Linux sudo

浏览数：29 / 时间：2015年06月20日

#!/bin/bash

######################################################################################################################################################
##script.name:sudo.sh ///////////////////////////
##script.administrator: miaopan //////////////////////////////
##script.email: [email protected] //////////////////////////////
##script.number: 18078818136 //////////////////////////////
######################################################################################################################################################

#########################################script.start############################################################################################
###Environment variable configuration
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:~/bin ; export PATH

###Time variable configuration
dateTime=`date +%Y%m%d%H%M%S`

###Operating System Version
sysTemVersion=`lsb_release -a | grep "Release" | awk ‘{print $2}‘ | cut -c 1`

###sudo configuration file
sudoSet=/etc/sudoers

###Determine whether the user exists
### User: maintain or protect
Usernumber=(maintain protect)
UserMaintain=$(egrep "\<^${Usernumber[0]}\>" /etc/passwd | awk -F: ‘{print $1}‘)
UserProtect=$(egrep "\<^${Usernumber[1]}\>" /etc/passwd | awk -F: ‘{print $1}‘)

Sudo(){
[ -e ${sudoSet} ] && cp ${sudoSet} ${sudoSet}\_${dateTime}
chmod u+w ${sudoSet}

if [ -e /var/log/sudo.log ] ; then
sed -i "/^Defaults logfile=\/var\/log\/sudo/d" ${sudoSet}
sed -i "/^Defaults loglinelen=0/d" ${sudoSet}
sed -i ‘/^Defaults \!syslog/d‘ ${sudoSet}
sed -i "/^User_Alias SYS_WUM = */d" ${sudoSet}
sed -i "/^SYS_WUM ALL=(ALL)NOPASSWD: ALL/d" ${sudoSet}

echo -e "User_Alias SYS_WUM = maintain, protect\nSYS_WUM ALL=(ALL)NOPASSWD: ALL\nDefaults logfile=/var/log/sudo.log\nDefaults loglinelen=0" >> ${sudoSet}
echo "Defaults !syslog" >> ${sudoSet}
chmod u-w ${sudoSet}
else
echo -e "User_Alias SYS_WUM = maintain, protect\nSYS_WUM ALL=(ALL)NOPASSWD: ALL\nDefaults logfile=/var/log/sudo.log\nDefaults loglinelen=0" >> ${sudoSet}
echo "Defaults !syslog" >> ${sudoSet}
touch /var/log/sudo.log && chmod u-w ${sudoSet}
fi

##Determine the system log file
if [ ${sysTemVersion} == 5 ] ; then
cp /etc/syslog.conf /etc/syslog.conf_${dateTime}
sed -i ‘/^local2.debug/d‘ /etc/syslog.conf
echo "local2.debug /var/log/sudo.log" >> /etc/syslog.conf
/etc/init.d/syslog restart
elif [ ${sysTemVersion} == 6 ] ; then
cp /etc/rsyslog.conf /etc/rsyslog.conf_${dateTime}
sed -i ‘/^local2.debug/d‘ /etc/rsyslog.conf
echo "local2.debug /var/log/sudo.log" >> /etc/rsyslog.conf
/etc/init.d/rsyslog restart
fi

}

######################################################################################################################################################

if [[ $UserMaintain == "maintain" && $UserProtect == "protect" ]] ; then
echo -e "User ${Usernumber[0]} and ${Usernumber[1]} already exists............................" && Sudo
else
for numUser in ${Usernumber[@]}
  do
   grep "$numUser" /etc/passwd
    if [ $? -eq 0 ] ; then
     echo "The user already exists"
    else
     useradd -d /home/$numUser -s /bin/bash $numUser && echo "q1w2e3r4" | passwd --stdin $numUser
     echo "export PATH=$PATH:/usr/sbin:/sbin" >> /home/$numUser/.bash_profile
    fi

  done
Sudo
fi
#########################################script.stop#################################################################################################