Fix the way to get the sudoers directory

This commit is contained in:
Jeremy Gardais 2018-04-26 11:38:44 +02:00
parent 738e690582
commit 67b67e117b
Signed by: jegardai
GPG Key ID: E759BAA22501AF32
1 changed files with 29 additions and 16 deletions

View File

@ -10,7 +10,7 @@ ERROR=1
## GetDefaultUser {{{ ## GetDefaultUser {{{
function GetDefaultUser() { function GetDefaultUser() {
for user in $(ListUsers); do for user in $(ListUsers); do
echo $user echo "${user}"
return return
done done
} }
@ -75,21 +75,20 @@ function GetMyHostKey() {
## IpAddress {{{ ## IpAddress {{{
function IpAddress() { function IpAddress() {
local strMyIpAddress='' local strMyIpAddress=''
local strOsName=$( uname )
strMyIpAddress=$(dig +short myip.opendns.com @resolver1.opendns.com) strMyIpAddress=$(dig +short myip.opendns.com @resolver1.opendns.com)
if [ "$strMyIpAddress" == '' ]; then if [ "${strMyIpAddress}" == '' ]; then
error "failed to retrieve the ip address of this machine" error "failed to retrieve the ip address of this machine"
return 1 return 1
fi fi
echo $strMyIpAddress echo "{$strMyIpAddress}"
} }
## }}} ## }}}
## MyFqdn {{{ ## MyFqdn {{{
function MyFqdn() { function MyFqdn() {
local strMyIpAddress=$( IpAddress ) # eg '129.20.27.49' local strMyIpAddress=$( IpAddress ) # eg '129.20.27.49'
local strMyFqdn=$(host $strMyIpAddress | awk '{print $5}') local strMyFqdn=$(host "${strMyIpAddress}" | awk '{print $5}')
echo ${strMyFqdn%?} # remove the trailing '.' echo "${strMyFqdn%?}" # remove the trailing '.'
} }
## }}} ## }}}
@ -97,8 +96,8 @@ function MyFqdn() {
function ListUsers() { function ListUsers() {
local users='' local users=''
for user in $(ls -d /Users/[a-zA-Z]*); do for user in $(ls -d /Users/[a-zA-Z]*); do
user=$(basename $user) user=$(basename "${users}")
case "$user" in case "${users}" in
'Shared'|'admin') 'Shared'|'admin')
;; ;;
*) *)
@ -106,16 +105,16 @@ function ListUsers() {
;; ;;
esac esac
done done
echo $users echo "${users}"
} }
## }}} ## }}}
## AddUserBackuppc {{{ ## AddUserBackuppc {{{
function AddUserBackuppc() { function AddUserBackuppc() {
local userToBackup="$1" # the login of the user to backup local userToBackup="$1" # the login of the user to backup
local homeDir="$2" # par exemple '/var/lib/backuppc' local homeDir="$2" # eg. '/var/lib/backuppc'
local userLogin='backuppc' local userLogin='backuppc'
local groupId=$(id -g $userToBackup) local groupId=$(id -g "${userToBackup}")
maxid=$(dscl . -list /Users UniqueID | awk '$2 < 1000 {print $2}' | sort -ug | tail -1) maxid=$(dscl . -list /Users UniqueID | awk '$2 < 1000 {print $2}' | sort -ug | tail -1)
newid=$((maxid+1)) newid=$((maxid+1))
mkdir -p "$homeDir" mkdir -p "$homeDir"
@ -147,20 +146,34 @@ function AddUserBackuppc() {
## AllowBackuppcSudo {{{ ## AllowBackuppcSudo {{{
function AllowBackuppcSudo() { function AllowBackuppcSudo() {
# Get the configuration directory for sudoers # Get sudoers directory from the configuration
local sudoersDir=$(grep "^#includedir " /etc/sudoers | cut -d" " -f2)
if [ -f /etc/sudoers ]; then if [ -f /etc/sudoers ]; then
local sudoersDir=$(grep "^#includedir " /etc/sudoers | cut -d" " -f2) local sudoersDir=$(grep "^#includedir " /etc/sudoers | cut -d" " -f2)
if [ ! "${sudoersDir}" == '' ]; then
printf "%b\n" "Configuration de sudo pour BackupPC."
else
echo "#includedir /etc/sudoers.d" >> /etc/sudoers
printf '\e[1;33m%-6s\e[m\n' "DEBUG: Ajout de ${sudoersDir} dans le fichier sudoers."
fi
elif [ -f /private/etc/sudoers ]; then elif [ -f /private/etc/sudoers ]; then
local sudoersDir=$(grep "^#includedir " /private/etc/sudoers | cut -d" " -f2) local sudoersDir=$(grep "^#includedir " /private/etc/sudoers | cut -d" " -f2)
if [ ! "${sudoersDir}" == '' ]; then
printf "%b\n" "Configuration de sudo pour BackupPC."
else
echo "#includedir /private/etc/sudoers.d" >> /private/etc/sudoers
printf '\e[1;33m%-6s\e[m\n' "DEBUG: Ajout de ${sudoersDir} dans le fichier sudoers."
fi
else else
printf '\e[1;31m%-6s\e[m\n' "ERREUR: Impossible de trouver le fichier de configuratio de sudo." printf '\e[1;31m%-6s\e[m\n' "ERREUR: Impossible de trouver un fichier de configuratio pour sudo."
return "$ERROR" return "$ERROR"
fi fi
# Ensure to create the sudoers directory
sudo mkdir -p -- "${sudoersDir}" sudo mkdir -p -- "${sudoersDir}"
printf '\e[1;33m%-6s\e[m\n' "DEBUG: Création du dossier ${sudoersDir}." printf '\e[1;33m%-6s\e[m\n' "DEBUG: Création du dossier pour les sudoers ${sudoersDir}."
# Allow user to use rsync with sudo # Allow backuppc user to use rsync with sudo
sudo sh -c "echo '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync' > ${sudoersDir}/backuppc_noexec" sudo sh -c "echo '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync' > ${sudoersDir}/backuppc_noexec"
printf '\e[1;33m%-6s\e[m\n' "DEBUG: ajout de '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync'" printf '\e[1;33m%-6s\e[m\n' "DEBUG: ajout de '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync'"
printf '\e[1;33m%-6s\e[m\n' "DEBUG: dans le fichier ${sudoersDir}/backuppc_noexec." printf '\e[1;33m%-6s\e[m\n' "DEBUG: dans le fichier ${sudoersDir}/backuppc_noexec."
@ -294,7 +307,7 @@ AddUserBackuppc "${input_login}" "${homebackuppc}"
mkdir -p -- "${homebackuppc}"/.ssh mkdir -p -- "${homebackuppc}"/.ssh
printf '\e[1;33m%-6s\e[m\n' "DEBUG: Création du répertoire .ssh de l'utilisateur: ${homebackuppc}/.ssh" printf '\e[1;33m%-6s\e[m\n' "DEBUG: Création du répertoire .ssh de l'utilisateur: ${homebackuppc}/.ssh"
echo "from=\"129.20.203.16\" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIhMc8ixQXfWDACJy4q0v8T877UxahhCjO51PQFzylwVpf88LX3yWeDrWIW0NRu0zoSm396mig918OpD5ggqML/QbYbQsoDdAFUV/tK4JU6UJgEQIl25MOcUBCFepsFBGS09CH/V07xSUqSP/+beeTRLNO2CQzk3S2y3YfkXpM7KmOGfeLgoCaQAcxIkgLXeM3TpCZEzJDlZ8c8k/DjVvsgwCpQktYzNo2b37KHLLfgyW9KSo6N9sReUuNQjS6lu8rjrXfc6+J0pY2D6IxWptTWL/JVrhFCUqe4QQy+xYjoR41wqnAQyl/kOcyBNhSvojMKwQT6vlPwru6pOno16/X backuppc@backuppc.ipr.univ-rennes1.fr" > "${homebackuppc}"/.ssh/authorized_keys echo "from=\"129.20.203.16\" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIhMc8ixQXfWDACJy4q0v8T877UxahhCjO51PQFzylwVpf88LX3yWeDrWIW0NRu0zoSm396mig918OpD5ggqML/QbYbQsoDdAFUV/tK4JU6UJgEQIl25MOcUBCFepsFBGS09CH/V07xSUqSP/+beeTRLNO2CQzk3S2y3YfkXpM7KmOGfeLgoCaQAcxIkgLXeM3TpCZEzJDlZ8c8k/DjVvsgwCpQktYzNo2b37KHLLfgyW9KSo6N9sReUuNQjS6lu8rjrXfc6+J0pY2D6IxWptTWL/JVrhFCUqe4QQy+xYjoR41wqnAQyl/kOcyBNhSvojMKwQT6vlPwru6pOno16/X backuppc@backuppc.ipr.univ-rennes1.fr" > "${homebackuppc}"/.ssh/authorized_keys
printf '\e[1;33m%-6s\e[m\n' "DEBUG: Ajout de la clef SSH du serveur dans "${homebackuppc}"/.ssh/authorized_keys." printf '\e[1;33m%-6s\e[m\n' "DEBUG: Ajout de la clef SSH du serveur dans ${homebackuppc}/.ssh/authorized_keys"
chown -R backuppc "${homebackuppc}"/.ssh/ chown -R backuppc "${homebackuppc}"/.ssh/
printf '\e[1;33m%-6s\e[m\n' "DEBUG: chown -R backuppc ${homebackuppc}/.ssh/" printf '\e[1;33m%-6s\e[m\n' "DEBUG: chown -R backuppc ${homebackuppc}/.ssh/"