blob: db6899b26d699da52045c5bc52389bd4824855c6 (
about) (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
#!/bin/sh
run_latehook() {
local newroot="/new_root/"
OLDIFS="${IFS}"
IFS=","
# set cleartext password
if [[ -n "${password}" ]]; then
for password_split in ${password}; do
password_user="$(echo ${password_split} | cut -d: -f1)"
password_pass="$(echo ${password_split} | cut -d: -f2)"
if [[ "${password_user}" = "${password_pass}" ]]; then
msg ":: Username equals password or invalid option, nothing changed."
else
msg ":: Setting password for user '${password_user}'..."
echo ${password_split} | chpasswd -R ${newroot}
fi
done
fi
# set password hash
if [[ -n "${pwhash}" ]]; then
for pwhash_split in ${pwhash}; do
pwhash_user="$(echo ${pwhash_split} | cut -d: -f1)"
pwhash_hash="$(echo ${pwhash_split} | cut -d: -f2)"
if [[ "${pwhash_user}" = "${pwhash_hash}" ]]; then
msg ":: Invalid option, no password changed."
else
msg ":: Setting password for user '${pwhash_user}'..."
usermod -p "${pwhash_hash}" -R ${newroot} "${pwhash_user}"
fi
done
fi
# set authorized keys
if [[ -n "${authorized_key}" ]]; then
for authorized_key_split in ${authorized_key}; do
authorized_key_user="$(echo ${authorized_key_split} | cut -d: -f1)"
authorized_key_type="$(echo ${authorized_key_split} | cut -d: -f2)"
authorized_key_key="$(echo ${authorized_key_split} | cut -d: -f3)"
authorized_key_home="$(grep -E "^${authorized_key_user}:" ${newroot}/etc/passwd | cut -d: -f 6)"
if [[ "${authorized_key_type}" = "${authorized_key_key}" ]]; then
msg ":: Invalid option, no authorized key added."
elif grep -q "${authorized_key_key}" "${newroot}/${authorized_key_home}/.ssh/authorized_keys" 2>/dev/null; then
msg ":: Key already available, skipping."
else
if [[ ! -d "${newroot}/${authorized_key_home}" ]]; then
msg ":: Home dir for user '${authorized_key_user}' does not exist."
else
msg ":: Adding authorized key for user '${authorized_key_user}'..."
mkdir -p "${newroot}/${authorized_key_home}/.ssh"
echo "${authorized_key_type} ${authorized_key_key} mkinitcpio" >> "${newroot}/${authorized_key_home}/.ssh/authorized_keys"
fi
fi
done
fi
IFS="${OLDIFS}"
}
|