SSSD simple_allow_users Management Script
Posted <2016-09-28 Wed 23:16> by Aaron S. Jackson.
#!/usr/bin/bash
# Aaron Jackson <asj@cs.nott.ac.uk>
# Short script for managing the simple_allow_users line in sssd.conf
if [[ $EUID -ne 0 ]]; then
echo "you must sudo or run as root"
exit 1
fi
case "$1" in
add)
if [ -z "$2" ]; then
echo "no user specified"
exit 1
fi
cp /etc/sssd/sssd.conf /etc/sssd/sssd.conf.backup
line=$(grep simple_allow_users /etc/sssd/sssd.conf)
if [[ "$line" == *"$2"* ]]; then
echo "user already has access"
exit 1
fi
valid=$(getent passwd $2)
if [ -z "$valid" ]; then
echo "user does not exist in directory"
exit 1
else
echo $valid
fi
newline="$line,$2"
sed -i "s/simple_allow_users.*/$newline/" /etc/sssd/sssd.conf
;;
remove)
if [ -z "$2" ]; then
echo "no user specified"
exit 1
fi
cp /etc/sssd/sssd.conf /etc/sssd/sssd.conf.backup
users=$(grep simple_allow_users /etc/sssd/sssd.conf \
| cut -d'=' -f2 | tr ',' ' ')
newline="simple_allow_users = "
for u in $users; do
if [[ ! $u == "$2" ]]; then
newline="$newline$u,"
fi
done
newline=${newline%?} # chop off comma
sed -i "s/simple_allow_users.*/$newline/" /etc/sssd/sssd.conf
;;
list)
users=$(grep simple_allow_users /etc/sssd/sssd.conf \
| cut -d'=' -f2 | tr ',' ' ')
for u in $users; do
getent passwd $u | tr ':' '\t'
done
;;
reload)
systemctl restart sssd
sss_cache -E
;;
*)
echo "options: "
echo " add <user>, remove <user>, list, reload"
;;
esacRelated posts:
Wanting to leave a comment?
Comments and feedback are welcome by email (aaron@nospam-aaronsplace.co.uk).