=$(echo "$lastguid + 1" | bc)
-else
- echo "Error, could not create user openslx"
-fi
-echo " "
-maxuid=$( echo "${SERVERSTARTUID} + ${SERVERIDRANGE} + 1 " | bc)
-maxguid=$( echo "${SERVERSTARTGUID} + ${SERVERIDRANGE} + 1 " | bc)
-
-if [ "$foundhome" = "Yes" ]; then
- if [ ! -e /home/openslx/.local_accounts_add.patch ]; then
- > /home/openslx/.local_accounts_add.patch
- fi
- if [ ! -e /home/openslx/.local_accounts_sub.patch ]; then
- > /home/openslx/.local_accounts_sub.patch
- fi
-fi
-
-#Update permanent patch, using session patch.
-#permanent patch is divided in two, an add patch and a sub patch
-#this way we can divid task
-if [ "$foundhome" = "Yes" ] && [ -e /home/openslx/.local_accounts.session ]; then
- echo " "
- echo "Starting process of patch making"
- userssub=$(cat /home/openslx/.local_accounts.session | grep -e ^- | cut -c2-)
- for usersub in $userssub; do
- username=$usersub
- echo "Checking if $username is in add path"
- userdata=$(cat /home/openslx/.local_accounts_add.patch | grep -e "^${username}:")
- if [ ! -z ${userdata} ]; then
- echo "This user is a local user or a server user with changed password"
- IFS=:
- set $userdata
- unset IFS
- if ( [ $4 -lt $SERVERSTARTUID ] || [ $4 -gt $maxuid ] ) && ( [ $5 -lt $SERVERSTARTGUID ] || [ $5 -gt $maxguid ] ); then
- echo "This is a local user"
- else
- echo "This user has UID or GUID of a server user, so it will be added to sub patch"
- echo $username >> "/home/openslx/.local_accounts_sub.patch"
- fi
- echo "Removing ${username} from add patch"
- remove_line "${username}:" "/home/openslx/.local_accounts_add.patch"
- else
- echo "$username is not in add"
- echo $username >> "/home/openslx/.local_accounts_sub.patch"
- fi
- done
-
-
- usersadd=$(cat /home/openslx/.local_accounts.session | grep -e ^+ | cut -c2-)
- for useradd in ${usersadd}; do
- username=$(echo ${useradd} |cut -d":" -f1 )
- echo "Checking if $username already exist in add patch"
- if cat /home/openslx/.local_accounts_add.patch | grep "^${username}:" >/dev/null; then
- echo "User: ${username} Exists, updating password"
- sed -i "s|^${username}:.*$|${useradd}|" "/home/openslx/.local_accounts_add.patch"
- else
- echo "User: ${username} Doesnt exist in add patch, creating"
- echo $useradd >> "/home/openslx/.local_accounts_add.patch"
- fi
- done
-
- echo "Done patch making"
- echo " "
- echo " "
-fi
-#create the accounts specified in the SLX_USERS config.
-#break the user line, and create user if it hasnt been delete, if has just increment uid
-#Create home if doesnt exist
-for line in $SLX_USERS; do
- IFS=,
- set $line
- unset IFS
- echo "Current uid=${lastuid} guid=${lastguid}"
- localfirst="N" #if a local user is created first than the server user with a same name, the server user will not be create. The script think that there is no local user with same name than this server user and than in the right time check
- if [ $lastuid -lt $maxuid ] && [ $lastguid -lt $maxguid ]; then
- if [ $1 = "A" ]; then
- echo "User: $2, is Activated in the Server"
- if [ "$foundhome" = "Yes" ] && cat /home/openslx/.local_accounts_sub.patch | grep -e "^$2$" >/dev/null ; then
- echo "User: $2, is Deactivated in this local machine"
- echo "Will not create this user but wont use this uid and guid for another user"
- else
- userinadd=$(cat /home/openslx/.local_accounts_add.patch | grep -e "^$2:")
- if [ ! -z $userinadd ] && [ $foundhome = "Yes" ]; then
- if [ $(echo $userinadd | cut -d":" -f4,5) = "${lastuid}:${lastguid}" ]; then
- pass=$(echo $userinadd | cut -d":" -f2)
- lasttime=$(echo $userinadd | cut -d":" -f3)
- else
- localfirst="Y"
- fi
- else
- pass=$3
- lasttime=""
- fi
- if [ $localfirst = "Y" ]; then
- echo "Error there is a local user with this username"
- else
- if create_user $2 "${pass}" "${lasttime}" "${lastuid}" "${lastguid}"; then
- echo "User: $2, created successfully"
- else
- echo "Error, could not create user: $2"
- fi
- fi
- fi
- else
- echo "User: $2, is Deactivated in the Server"
- echo "Will not create this user but wont use this uid and guid for another user"
- fi
- lastuid=$(echo "$lastuid + 1" | bc)
- lastguid=$(echo "$lastguid + 1" | bc)
- echo " "
- else
- echo "There is no more uids and guids available for server users"
- fi
+mkdir -p /home/openslx/localaccounts/bak
+for file in passwd group shadow; do
+ echo $0": making backup of "$file
+ cp /etc/$file /home/openslx/localaccounts/bak/$file
done
-
-create_user "OPENSLXSent" "" "" $maxuid $maxguid
-echo " "
-if [ "$foundhome" = "Yes" ] && [ -e /home/openslx/.local_accounts_add.patch ]; then
- localusers=$( cat /home/openslx/.local_accounts_add.patch)
- for line in $localusers; do
- IFS=:
- set $line
- unset IFS
- wrong="Y"
- echo "Will try to create local user: $1"
- echo "This user uid=$4 guid=$5"
- if [ $4 -lt $SERVERSTARTUID ] || [ $4 -gt $maxuid ]; then
- if [ $5 -lt $SERVERSTARTGUID ] || [ $5 -gt $maxguid ]; then
- if ! cat /etc/passwd | cut -d":" -f1,3 | grep -e "^.*:$4$" > /dev/null; then
- if ! cat /etc/passwd | cut -d":" -f1,4 | grep -e "^.*:$5$" > /dev/null; then
- echo "User: $1, passed in every test, creating it"
- wrong="N"
- if create_user $1 $2 $3 $4 $5; then
- echo "User: $1, created successfully"
- else
- echo "Error, could not create user: $1"
- fi
- else
- echo "This GUID is already in use, ignoring this user"
- fi
- else
- echo "This UID is already in use, ignoring this user"
- fi
- else
- echo "This GUID is in the server range, ignoring this user"
- fi
- else
- echo "This UID is in the server range, checkin if is a server user with a diferent password"
- actualpass=$(cat /etc/shadow | grep -e "^${1}:" | cut -d":" -f2)
- if [ $actualpass = $2 ]; then
- wrong="N"
- echo "Password already right"
- else
- echo "Actual password and given password are diferents, shuld not happen"
- echo "Will remove this line from add patch"
- fi
- fi
- if [ $wrong = "Y" ];then
- echo "Removing this line"
- if remove_line "$line" "/home/openslx/.local_accounts_add.patch"; then
- echo "Removed"
- else
- echo "Failed to remove $line"
- fi
- fi
- echo " "
- done
-fi
+/opt/openslx/scripts/local_accounts.sh
-#Backup Passwd so it can be whatched when computers shutdown for changes to be applyed to the next boot
-if [ "$foundhome" = "Yes" ]; then
- cp /etc/passwd /home/openslx/.passwd.backup
- cp /etc/shadow /home/openslx/.shadow.backup
-fi
--
GitLab
From 9cbb9f040652bfd6718d66c5c1eb58e4631d95a0 Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 10:50:58 -0300
Subject: [PATCH 3/9] Script that adds a user and if this user name or id is
used overwrite it
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
.../opt/openslx/scripts/adduser.sh | 239 ++++++++++++++++++
1 file changed, 239 insertions(+)
create mode 100755 server/modules/local-accounts/opt/openslx/scripts/adduser.sh
diff --git a/server/modules/local-accounts/opt/openslx/scripts/adduser.sh b/server/modules/local-accounts/opt/openslx/scripts/adduser.sh
new file mode 100755
index 00000000..828e0ec3
--- /dev/null
+++ b/server/modules/local-accounts/opt/openslx/scripts/adduser.sh
@@ -0,0 +1,239 @@
+#!/bin/ash
+
+#Errors Codes:
+#defaults:
+ # 0 Tudo certo
+ # 1 Não consegui atualizar passwd
+ # 2 Syntax invalida
+ # 3 argumento invalido
+ # 4 UID ja em uso
+ # 6 Grupo especificado nao existe
+ # 9 Username já existente
+ # 10 Não consegui atualizao group file
+ # 12 Não consegui criar o diretorio home
+ # 13 Cant create mail spool
+ # 14 Cant update SELinux user mapping
+
+
+# 21 Tentar adicionar usuario no range do servidor sem flag
+# 22 Tentar sobreescrever usuario global ou do sistema
+# 23 Usuario de servidor ja existe
+# 24 Tenta adicionar usuario com a flag de servidor mas fora da range
+
+# 31 Usuario local ja existe
+# 32 Usuario local fora do range do local_accounts
+
+# 41 Usuario de pendrive nao valido
+
+# 51 GID e/ou GroupName já em uso
+
+
+add (){
+ local passwd=$1
+ local group=$2
+ local shadow=$3
+
+ local username=$( echo $passwd | cut -d':' -f1 )
+ local uID=$( echo $passwd | cut -d':' -f3 )
+
+ local groupname=$( echo $group | cut -d':' -f1 )
+ local gID=$( echo $group | cut -d':' -f3 )
+
+ #check if this uid is available
+ local checkID=$( cat /etc/passwd | cut -d':' -f1-3 | grep -e ":$uID$" )
+ if [ -n "$checkID" ]; then
+ echo $0": Impossivel cadastrar usuario, já existe usuário com o mesmo id"
+ exit 4;
+ fi
+
+ #check if this username is available
+ local checkName=$( cat /etc/passwd | cut -d':' -f1-3 | grep -e "^$username:" )
+ if [ -n "$checkName" ]; then
+ echo $0": ImpossÃvel cadastrar usuário, nome de usaurio já está em uso"
+ exit 9
+ fi
+
+ #checks if exist the same gruop id
+ local checkGID=$( cat /etc/group | grep -e ":$gID:" )
+ if [ -n "$checkGID" ]; then
+ local checkGName=$( cat /etc/group | grep -e "^$groupname:" )
+ if [ -n "$checkGName" ]; then
+ if [ "$checkGname" != "$checkGID" ]; then
+ echo $0": ImpossÃvel cadastrar usuário, nome e id de grupo já em uso"
+ exit 51
+ fi
+ else
+ echo $0": Impossivel cadastrar usuário, id de grupo já em uso"
+ fi
+ fi
+
+ #checks if exist the same groupname
+ local checkGName=$( cat /etc/group | grep -e "^$groupname:" )
+ if [ -n "$checkGName" ]; then
+ #checks if the group and gid isnt the same, if is the same, there is no problems
+ if [ "$checkGName" != "$checkGID" ]; then
+ echo $0": ImpossÃvel cadastrar usuário, nome de grupo já está em uso"
+ exit 51
+ fi
+ fi
+
+ #adds on files
+ echo $passwd >> /etc/passwd
+ echo $group >> /etc/group
+ echo $shadow >> /etc/shadow
+
+ #cria home
+ local homedir=$( echo $passwd | cut -d':' -f6 )
+ if [ ! -e $homedir ]; then
+ mkdir -p "$homedir"
+ #copy skel home
+ cp -a /etc/skel/. "$homedir"
+ #chown to the user
+ chown -R $username:$groupname "$homedir"
+ fi
+}
+
+remove_group(){
+ local group=$1
+ #get user that is direct from this group
+ local username=$( echo $group | cut -d':' -f1);
+ local userDetail=$( cat /etc/passwd | cut -d':' -f1-3 | grep -e "^$username:")
+ echo $0": Removendo usuário "$username" do group"
+
+ #remove user that is from this group
+ remove_user "$userDetail"
+
+ #remove group from groups
+ local temp=$(mktemp)
+ sed "/^$group$/d" /etc/group > $temp
+ cp $temp /etc/group
+ chown root:root /etc/group
+ chmod 644 /etc/group
+ rm $temp
+}
+
+remove_user(){
+ local userDetail=$1
+ local userName=$( echo $userDetail | cut -d':' -f1 );
+ echo $0": Removendo usuário "$userName" do passwd e shadow"
+
+ #remove from passwd
+ local temp=$(mktemp)
+ sed "/^$userDetail:/d" /etc/passwd > $temp
+ cp $temp /etc/passwd
+ chown root:root /etc/passwd
+ chmod 644 /etc/passwd
+ rm $temp
+
+ #remove from shadow
+ local temp=$(mktemp)
+ sed "/^$userName:/d" /etc/shadow > $temp
+ cp $temp /etc/shadow
+ chown root:shadow /etc/shadow
+ chmod 640 /etc/shadow
+ rm $temp
+}
+
+#This script can only be executed by a root/sudoer user
+if [ "$(/usr/bin/id -r -u)" != "0" ]; then
+ echo $0": Você não possue as permissoes necessárias para realizar essa operação"
+ exit 1
+fi
+
+passwd=$( echo $1 | sed 's/[[:cntrl:]]//g') # remove control caracters(protection against malicius input)
+group=$( echo $2 | sed 's/[[:cntrl:]]//g') # remove control caracters(protection against malicius input)
+shadow=$( echo $3 | sed 's/[[:cntrl:]]//g') # remove control caracters(protection against malicius input)
+globalFlag=$( echo $4 | sed 's/[[:cntrl:]]//g') # remove control caracters(protection against malicius input)
+
+username=$( echo $passwd | cut -d':' -f1 )
+uID=$( echo $passwd | cut -d':' -f3 )
+globalID=$( echo $uID | grep -e "^3....$" )
+localID=$( echo $uID | grep -e "^2....$" -e "^1....$" )
+
+groupname=$( echo $group | cut -d':' -f1 )
+gID=$( echo $group | cut -d':' -f3 )
+globalGID=$( echo $gID | grep -e "^3....$" )
+localGID=$( echo $gID | grep -e "^2....$" -e "^1....$" )
+
+#DEBUG
+#echo "username: "$username;
+#echo "uID: "$uID;
+#echo "globalID: "$globalID;
+#echo "localID: "$localID;
+#echo ""
+#echo "groupname: "$groupname;
+#echo "gID: "$gID;
+#echo "globalGID: "$globalGID;
+#echo "localGID: "$localGID;
+#echo ""
+#echo "globalFlag: "$globalFlag;
+#echo ""
+
+#globalUser
+#if not(globalFlag) && ( globalID || globalGID )
+if [ "$globalFlag" != "global" ] && ( [ -n "$globalID" ] || [ -n "$globalGID" ] ); then
+ exit 21
+fi
+
+#if globalFlag && ( not(globalID) || not(globalGID) )
+if [ "$globalFlag" = "global" ] && ( [ -z "$globalID" ] || [ -z "$globalGID" ] ); then
+ exit 24
+fi
+
+#if globalFlag && globalID && globalGID
+if [ "$globalFlag" = "global" ] && [ -n "$globalID" ] && [ -n "$globalGID" ]; then
+ #add user global
+ add "$passwd" "$group" "$shadow"
+ echo $0": Usuário global adicionado corretamente"
+ exit 0
+fi
+
+#Uma vez que não possui uid ou gid global, se nao possuir id local esta fora do range
+if [ -z "$localID" ] || [ -z "$localGID" ]; then
+ echo $0": Usuario fora do range do local accounts"
+ exit 32
+fi
+
+#See if exist the username that we are tryng to add with non local ID
+checkNotLocalName=$( cat /etc/passwd | cut -d':' -f1,3 | grep -v -e ":2....$" -e ":1....$" | grep -e "^$username:" )
+if [ -n "$checkNotLocalName" ]; then
+ echo $0": Usuario não local com mesmo username"
+ exit 22
+fi
+
+#See if exists the group name that we are trying to add with non local GID
+checkNotLocalGroupName=$( cat /etc/group | grep -v -e ":2....:" -e ":1....:" | grep -e "^$groupname:" )
+if [ -n "$checkNotLocalGroupName" ]; then
+ echo $0": Usuario não local com mesmo group name"
+ exit 22
+fi
+
+checkGID=$( cat /etc/group | grep -e ":$gID:" )
+if [ -n "$checkGID" ]; then
+ echo $0": encontrei outro usuario local com o mesmo id de grupo, devo remove-lo"
+ remove_group "$checkGID"
+fi
+
+checkGName=$( cat /etc/group | grep -e "^$groupname:" )
+if [ -n "$checkGName" ]; then
+ echo $0": encontrei outro usuario local com o mesmo nome de grupo, devo remove-lo"
+ remove_group "$checkGName"
+fi
+
+checkName=$( cat /etc/passwd | cut -d':' -f1-3 | grep -e "^$username:" )
+if [ -n "$checkName" ]; then
+ echo $0": encontrei outro usuario local com o mesmo nome, devo remove-lo"
+ remove_user "$checkName"
+fi
+
+checkID=$( cat /etc/passwd | cut -d':' -f1-3 | grep -e ":$uID$" )
+if [ -n "$checkID" ]; then
+ echo $0": encontrei outro usuario local com o mesmo id, devo remove-lo"
+ remove_user "$checkID"
+fi
+
+#add local user
+add "$passwd" "$group" "$shadow"
+echo $0": Usuario local adicionado corretamente"
+exit 0
+
--
GitLab
From 8770e83fcbf57fecf8abee3cef55f86a1a2426f9 Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 11:01:16 -0300
Subject: [PATCH 4/9] Script that reads usb config file and write it to the
system
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
.../scripts/local-accounts_insert-data.sh | 106 ++++++++++++++++++
1 file changed, 106 insertions(+)
create mode 100755 server/modules/local-accounts/opt/openslx/scripts/local-accounts_insert-data.sh
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_insert-data.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_insert-data.sh
new file mode 100755
index 00000000..4b1c0001
--- /dev/null
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_insert-data.sh
@@ -0,0 +1,106 @@
+#!/bin/ash
+
+# EXIT CODES
+# 0 SUCCESS
+# 1 DEVICE COULD NOT BE MOUNTED
+# 2 NOT A CONFIGURED OPENSLX DEVICE
+# 3 CONFIG FILE IS EMPTY
+
+# prepares openslx partition to be used
+# mounts partition if not mounted
+# blocks program execution if it is not a openslx partition
+# param $1 is the dev to be mounted
+# return is done via the mountpath global variable, which is also used here
+prepare_usb () {
+ local dev=$1
+ mountpath=""
+
+ # get mounted device path. if not mounted attempts to do it
+ if $(mount | grep -q "/dev/$dev"); then
+ echo "$0: Device /dev/$dev is already mounted"
+ # get mountpath using the Usage '%' char as delimiter
+ # can't use space because of multiple spaces
+ # mountpath=$(df | grep -w $dev | cut -d'%' -f2- | cut -d' ' -f2-)
+ mountpath=$(mount | sed 's/ type.*//' | grep -w $dev | cut -d' ' -f3- | head -n1)
+ # continues execution of users_pendrive
+ else
+ echo "$0: Device /dev/$dev is not mounted"
+ mkdir -p /media/openslx/$dev # creates folder to mount dev on
+ if $(mount "/dev/$dev" /media/openslx/$dev); then
+ echo "$0: Device /dev/$dev mounted successfully"
+ mountpath="/media/openslx/$dev"
+ # continues execution of users_pendrive
+ else
+ echo "$0: Device /dev/$dev could not be mounted"
+ exit 1 # stops openslx users_pendrive execution for this dev
+ fi
+ fi
+
+ # checks if usb has an openslx config
+ if [ -e "$mountpath/Openslx/.config" ]; then
+ echo "$0: /dev/$dev is an openslx ready drive"
+ else
+ echo "$0: /dev/$dev is not ready to be used as an openslx drive"
+ # umount dev if it was mounted by openslx and doesnt have a config
+ if [ "$mountpath" = "/media/openslx/$dev" ]; then
+ echo "$0: umounting /dev/$dev"
+ umount -f -l "/dev/$dev" # lazy umount to avoid problems
+ fi
+ exit 2 # stops openslx users_pendrive execution for this dev
+ fi
+}
+
+dev="$1"
+
+prepare_usb "$dev" #returns at $mountpath
+# will only continue if the device that triggered is a valid openslx device
+echo "$0: an openslx ready drive is mounted at: $mountpath"
+
+unset IFS
+users=$(cat "$mountpath/Openslx/.config");
+if [ -z "$users" ]; then
+ echo "$0: $dev has an empty config file"
+ exit 3 # stops openslx users_pendrive execution for this dev
+fi
+set $users
+
+if [ ! -e "/home/openslx/usb_users" ]; then
+ mkdir -p /home/openslx/usb_users;
+fi
+
+# parse config file until EOF
+while (( [ $# -gt 0 ] )); do
+ # get the respective line for passwd, shadow and group
+ # shift advances the line $1 refers to
+ # since it doesn't check if there are 3 lines to parse,
+ # the program may misbehave in an insecure way
+ # if config file is corrupted or invalid.
+ passwdf=$(echo $1 | cut -d'=' -f2)
+ shift
+ shadowf=$(echo $1 | cut -d'=' -f2)
+ shift
+ groupf=$(echo $1 | cut -d'=' -f2)
+ shift
+
+ # parse each line (stored on variables by the code above) for needed info
+ username=$( echo $passwdf | cut -d':' -f1 )
+ uID=$( echo $passwdf | cut -d':' -f3 )
+ localID=$( echo $uID | grep -e "^2....$" -e "^1....$" )
+
+ groupname=$( echo $groupf | cut -d':' -f1 )
+ gID=$( echo $groupf | cut -d':' -f3 )
+ localGID=$( echo $gID | grep -e "^2....$" -e "^1....$" )
+
+ # local users have to belong to a group with the same name
+ if [ "$username" = "$groupname" ]; then
+ # checks if the user's id is in the correct range
+ # if the user is not local localID and localGID will be empty
+ # because grep will not find anything
+ if [ -n "$localID" ] && [ -n "$localGID" ]; then
+ /opt/openslx/scripts/adduser.sh "$passwdf" "$groupf" "$shadowf"
+ #Add to a file what pendrive this user is from
+ mount --bind $mountpath/Openslx/$username /home/$username
+ echo "/dev/$dev" > "/home/openslx/usb_users/$username"
+ fi
+ fi
+done
--
GitLab
From 44e8ac21617aa0b85bd6295eddb3a502dcb713c5 Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 11:01:47 -0300
Subject: [PATCH 5/9] Script that remount users home with the right permissions
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
.../scripts/local-accounts_mount-home.sh | 64 +++++++++++++++++++
1 file changed, 64 insertions(+)
create mode 100755 server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh
new file mode 100755
index 00000000..cb3d028f
--- /dev/null
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+
+#if vfat, umount and remount everything with the users that is logging
+
+#set -x
+#echo $USER > /root/logfile
+
+if ( [ ! -e /home/openslx/usb_users/$USER ] ); then
+ exit 0;
+fi
+
+user_drive=$(cat /home/openslx/usb_users/$USER)
+
+user_drive_type=$(cat /proc/self/mountinfo | grep "$user_drive" | head -n1 | cut -d' ' -f9)
+
+if ( [ "$user_drive_type" = "vfat" ] ); then
+ echo $0": user drive type is vfat"
+ uid=$(cat /etc/passwd | grep -e "^$USER:" | cut -d':' -f3)
+ guid=$(cat /etc/passwd | grep -e "^$USER:" | cut -d':' -f4)
+
+ users="";
+ #umount everything
+ IFS=$'\n'
+ for i in $(cat /proc/self/mountinfo | grep $user_drive); do
+ root_of_mount=$(echo $i | cut -d' ' -f4);
+
+ if ( [ "$root_of_mount" = "/" ] ); then
+ #this is the drive
+ #saves mount point to remount in the correct place
+ drive_mount_point=$(echo $i | cut -d' ' -f5)
+ else
+ #this is a user
+ #save user_names that are mounted to make binding easier after
+ user_name=$(echo $i | cut -d' ' -f4 | rev | cut -d'/' -f1 | rev )
+ users=$(echo "$users $user_name")
+ #check if there is something mounted in this user home( $user_name )
+ #if so, umount it
+ fi
+
+ mount_point=$(echo $i | cut -d' ' -f5)
+ #maybe umount -f -l
+ umount -f -l $mount_point
+ done
+ unset IFS
+
+
+ #mount with correct uid
+ mount -t vfat $user_drive $drive_mount_point -o uid=$uid,gid=$guid
+
+ #rebind stuff
+ for i in $users; do
+ mount --bind ${drive_mount_point}/Openslx/$i /home/$i
+ done
+
+ #significatlçy improves speed and leaves the user pendrive without useless files
+ #mount --bind /dev/shm /home/$USER/.cache
+fi
+
+if ( [ "$user_drive_type" = "ext4" ] ); then
+ echo $0": user drive type is ext4"
+ #do encryption
+fi
+
+
--
GitLab
From 4a8f56e4d8573259c6508134225b3f4ccf106c2e Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 11:02:36 -0300
Subject: [PATCH 6/9] Add scripts that are called to remove and create usb
users
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
.../scripts/local-accounts_remove-udev.sh | 39 +++++++++++++++++++
.../scripts/local-accounts_udev-caller.sh | 4 ++
2 files changed, 43 insertions(+)
create mode 100755 server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh
create mode 100755 server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh
new file mode 100755
index 00000000..6162d77f
--- /dev/null
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+remove (){
+
+#exec 1<&-
+#exec 2<&-
+#exec 1<>/root/log
+#exec 2>&1
+#set -x
+
+ user_drive="/dev/$1"
+
+ #check if this is a openslx drive
+ mountpath=$(mount | sed 's/ type.*//' | grep -w $dev | cut -d' ' -f3- | head -n1)
+ if [ -e "$mountpath/Openslx/.config" ]; then
+ echo "$0: /dev/$dev is an openslx ready drive"
+ else
+ echo "$0: /dev/$dev is not ready to be used as an openslx drive"
+ exit 2 # stops openslx users_pendrive execution for this dev
+ fi
+
+ #umount everything
+ IFS=$'\n'
+ for i in $(mount | grep $user_drive | sed 's/ type.*//' | cut -d' ' -f3); do
+ umount -f -l $i
+ done
+ unset IFS
+
+ ##Rebuild passwd,shadow,group
+ rm -rf /home/openslx/usb_users/*
+ rm /etc/passwd
+ rm /etc/shadow
+ rm /etc/group
+
+ /opt/openslx/scripts/local-accounts.sh
+}
+
+remove $1 &
+exit;
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh
new file mode 100755
index 00000000..48ecbccc
--- /dev/null
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+/opt/openslx/scripts/local-accounts_insert-data.sh $1 >> /root/local-accounts_insert-data.log &
+exit
--
GitLab
From 26dc325fe87464424323495c2ae105c97906aa09 Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 11:03:22 -0300
Subject: [PATCH 7/9] add script that call mount home with elevated permissions
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
server/modules/local-accounts/etc/X11/Xstartup | 9 +++++++++
1 file changed, 9 insertions(+)
create mode 100755 server/modules/local-accounts/etc/X11/Xstartup
diff --git a/server/modules/local-accounts/etc/X11/Xstartup b/server/modules/local-accounts/etc/X11/Xstartup
new file mode 100755
index 00000000..d2182fd0
--- /dev/null
+++ b/server/modules/local-accounts/etc/X11/Xstartup
@@ -0,0 +1,9 @@
+#!/bin/ash
+#
+# /etc/X11/Xstartup
+#
+# Xstartup is executed on successful authentication, before the session is opened (as root)
+#
+
+export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/sbin:/opt/openslx/bin"
+/opt/openslx/scripts/local-accounts_mount-home.sh >> /root/mountlog 2>&1
--
GitLab
From a5e6e1b2bdfe39011588bbb5e83502f18857dccc Mon Sep 17 00:00:00 2001
From: Thiago Abdo <tja14@inf.ufpr.br>
Date: Mon, 4 Apr 2016 11:03:34 -0300
Subject: [PATCH 8/9] add udev rule
Signed-off-by: Thiago Abdo <tja14@inf.ufpr.br>
---
.../local-accounts/etc/udev/rules.d/40-local_accounts.rules | 3 +++
1 file changed, 3 insertions(+)
create mode 100644 server/modules/local-accounts/etc/udev/rules.d/40-local_accounts.rules
diff --git a/server/modules/local-accounts/etc/udev/rules.d/40-local_accounts.rules b/server/modules/local-accounts/etc/udev/rules.d/40-local_accounts.rules
new file mode 100644
index 00000000..29a3aad1
--- /dev/null
+++ b/server/modules/local-accounts/etc/udev/rules.d/40-local_accounts.rules
@@ -0,0 +1,3 @@
+KERNEL=="sd*", ACTION=="add", SUBSYSTEM=="block", SYMLINK+="usbin%n", RUN+="/opt/openslx/scripts/local-accounts_udev-caller.sh $kernel"
+KERNEL=="sd*", ACTION=="remove", RUN+="/opt/openslx/scripts/local-accounts_remove-udev.sh $kernel"
+
--
GitLab
From e650c20d45e739039bae626647b8ab76be1706ae Mon Sep 17 00:00:00 2001
From: Egon Araujo <enba14@c3sl.ufpr.br>
Date: Fri, 10 Jun 2016 09:01:41 -0300
Subject: [PATCH 9/9] Change log and one IFS bug
Signed-off-by: Egon Araujo <enba14@c3sl.ufpr.br>
---
.../scripts/systemd-local_accounts-ecrypt | 2 +-
.../modules/local-accounts/etc/X11/Xstartup | 2 +-
.../scripts/local-accounts_mount-home.sh | 2 +-
.../scripts/local-accounts_remove-udev.sh | 5 +-
.../scripts/local-accounts_udev-caller.sh | 2 +-
vim.log | 282 ------------------
6 files changed, 7 insertions(+), 288 deletions(-)
delete mode 100644 vim.log
diff --git a/server/modules/local-accounts-ecrypt/opt/openslx/scripts/systemd-local_accounts-ecrypt b/server/modules/local-accounts-ecrypt/opt/openslx/scripts/systemd-local_accounts-ecrypt
index fc4866d7..37e10964 100755
--- a/server/modules/local-accounts-ecrypt/opt/openslx/scripts/systemd-local_accounts-ecrypt
+++ b/server/modules/local-accounts-ecrypt/opt/openslx/scripts/systemd-local_accounts-ecrypt
@@ -6,7 +6,7 @@
exec 1<&-
exec 2<&-
-exec 1<>/root/ecrypt
+exec 1<>/var/log/ecrypt
exec 2>&1
# check if the /home partition exists
diff --git a/server/modules/local-accounts/etc/X11/Xstartup b/server/modules/local-accounts/etc/X11/Xstartup
index d2182fd0..ecc163f6 100755
--- a/server/modules/local-accounts/etc/X11/Xstartup
+++ b/server/modules/local-accounts/etc/X11/Xstartup
@@ -6,4 +6,4 @@
#
export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/openslx/sbin:/opt/openslx/bin"
-/opt/openslx/scripts/local-accounts_mount-home.sh >> /root/mountlog 2>&1
+/opt/openslx/scripts/local-accounts_mount-home.sh >> /var/log/mountlog 2>&1
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh
index cb3d028f..6db32a16 100755
--- a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_mount-home.sh
@@ -3,7 +3,7 @@
#if vfat, umount and remount everything with the users that is logging
#set -x
-#echo $USER > /root/logfile
+#echo $USER > /var/log/logfile
if ( [ ! -e /home/openslx/usb_users/$USER ] ); then
exit 0;
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh
index 6162d77f..ce693081 100755
--- a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_remove-udev.sh
@@ -4,7 +4,7 @@ remove (){
#exec 1<&-
#exec 2<&-
-#exec 1<>/root/log
+#exec 1<>/var/log/local-accounts
#exec 2>&1
#set -x
@@ -20,11 +20,12 @@ remove (){
fi
#umount everything
+ IFS_bckp=$IFS
IFS=$'\n'
for i in $(mount | grep $user_drive | sed 's/ type.*//' | cut -d' ' -f3); do
umount -f -l $i
done
- unset IFS
+ IFS=$IFS_bckp
##Rebuild passwd,shadow,group
rm -rf /home/openslx/usb_users/*
diff --git a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh
index 48ecbccc..92f7b60a 100755
--- a/server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh
+++ b/server/modules/local-accounts/opt/openslx/scripts/local-accounts_udev-caller.sh
@@ -1,4 +1,4 @@
#!/bin/sh
-/opt/openslx/scripts/local-accounts_insert-data.sh $1 >> /root/local-accounts_insert-data.log &
+/opt/openslx/scripts/local-accounts_insert-data.sh $1 >> /var/log/local-accounts_insert-data.log &
exit
diff --git a/vim.log b/vim.log
deleted file mode 100644
index 735a9340..00000000
--- a/vim.log
+++ /dev/null
@@ -1,282 +0,0 @@
-
-chdir(/usr/share/vim)
-fchdir() to previous dir
-sourcing "$VIM/vimrc"
-Searching for "debian.vim" in "/home/michael/.vim,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/debian.vim"
-Searching for "/usr/share/vim/vimfiles/debian.vim"
-Searching for "/usr/share/vim/vim74/debian.vim"
-chdir(/usr/share/vim/vim74)
-fchdir() to previous dir
-line 10: sourcing "/usr/share/vim/vim74/debian.vim"
-finished sourcing /usr/share/vim/vim74/debian.vim
-continuing in /usr/share/vim/vimrc
-Searching for "/usr/share/vim/vimfiles/after/debian.vim"
-Searching for "/home/michael/.vim/after/debian.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 20: sourcing "/usr/share/vim/vim74/syntax/syntax.vim"
-Searching for "syntax/synload.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/synload.vim"
-Searching for "/var/lib/vim/addons/syntax/synload.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/synload.vim"
-Searching for "/usr/share/vim/vim74/syntax/synload.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 19: sourcing "/usr/share/vim/vim74/syntax/synload.vim"
-Searching for "syntax/syncolor.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vim74/syntax/syncolor.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 21: sourcing "/usr/share/vim/vim74/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syncolor.vim
-continuing in /usr/share/vim/vim74/syntax/synload.vim
-Searching for "/usr/share/vim/vimfiles/after/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/after/syntax/syncolor.vim"
-Searching for "/home/michael/.vim/after/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/synload.vim
-continuing in /usr/share/vim/vim74/syntax/syntax.vim
-Searching for "filetype.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/filetype.vim"
-Searching for "/var/lib/vim/addons/filetype.vim"
-Searching for "/usr/share/vim/vimfiles/filetype.vim"
-Searching for "/usr/share/vim/vim74/filetype.vim"
-chdir(/usr/share/vim/vim74)
-fchdir() to previous dir
-line 25: sourcing "/usr/share/vim/vim74/filetype.vim"
-Searching for "ftdetect/*.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/ftdetect/*.vim"
-Searching for "/var/lib/vim/addons/ftdetect/*.vim"
-Searching for "/usr/share/vim/vimfiles/ftdetect/*.vim"
-Searching for "/usr/share/vim/vim74/ftdetect/*.vim"
-Searching for "/usr/share/vim/vimfiles/after/ftdetect/*.vim"
-Searching for "/var/lib/vim/addons/after/ftdetect/*.vim"
-Searching for "/home/michael/.vim/after/ftdetect/*.vim"
-not found in 'runtimepath': "ftdetect/*.vim"
-finished sourcing /usr/share/vim/vim74/filetype.vim
-continuing in /usr/share/vim/vim74/syntax/syntax.vim
-Searching for "/usr/share/vim/vimfiles/after/filetype.vim"
-Searching for "/var/lib/vim/addons/after/filetype.vim"
-Searching for "/home/michael/.vim/after/filetype.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syntax.vim
-continuing in /usr/share/vim/vimrc
-finished sourcing $VIM/vimrc
-chdir(/home/michael)
-fchdir() to previous dir
-sourcing "$HOME/.vimrc"
-Searching for "syntax/syncolor.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vim74/syntax/syncolor.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 2: sourcing "/usr/share/vim/vim74/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syncolor.vim
-continuing in /home/michael/.vimrc
-Searching for "/usr/share/vim/vimfiles/after/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/after/syntax/syncolor.vim"
-Searching for "/home/michael/.vim/after/syntax/syncolor.vim"
-Searching for "colors/xoria256.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/colors/xoria256.vim"
-chdir(/home/michael/.vim/colors)
-fchdir() to previous dir
-line 2: sourcing "/home/michael/.vim/colors/xoria256.vim"
-Searching for "syntax/syncolor.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vim74/syntax/syncolor.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 27: sourcing "/usr/share/vim/vim74/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syncolor.vim
-continuing in /home/michael/.vim/colors/xoria256.vim
-Searching for "/usr/share/vim/vimfiles/after/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/after/syntax/syncolor.vim"
-Searching for "/home/michael/.vim/after/syntax/syncolor.vim"
-Searching for "syntax/syncolor.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vim74/syntax/syncolor.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 29: sourcing "/usr/share/vim/vim74/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syncolor.vim
-continuing in /home/michael/.vim/colors/xoria256.vim
-Searching for "/usr/share/vim/vimfiles/after/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/after/syntax/syncolor.vim"
-Searching for "/home/michael/.vim/after/syntax/syncolor.vim"
-Searching for "syntax/syncolor.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vim74/syntax/syncolor.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 32: sourcing "/usr/share/vim/vim74/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syncolor.vim
-continuing in /home/michael/.vim/colors/xoria256.vim
-Searching for "/usr/share/vim/vimfiles/after/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/after/syntax/syncolor.vim"
-Searching for "/home/michael/.vim/after/syntax/syncolor.vim"
-finished sourcing /home/michael/.vim/colors/xoria256.vim
-continuing in /home/michael/.vimrc
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 3: sourcing "/usr/share/vim/vim74/syntax/syntax.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 15: sourcing "/usr/share/vim/vim74/syntax/nosyntax.vim"
-finished sourcing /usr/share/vim/vim74/syntax/nosyntax.vim
-continuing in /usr/share/vim/vim74/syntax/syntax.vim
-Searching for "syntax/synload.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/synload.vim"
-Searching for "/var/lib/vim/addons/syntax/synload.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/synload.vim"
-Searching for "/usr/share/vim/vim74/syntax/synload.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 19: sourcing "/usr/share/vim/vim74/syntax/synload.vim"
-Searching for "colors/xoria256.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/colors/xoria256.vim"
-chdir(/home/michael/.vim/colors)
-fchdir() to previous dir
-line 19: sourcing "/home/michael/.vim/colors/xoria256.vim"
-Searching for "syntax/syncolor.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vim74/syntax/syncolor.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 29: sourcing "/usr/share/vim/vim74/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syncolor.vim
-continuing in /home/michael/.vim/colors/xoria256.vim
-Searching for "/usr/share/vim/vimfiles/after/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/after/syntax/syncolor.vim"
-Searching for "/home/michael/.vim/after/syntax/syncolor.vim"
-Searching for "syntax/syncolor.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vimfiles/syntax/syncolor.vim"
-Searching for "/usr/share/vim/vim74/syntax/syncolor.vim"
-chdir(/usr/share/vim/vim74/syntax)
-fchdir() to previous dir
-line 32: sourcing "/usr/share/vim/vim74/syntax/syncolor.vim"
-finished sourcing /usr/share/vim/vim74/syntax/syncolor.vim
-continuing in /home/michael/.vim/colors/xoria256.vim
-Searching for "/usr/share/vim/vimfiles/after/syntax/syncolor.vim"
-Searching for "/var/lib/vim/addons/after/syntax/syncolor.vim"
-Searching for "/home/michael/.vim/after/syntax/syncolor.vim"
-finished sourcing /home/michael/.vim/colors/xoria256.vim
-continuing in /usr/share/vim/vim74/syntax/synload.vim
-finished sourcing /usr/share/vim/vim74/syntax/synload.vim
-continuing in /usr/share/vim/vim74/syntax/syntax.vim
-finished sourcing /usr/share/vim/vim74/syntax/syntax.vim
-continuing in /home/michael/.vimrc
-finished sourcing $HOME/.vimrc
-Searching for "plugin/**/*.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/plugin/**/*.vim"
-chdir(/home/michael/.vim/plugin)
-fchdir() to previous dir
-sourcing "/home/michael/.vim/plugin/detectindent.vim"
-finished sourcing /home/michael/.vim/plugin/detectindent.vim
-Searching for "/var/lib/vim/addons/plugin/**/*.vim"
-Searching for "/usr/share/vim/vimfiles/plugin/**/*.vim"
-Searching for "/usr/share/vim/vim74/plugin/**/*.vim"
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/getscriptPlugin.vim"
-finished sourcing /usr/share/vim/vim74/plugin/getscriptPlugin.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/gzip.vim"
-finished sourcing /usr/share/vim/vim74/plugin/gzip.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/matchparen.vim"
-finished sourcing /usr/share/vim/vim74/plugin/matchparen.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/netrwPlugin.vim"
-finished sourcing /usr/share/vim/vim74/plugin/netrwPlugin.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/rrhelper.vim"
-finished sourcing /usr/share/vim/vim74/plugin/rrhelper.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/spellfile.vim"
-finished sourcing /usr/share/vim/vim74/plugin/spellfile.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/tarPlugin.vim"
-finished sourcing /usr/share/vim/vim74/plugin/tarPlugin.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/tohtml.vim"
-finished sourcing /usr/share/vim/vim74/plugin/tohtml.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/vimballPlugin.vim"
-finished sourcing /usr/share/vim/vim74/plugin/vimballPlugin.vim
-chdir(/usr/share/vim/vim74/plugin)
-fchdir() to previous dir
-sourcing "/usr/share/vim/vim74/plugin/zipPlugin.vim"
-finished sourcing /usr/share/vim/vim74/plugin/zipPlugin.vim
-Searching for "/usr/share/vim/vimfiles/after/plugin/**/*.vim"
-Searching for "/var/lib/vim/addons/after/plugin/**/*.vim"
-Searching for "/home/michael/.vim/after/plugin/**/*.vim"
-Reading viminfo file "/home/michael/.viminfo" info oldfiles
-chdir(/home/michael/tm-scripts)
-fchdir() to previous dir
- "vim.log"
-"vim.log" [noeol] 206L, 12288C
-Reading viminfo file "/home/michael/.viminfo" marks
-Searching for "scripts.vim" in "/home/michael/.vim,/var/lib/vim/addons,/usr/share/vim/vimfiles,/usr/share/vim/vim74,/usr/share/vim/vimfiles/after,/var/lib/vim/addons/after,/home/michael/.vim/after"
-Searching for "/home/michael/.vim/scripts.vim"
-chdir(/home/michael/.vim)
-fchdir() to previous dir
-line 0: sourcing "/home/michael/.vim/scripts.vim"
-finished sourcing /home/michael/.vim/scripts.vim
-continuing in BufRead Auto commands for "*"
-Searching for "/var/lib/vim/addons/scripts.vim"
-Searching for "/usr/share/vim/vimfiles/scripts.vim"
-Searching for "/usr/share/vim/vim74/scripts.vim"
-chdir(/usr/share/vim/vim74)
-fchdir() to previous dir
-line 0: sourcing "/usr/share/vim/vim74/scripts.vim"
-finished sourcing /usr/share/vim/vim74/scripts.vim
-continuing in BufRead Auto commands for "*"
-Searching for "/usr/share/vim/vimfiles/after/scripts.vim"
-Searching for "/var/lib/vim/addons/after/scripts.vim"
-Searching for "/home/michael/.vim/after/scripts.vim"
-; leading_tabs_num: 0, leading_spaces_num: 0, leading_spaces 1: 0, leading_spaces 2: 0, leading_spaces 3: 0, leading_spaces 4: 0, leading_spaces 5: 0, leading_spaces 6: 0, leading_spaces 7: 0, leading_spaces 8: 0
-/.vimrc
-
-/.vimrc
-
-/.vimrc
-
-/.vimrc
-
-/.vimrc
-
-/.vimrc
-
-/.vimrc
-
-/.vimrc
-
-/.vimrc
--- INSERT --
-
-
-E492: Not an editor command: Q!
-
-Writing viminfo file "/home/michael/.viminfo"
\ No newline at end of file
--
GitLab