tagproj.cgi: behave more robustly with peculiar input
[girocco.git] / toolbox / remove-user.sh
blob7e2f0befbbae63cbfff080d5558f35adefa2be60
1 #!/bin/sh
3 set -e
5 . @basedir@/shlib.sh
7 if [ -z "$1" ]; then
8 echo "Syntax: ./remove-user.sh <username>"
9 exit 1
11 u="$1"
12 qu="$(printf '%s' "$u" | sed -e 's/\./\\./g' -e 's/+/[+]/g')"
13 ETC="$cfg_chroot/etc"
14 COUNT=$(grep -E -c "^$qu:" "$ETC/passwd" || :)
15 if [ "$COUNT" -ne "1" ]; then
16 echo "fatal: user '$u' doesn't appear to exist (or exists multiple times, or contains regexpy characters)."
17 exit 1
19 ENTRY="$(grep -E "^$qu:" "$ETC/passwd" | cut -d : -f 1-5)"
20 GRPS=$( (grep -E '^[^:]+:[^:]+:[^:]+.*(:|,)'"$qu"'(,|:|$)' "$ETC/group" || :) | cut -d : -f 1 )
21 if [ "$GRPS" ]; then
22 echo "User '$u' is still part of these groups:" $GRPS
23 echo "fatal: this simplistic script cannot remove users from groups."
24 exit 1
26 sed -i.$$ -e "/^$qu:/ d" "$ETC/passwd"
27 rm -f "$ETC/passwd.$$" || :
28 rm -f "$ETC/sshkeys/$u" || :
29 rm -f "$ETC/sshcerts/$cfg_nickname"_"$u"_user_*.pem || :
30 rm -f "$ETC/sshactive/$u" || :
31 rm -f "$ETC/sshactive/$u",* || :
32 ! [ -e "$ETC/sshkeys/$u" ] || echo "Warning: unable to remove $ETC/sshkeys/$u" >&2
33 [ "$(echo "$ETC/sshcerts/$cfg_nickname"_"$u"_user_*.pem)" = "$ETC/sshcerts/$cfg_nickname"_"$u"_user_"*".pem ] ||
34 echo "Warning: unable to remove $(echo "$ETC/sshcerts/$cfg_nickname"_"$u"_user_*.pem)" >&2
35 if [ -n "$cfg_update_pwd_db" -a "$cfg_update_pwd_db" != "0" ]; then
36 "$cfg_basedir/bin/update-pwd-db" "$ETC/passwd" "$u"
38 echo "User \"$ENTRY\" (+SSH key/certs) removed."