Re-enable the actions
This commit is contained in:
parent
0b80ba177f
commit
738e690582
|
@ -21,8 +21,8 @@ function GetDefaultUser() {
|
||||||
function AllowUserToConnectToThisMachineUsingSsh()
|
function AllowUserToConnectToThisMachineUsingSsh()
|
||||||
{
|
{
|
||||||
local userLogin="$1"
|
local userLogin="$1"
|
||||||
#dscl . append '/Groups/com.apple.access_ssh' user "${userLogin}"
|
dscl . append '/Groups/com.apple.access_ssh' user "${userLogin}"
|
||||||
#dscl . append /Groups/com.apple.access_ssh groupmembers $(dscl . read "/Users/${userLogin}" GeneratedUID | cut -d " " -f 2)
|
dscl . append /Groups/com.apple.access_ssh groupmembers $(dscl . read "/Users/${userLogin}" GeneratedUID | cut -d " " -f 2)
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Autoriser les accès SSH pour ${userLogin}."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Autoriser les accès SSH pour ${userLogin}."
|
||||||
}
|
}
|
||||||
## }}}
|
## }}}
|
||||||
|
@ -30,7 +30,7 @@ function AllowUserToConnectToThisMachineUsingSsh()
|
||||||
## EnsurePingIsAllowed {{{
|
## EnsurePingIsAllowed {{{
|
||||||
function EnsurePingIsAllowed()
|
function EnsurePingIsAllowed()
|
||||||
{
|
{
|
||||||
#sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode off
|
sudo /usr/libexec/ApplicationFirewall/socketfilterfw --setstealthmode off
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Désactivation du mode furtif (ping)."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Désactivation du mode furtif (ping)."
|
||||||
if [ $? != 0 ]; then
|
if [ $? != 0 ]; then
|
||||||
printf '\e[1;31m%-6s\e[m\n' "ERREUR : La désactivation du mode furtif a échoué"
|
printf '\e[1;31m%-6s\e[m\n' "ERREUR : La désactivation du mode furtif a échoué"
|
||||||
|
@ -42,14 +42,14 @@ function EnsurePingIsAllowed()
|
||||||
## EnsureSshdIsRunning {{{
|
## EnsureSshdIsRunning {{{
|
||||||
function EnsureSshdIsRunning()
|
function EnsureSshdIsRunning()
|
||||||
{
|
{
|
||||||
#sudo launchctl list | grep 'com.openssh.sshd' &> /dev/null
|
sudo launchctl list | grep 'com.openssh.sshd' &> /dev/null
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Vérification si sshd est déjà en cours."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Vérification si sshd est déjà en cours."
|
||||||
if [ $? != 0 ]; then
|
if [ $? != 0 ]; then
|
||||||
# enable 'Remote login' in 'system preferences'
|
# enable 'Remote login' in 'system preferences'
|
||||||
sudo launchctl enable system/com.openssh.sshd &> /dev/null
|
sudo launchctl enable system/com.openssh.sshd &> /dev/null
|
||||||
sudo launchctl load /System/Library/LaunchDaemons/ssh.plist &> /dev/null
|
sudo launchctl load /System/Library/LaunchDaemons/ssh.plist &> /dev/null
|
||||||
fi
|
fi
|
||||||
#sudo launchctl list | grep 'com.openssh.sshd' &> /dev/null
|
sudo launchctl list | grep 'com.openssh.sshd' &> /dev/null
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Activation du serveur ssh."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Activation du serveur ssh."
|
||||||
if [ $? != 0 ]; then
|
if [ $? != 0 ]; then
|
||||||
printf '\e[1;31m%-6s\e[m\n' "ERREUR : L'activation du serveur ssh a échoué";
|
printf '\e[1;31m%-6s\e[m\n' "ERREUR : L'activation du serveur ssh a échoué";
|
||||||
|
@ -126,17 +126,17 @@ function AddUserBackuppc() {
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create user
|
# Create user
|
||||||
#dscl . -create "/Users/$userLogin"
|
dscl . -create "/Users/$userLogin"
|
||||||
#dscl . -create "/Users/$userLogin" UserShell /bin/bash
|
dscl . -create "/Users/$userLogin" UserShell /bin/bash
|
||||||
#dscl . -create "/Users/$userLogin" RealName "backuppc"
|
dscl . -create "/Users/$userLogin" RealName "backuppc"
|
||||||
#dscl . -create "/Users/$userLogin" UniqueID "$newid"
|
dscl . -create "/Users/$userLogin" UniqueID "$newid"
|
||||||
#dscl . -create "/Users/$userLogin" PrimaryGroupID "$groupId"
|
dscl . -create "/Users/$userLogin" PrimaryGroupID "$groupId"
|
||||||
#dscl . -create "/Users/$userLogin" NFSHomeDirectory "$homeDir"
|
dscl . -create "/Users/$userLogin" NFSHomeDirectory "$homeDir"
|
||||||
#dscl . -create "/Users/$userLogin" IsHidden 1 # hide from login window
|
dscl . -create "/Users/$userLogin" IsHidden 1 # hide from login window
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Création de l'utilisateur ${userLogin}."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Création de l'utilisateur ${userLogin}."
|
||||||
|
|
||||||
# Homedir permissions
|
# Homedir permissions
|
||||||
#chown -R "$userLogin:$groupId" "$homeDir"
|
chown -R "$userLogin:$groupId" "$homeDir"
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : chown -R $userLogin:$groupId $homeDir"
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : chown -R $userLogin:$groupId $homeDir"
|
||||||
|
|
||||||
AllowUserToConnectToThisMachineUsingSsh "${userLogin}"
|
AllowUserToConnectToThisMachineUsingSsh "${userLogin}"
|
||||||
|
@ -157,11 +157,11 @@ function AllowBackuppcSudo() {
|
||||||
return "$ERROR"
|
return "$ERROR"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
#sudo mkdir -p -- "${sudoersDir}"
|
sudo mkdir -p -- "${sudoersDir}"
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Création du dossier ${sudoersDir}."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Création du dossier ${sudoersDir}."
|
||||||
|
|
||||||
# Allow user to use rsync with sudo
|
# Allow user to use rsync with sudo
|
||||||
#sudo sh -c "echo '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync' > ${sudoersDir}/backuppc_noexec"
|
sudo sh -c "echo '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync' > ${sudoersDir}/backuppc_noexec"
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : ajout de '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync'"
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : ajout de '${userLogin} ALL=(ALL:ALL) NOEXEC:NOPASSWD: /usr/bin/rsync'"
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : dans le fichier ${sudoersDir}/backuppc_noexec."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : dans le fichier ${sudoersDir}/backuppc_noexec."
|
||||||
}
|
}
|
||||||
|
@ -291,11 +291,11 @@ mv -f -- "${filepl}" "${dir1}"
|
||||||
printf '\e[1;35m%-6s\e[m\n' "DEBUG : Partie - Création du compte backuppc"
|
printf '\e[1;35m%-6s\e[m\n' "DEBUG : Partie - Création du compte backuppc"
|
||||||
homebackuppc='/var/lib/backuppc'
|
homebackuppc='/var/lib/backuppc'
|
||||||
AddUserBackuppc "${input_login}" "${homebackuppc}"
|
AddUserBackuppc "${input_login}" "${homebackuppc}"
|
||||||
#mkdir -p -- "${homebackuppc}"/.ssh
|
mkdir -p -- "${homebackuppc}"/.ssh
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Création du répertoire .ssh de l'utilisateur : ${homebackuppc}/.ssh"
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Création du répertoire .ssh de l'utilisateur : ${homebackuppc}/.ssh"
|
||||||
#echo "from=\"129.20.203.16\" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIhMc8ixQXfWDACJy4q0v8T877UxahhCjO51PQFzylwVpf88LX3yWeDrWIW0NRu0zoSm396mig918OpD5ggqML/QbYbQsoDdAFUV/tK4JU6UJgEQIl25MOcUBCFepsFBGS09CH/V07xSUqSP/+beeTRLNO2CQzk3S2y3YfkXpM7KmOGfeLgoCaQAcxIkgLXeM3TpCZEzJDlZ8c8k/DjVvsgwCpQktYzNo2b37KHLLfgyW9KSo6N9sReUuNQjS6lu8rjrXfc6+J0pY2D6IxWptTWL/JVrhFCUqe4QQy+xYjoR41wqnAQyl/kOcyBNhSvojMKwQT6vlPwru6pOno16/X backuppc@backuppc.ipr.univ-rennes1.fr" > "${homebackuppc}"/.ssh/authorized_keys
|
echo "from=\"129.20.203.16\" ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIhMc8ixQXfWDACJy4q0v8T877UxahhCjO51PQFzylwVpf88LX3yWeDrWIW0NRu0zoSm396mig918OpD5ggqML/QbYbQsoDdAFUV/tK4JU6UJgEQIl25MOcUBCFepsFBGS09CH/V07xSUqSP/+beeTRLNO2CQzk3S2y3YfkXpM7KmOGfeLgoCaQAcxIkgLXeM3TpCZEzJDlZ8c8k/DjVvsgwCpQktYzNo2b37KHLLfgyW9KSo6N9sReUuNQjS6lu8rjrXfc6+J0pY2D6IxWptTWL/JVrhFCUqe4QQy+xYjoR41wqnAQyl/kOcyBNhSvojMKwQT6vlPwru6pOno16/X backuppc@backuppc.ipr.univ-rennes1.fr" > "${homebackuppc}"/.ssh/authorized_keys
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Ajout de la clef SSH du serveur dans "${homebackuppc}"/.ssh/authorized_keys."
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : Ajout de la clef SSH du serveur dans "${homebackuppc}"/.ssh/authorized_keys."
|
||||||
#chown -R backuppc "${homebackuppc}"/.ssh/
|
chown -R backuppc "${homebackuppc}"/.ssh/
|
||||||
printf '\e[1;33m%-6s\e[m\n' "DEBUG : chown -R backuppc ${homebackuppc}/.ssh/"
|
printf '\e[1;33m%-6s\e[m\n' "DEBUG : chown -R backuppc ${homebackuppc}/.ssh/"
|
||||||
|
|
||||||
#### END ####
|
#### END ####
|
||||||
|
|
Loading…
Reference in New Issue