toolbox/remove-user.sh

   1 #!/bin/sh
   2
   3 set -e
   4
   5 . @basedir@/shlib.sh
   6
   7 if [ -z "$1" ]; then
   8         echo "Syntax: ./remove-user.sh <username>"
   9         exit 1
  10 fi
  11 u="$1"
  12 qu="$(printf '%s' "$u" | sed -e 's/\./\\./g' -e 's/+/[+]/g')"
  13 ETC="$cfg_chroot/etc"
  14 COUNT=$(grep -E -c "^$qu:" "$ETC/passwd" || :)
  15 if [ "$COUNT" -ne "1" ]; then
  16         echo "fatal: user '$u' doesn't appear to exist (or exists multiple times, or contains regexpy characters)."
  17         exit 1
  18 fi
  19 ENTRY="$(grep -E "^$qu:" "$ETC/passwd" | cut -d : -f 1-5)"
  20 GRPS=$( (grep -E '^[^:]+:[^:]+:[^:]+.*(:|,)'"$qu"'(,|:|$)' "$ETC/group" || :) | cut -d : -f 1 )
  21 if [ "$GRPS" ]; then
  22         echo "User '$u' is still part of these groups:" $GRPS
  23         echo "fatal: this simplistic script cannot remove users from groups."
  24         exit 1
  25 fi
  26 sed -i.$$ -e "/^$qu:/ d" "$ETC/passwd"
  27 rm -f "$ETC/passwd.$$" || :
  28 rm -f "$ETC/sshkeys/$u" || :
  29 rm -f "$ETC/sshcerts/$cfg_nickname"_"$u"_user_*.pem || :
  30 rm -f "$ETC/sshactive/$u" || :
  31 rm -f "$ETC/sshactive/$u",* || :
  32 ! [ -e "$ETC/sshkeys/$u" ] || echo "Warning: unable to remove $ETC/sshkeys/$u" >&2
  33 [ "$(echo "$ETC/sshcerts/$cfg_nickname"_"$u"_user_*.pem)" = "$ETC/sshcerts/$cfg_nickname"_"$u"_user_"*".pem ] ||
  34         echo "Warning: unable to remove $(echo "$ETC/sshcerts/$cfg_nickname"_"$u"_user_*.pem)" >&2
  35 if [ -n "$cfg_update_pwd_db" -a "$cfg_update_pwd_db" != "0" ]; then
  36         "$cfg_basedir/bin/update-pwd-db" "$ETC/passwd" "$u"
  37 fi
  38 echo "User \"$ENTRY\" (+SSH key/certs) removed."