T31337/SD_usb_auth.sh

## SD_usb_auth.sh
#!/bin/bash

#Downlaod .bash_colors (Ensure File Exists And Has Expected Content)
wget http://raw.github.com/maxtsepkov/bash_colors/master/bash_colors.sh -O .bash_colors
#Import Colors Script
#See Here For More Info - https://github.com/mercuriev/bash_colors
source .bash_colors

#Set Authentication Device (SD-Card)
MyDevice="/dev/mmcblk0"

clr_bold clr_red "Authentication Device: " -n; clr_bold clr_underscore clr_blue "$MyDevice"

#Check If Command Exists/Is Valid
function command_exists () {
    type "$1" &> /dev/null ;
}

#Install Yaourt Using Git
function install_Yaourt() {
	pacman -S --needed base-devel git wget yajl
	git clone https://aur.archlinux.org/package-query.git
	cd package-query
	makepkg -si
	cd ..
	git clone https://aur.archlinux.org/yaourt.git
	cd yaourt
	makepkg -si
	cd ..
	rm -dR yaourt/ package-query/
}

#Install PAM_USB With Git
function install_pamusb(){
    echo -e "\n\n======================"
    echo -e "| REQUIREMENTS SETUP |"
    echo -e "======================\n"
    #Use The GitHub Vesrion By aluzzardi To Enable SD-Card Support!
    echo -e "pam_usb Is Required, We Will Use Patched Version From GitHub With SD-Card Support...\n"
    git clone https://github.com/aluzzardi/pam_usb.git
    cd pam_usb
    make
    sudo make install
    echo -e "\n"
    echo -e "================="
    echo -e "| Install Done! |"
    echo -e "=================\n"
    cd ..
}

#Setup USB/SD Authentication, pam.d Method
function updateAuthConfig() {

    echo -e "==============================="
    echo -e "| AUTHENTICATION CONFIG SETUP |"
    echo -e "===============================\n"
    echo -e "Updating Authentication Files...\n"

    echo -e "Upating pam.d Login Files To Enable USB Authentication...\n"
    echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/login
    echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/system-login
    echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/system-local-login

    #echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/other
    #echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/passwd


    echo -e "Updating /etc/pam.d/su To Enable USB Authentication...\n"
    echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/su
    echo - e "Updating /etc/pam.d/sudo To Enable USB Authentication...\n"
    echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/sudo
    echo -e "Updating /etc/pam.d/system-auth To Enable USB Authentication..."
    cat <<'EOF' > /etc/pam.d/system-auth


#USB AUTHENTICATION
auth    required  pam_unix.so nullok_secure
auth    sufficient      pam_usb.so

EOF


echo -e "Done Updating PAM Authentication Configurations!\n"

}

#Check USB/SD Authorization Setup
function checkAuth() {

    echo -e "\n================================"
    echo -e "Checking PAM_USB Authentication"
    echo -e "================================\n"

    echo -e "Checking PAM_USB Authentication For $USER...\n"
    pamusb-check $USER && echo Ok || echo FAILED
    echo -e "Checking PAM_USB Authentication For root...\n"
    pamusb-check root && echo Ok || echo FAILED
}

#Configure User&Device Authorization
function configureAuth(){

    echo -e "============================"
    echo -e "| USB AUTHENTICATION SETUP |"
    echo -e "============================\n\n"

    echo -e "Enter Device To Use For Authentication: "

    echo -e "Authentication Device: $MyDevice"

    sudo pamusb-conf --add-device $MyDevice
    sudo pamusb-conf --add-user $USER
    sudo pamusb-conf --add-user root

     #Update Confgureation File To Allow USB Authentication (This Is Done In updateAuthConfig Function)
        #sudo echo "auth    sufficient      pam_usb.so" >> /etc/pam.d/system-auth
        #sudo echo "auth    required        pam_unix.so nullok_secure" >>   /etc/pam.d/system-auth


    checkAuth

}

#Check For And Install Yaourt & PAM_USB
function checkDepends() {
	if command_exists yaourt ; then
		install_pamusb
	else
		echo -e "Oops, Yaourt Seems To Have Failed To Install, Trying Alternate Install Method...\n"
		install_Yaourt
		install_pamusb
	fi
}

function replace_pamusb() {
	if ! [ -x "$(command -v yaourt)" ]; then
		echo 'Error: Yaourt Not Installed.' >&2
		install_Yaourt
	fi
	echo -e "Removing Current Version Of PAM_USB So We Can Install Patched Version With SD-Card Suport..."
    yaourt -R pam_usb --noconfirm
	install_pamusb
}

#Usage Example:
#confirm && hg push ssh://..
#	or
#confirm "Would you really like to do a push?" && hg push ssh://..
function confirm() {
    # call with a prompt string or use a default
    read -r -p "${1:-Are you sure? [y/N]} " response
    case "$response" in
        [yY][eE][sS]|[yY])
            true
            ;;
        *)
            false
            ;;
    esac
}

#Check If PAM Is Installed
if ! [ -x "$(command -v pamusb-conf)" ]; then
    echo 'Error: pam_usb Is Not Installed.' >&2
    install_pamusb
else
    echo -e "Looks Like PAM-USB Is Already Installed, Let's Begin!\n"
	confirm "Would You Like To Replace Current Version Of PAM_USB?" && replace_pamusb
fi

if [[ $EUID -ne 0 ]]; then
    configureAuth
    exec sudo "$0" "$@"
else
    updateAuthConfig
fi
	#!/bin/bash

	#Downlaod .bash_colors (Ensure File Exists And Has Expected Content)
	wget http://raw.github.com/maxtsepkov/bash_colors/master/bash_colors.sh -O .bash_colors
	#Import Colors Script
	#See Here For More Info - https://github.com/mercuriev/bash_colors
	source .bash_colors

	#Set Authentication Device (SD-Card)
	MyDevice="/dev/mmcblk0"

	clr_bold clr_red "Authentication Device: " -n; clr_bold clr_underscore clr_blue "$MyDevice"

	#Check If Command Exists/Is Valid
	function command_exists () {
	type "$1" &> /dev/null ;
	}

	#Install Yaourt Using Git
	function install_Yaourt() {
	pacman -S --needed base-devel git wget yajl
	git clone https://aur.archlinux.org/package-query.git
	cd package-query
	makepkg -si
	cd ..
	git clone https://aur.archlinux.org/yaourt.git
	cd yaourt
	makepkg -si
	cd ..
	rm -dR yaourt/ package-query/
	}

	#Install PAM_USB With Git
	function install_pamusb(){
	echo -e "\n\n======================"
	echo -e "\| REQUIREMENTS SETUP \|"
	echo -e "======================\n"
	#Use The GitHub Vesrion By aluzzardi To Enable SD-Card Support!
	echo -e "pam_usb Is Required, We Will Use Patched Version From GitHub With SD-Card Support...\n"
	git clone https://github.com/aluzzardi/pam_usb.git
	cd pam_usb
	make
	sudo make install
	echo -e "\n"
	echo -e "================="
	echo -e "\| Install Done! \|"
	echo -e "=================\n"
	cd ..
	}

	#Setup USB/SD Authentication, pam.d Method
	function updateAuthConfig() {

	echo -e "==============================="
	echo -e "\| AUTHENTICATION CONFIG SETUP \|"
	echo -e "===============================\n"
	echo -e "Updating Authentication Files...\n"

	echo -e "Upating pam.d Login Files To Enable USB Authentication...\n"
	echo "auth sufficient pam_usb.so" >> /etc/pam.d/login
	echo "auth sufficient pam_usb.so" >> /etc/pam.d/system-login
	echo "auth sufficient pam_usb.so" >> /etc/pam.d/system-local-login

	#echo "auth sufficient pam_usb.so" >> /etc/pam.d/other
	#echo "auth sufficient pam_usb.so" >> /etc/pam.d/passwd


	echo -e "Updating /etc/pam.d/su To Enable USB Authentication...\n"
	echo "auth sufficient pam_usb.so" >> /etc/pam.d/su
	echo - e "Updating /etc/pam.d/sudo To Enable USB Authentication...\n"
	echo "auth sufficient pam_usb.so" >> /etc/pam.d/sudo
	echo -e "Updating /etc/pam.d/system-auth To Enable USB Authentication..."
	cat <<'EOF' > /etc/pam.d/system-auth


	#USB AUTHENTICATION
	auth required pam_unix.so nullok_secure
	auth sufficient pam_usb.so

	EOF


	echo -e "Done Updating PAM Authentication Configurations!\n"

	}

	#Check USB/SD Authorization Setup
	function checkAuth() {

	echo -e "\n================================"
	echo -e "Checking PAM_USB Authentication"
	echo -e "================================\n"

	echo -e "Checking PAM_USB Authentication For $USER...\n"
	pamusb-check $USER && echo Ok \|\| echo FAILED
	echo -e "Checking PAM_USB Authentication For root...\n"
	pamusb-check root && echo Ok \|\| echo FAILED
	}

	#Configure User&Device Authorization
	function configureAuth(){

	echo -e "============================"
	echo -e "\| USB AUTHENTICATION SETUP \|"
	echo -e "============================\n\n"

	echo -e "Enter Device To Use For Authentication: "

	echo -e "Authentication Device: $MyDevice"

	sudo pamusb-conf --add-device $MyDevice
	sudo pamusb-conf --add-user $USER
	sudo pamusb-conf --add-user root

	#Update Confgureation File To Allow USB Authentication (This Is Done In updateAuthConfig Function)
	#sudo echo "auth sufficient pam_usb.so" >> /etc/pam.d/system-auth
	#sudo echo "auth required pam_unix.so nullok_secure" >> /etc/pam.d/system-auth


	checkAuth

	}

	#Check For And Install Yaourt & PAM_USB
	function checkDepends() {
	if command_exists yaourt ; then
	install_pamusb
	else
	echo -e "Oops, Yaourt Seems To Have Failed To Install, Trying Alternate Install Method...\n"
	install_Yaourt
	install_pamusb
	fi
	}

	function replace_pamusb() {
	if ! [ -x "$(command -v yaourt)" ]; then
	echo 'Error: Yaourt Not Installed.' >&2
	install_Yaourt
	fi
	echo -e "Removing Current Version Of PAM_USB So We Can Install Patched Version With SD-Card Suport..."
	yaourt -R pam_usb --noconfirm
	install_pamusb
	}

	#Usage Example:
	#confirm && hg push ssh://..
	# or
	#confirm "Would you really like to do a push?" && hg push ssh://..
	function confirm() {
	# call with a prompt string or use a default
	read -r -p "${1:-Are you sure? [y/N]} " response
	case "$response" in
	[yY][eE][sS]\|[yY])
	true
	;;
	*)
	false
	;;
	esac
	}

	#Check If PAM Is Installed
	if ! [ -x "$(command -v pamusb-conf)" ]; then
	echo 'Error: pam_usb Is Not Installed.' >&2
	install_pamusb
	else
	echo -e "Looks Like PAM-USB Is Already Installed, Let's Begin!\n"
	confirm "Would You Like To Replace Current Version Of PAM_USB?" && replace_pamusb
	fi

	if [[ $EUID -ne 0 ]]; then
	configureAuth
	exec sudo "$0" "$@"
	else
	updateAuthConfig
	fi