Created
September 2, 2020 16:35
-
-
Save wbollock/c42f68868515362dc2f890628f667fb2 to your computer and use it in GitHub Desktop.
bash script that checks for new /home/folders, creates mysql account with random password + salt, and emails to students and a service desk email
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# made by Will Bollock, CCI HelpDesk | |
# mysql root user/pass for account creation | |
rootuser= | |
rootpasswd= | |
informationFile=Torch_Account_Information.txt | |
# master file that is copied to $user's home | |
# make an HTML template here | |
# html email template here | |
emailMaster= | |
# whatever you want for placeholder index.html | |
webPlaceholder= | |
# [web15c@torch]~❯ inotifywait -q -e create /home/ | awk '{ print $NF }' | |
# infinite loop | |
while true | |
do | |
# upon new /home/ directory creation, spit out the username to $FSUID | |
FSUID=$(inotifywait -q -e create /home/ | awk '{ print $NF }') | |
flag=/home/"$FSUID"/.flag_DONOTDELETE | |
if [ -e /home/$FSUID/$flag ] | |
then | |
# user has already logged in once | |
echo "Welcome $FSUID to torch.cci.fsu.edu" | |
# https://www.attosol.com/login-script-that-runs-only-once-per-user/ | |
else | |
# Ignore usernames with hyphens - IT service accounts | |
if echo "$FSUID" | grep -q "-"; then | |
# found dash; service account | |
echo "Dash detected in username. No MySQL account made." > /home/"$FSUID"/$informationFile | |
echo "If you think this is an error, please contact the CCI HelpDesk." >> /home/"$FSUID"/$informationFile | |
else | |
#echo "Welcome $FSUID to torch.cci.fsu.edu." | |
#echo "Please review the file $informationFile in your directory." | |
# create Apache2 web directory if not exists | |
if [ ! -d /web/"$FSUID" ] | |
then | |
mkdir /web/"$FSUID" | |
fi | |
# Set Apache2 permissions | |
chmod -R 755 /web/"$FSUID" | |
# ownership | |
chown -R "$FSUID":'domain users' /web/"$FSUID" | |
# create sym link for ease of use | |
ln -s /web/"$FSUID" /home/"$FSUID"/public_html | |
# give placeholder index.html | |
cp $webPlaceholder /web/"$FSUID"/index.html | |
chmod 644 /web/"$FSUID"/index.html | |
# ownership again cause im lazy | |
chown -R "$FSUID":'domain users' /web/"$FSUID" | |
# generate password | |
# https://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/ | |
PASSWDDB=$(date +%s | sha256sum | base64 | head -c 12 ; echo) | |
# drop user if exists | |
mysql -u${rootuser} -p${rootpasswd} -e "DROP USER IF EXISTS '"$FSUID"'@'localhost';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure." | |
# drop database if exists | |
mysql -u${rootuser} -p${rootpasswd} -e "DROP DATABASE IF EXISTS '"$FSUID"';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure." | |
#echo "Create User" | |
mysql -u${rootuser} -p${rootpasswd} -e "CREATE USER IF NOT EXISTS '"$FSUID"'@'localhost' IDENTIFIED BY '${PASSWDDB}';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure." | |
#echo "Create DB" | |
mysql -u${rootuser} -p${rootpasswd} -e "CREATE DATABASE IF NOT EXISTS \`"$FSUID"\`;" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure." | |
#echo "Grant all to "$FSUID"" | |
mysql -u${rootuser} -p${rootpasswd} -e "GRANT ALL PRIVILEGES ON \`"$FSUID"\`.* TO '"$FSUID"'@'localhost';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure." | |
# allow users to make databases starting with $FSUID_ | |
mysql -u${rootuser} -p${rootpasswd} -e "GRANT ALL PRIVILEGES ON \`"$FSUID"_%\`.* TO '"$FSUID"'@'localhost';" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure." | |
#echo "Flush" | |
mysql -u${rootuser} -p${rootpasswd} -e "FLUSH PRIVILEGES;" 2>/dev/null | grep -v "mysql: [Warning] Using a password on the command line interface can be insecure." | |
# https://github.com/koalaman/shellcheck/wiki/SC2129 | |
{ | |
echo "Welcome to torch.cci.fsu.edu." | |
echo "------------------------------------" | |
echo "MySQL Account Information:" | |
echo "*Please* save this username and password somewhere safe, and delete this file." | |
echo "Verify you received this information at your FSU email address (@my.fsu.edu)." | |
echo "------------------------------------" | |
echo "Username:" | |
echo "$FSUID" | |
echo "Password:" | |
echo "$PASSWDDB" | |
echo "------------------------------------" | |
echo "This information is only used for MySQL database access." | |
echo "To use your MySQL account, type the following, then enter your password when prompted:" | |
echo "mysql -u "$FSUID" -p" | |
echo "Caution: if you delete $flag, your MySQL database and user will be lost." | |
echo "------------------------------------" | |
echo "To use the Apache webserver, create or upload a file such as index.html in your public_html folder, or /web/"$FSUID"." | |
echo "It can then be accessed at <INSERT SERVER URL>~"$FSUID"" | |
echo "------------------------------------" | |
echo "Thank you for using CCI servers." | |
echo "Have a question or issue? Contact your instructor, or the CCI Helpdesk." | |
} >> /home/"$FSUID"/$informationFile | |
# emailing user login info | |
cp $emailMaster /home/$FSUID/torch-template.html | |
# insert students mysql user/pass into the welcome email | |
sed -i "s/FSUID/$FSUID/g" /home/$FSUID/torch-template.html | |
sed -i "s/PASSWDDB/$PASSWDDB/g" /home/$FSUID/torch-template.html | |
# send mail | |
cat /home/$FSUID/torch-template.html | mail -s "Welcome to torch.cci.fsu.edu $FSUID!" -a "From: XXXXX@cci.fsu.edu" $FSUID@my.fsu.edu --content-type=text/html | |
cat /home/$FSUID/torch-template.html | mail -s "Welcome to torch.cci.fsu.edu $FSUID!" -a "From: XXXXX@cci.fsu.edu" <insert service desk email> --content-type=text/html | |
# clean up files | |
rm -f /home/$FSUID/torch-template.html | |
# restore home perms | |
chown -R "$FSUID":"domain users" /home/$FSUID/ | |
# make flag signifying first login is done | |
touch $flag | |
echo "Reading the .dotfiles? You're a curious student. Apply for a job at the CCI HelpDesk and mention this message!" >> $flag | |
fi #end of productive if | |
fi # end of first if | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment