1 #!/bin/sh 2 # 3 # $NetBSD: creds_msdos,v 1.6 2024/01/29 05:46:55 mrg Exp $ 4 # 5 # Copyright (c) 2019 Matthew R. Green 6 # All rights reserved. 7 # 8 # Redistribution and use in source and binary forms, with or without 9 # modification, are permitted provided that the following conditions 10 # are met: 11 # 1. Redistributions of source code must retain the above copyright 12 # notice, this list of conditions and the following disclaimer. 13 # 2. Redistributions in binary form must reproduce the above copyright 14 # notice, this list of conditions and the following disclaimer in the 15 # documentation and/or other materials provided with the distribution. 16 # 17 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 18 # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 19 # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 20 # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 21 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 22 # BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 23 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 24 # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 25 # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 # SUCH DAMAGE. 28 29 # 30 # If "creds_msdos_partition" is an msdos partition and has a creds.txt 31 # in it, perform these commands: 32 # "sshkeyfile <user> <path on msdos>" 33 # "sshkey <user> <entry>" 34 # "useraddhash <user> <passwd hash>" 35 # "useradd <user> <passwd>" 36 # If the "useradd" method is used, this the creds.txt file will be 37 # shredded and deleted with rm -P. 38 39 # PROVIDE: creds_msdos 40 # REQUIRE: mountall 41 42 $_rc_subr_loaded . /etc/rc.subr 43 44 name="creds_msdos" 45 start_cmd="creds_msdos_start" 46 stop_cmd=":" 47 48 fail() { 49 echo "$@" 1>&2 50 exit 1 51 } 52 53 # This uses $ssh_userkeys global 54 sshkey_setup() { 55 local user="$1" 56 local group="wheel" 57 58 # don't create existing users 59 if ! id -u "${user}" > /dev/null 2>&1; then 60 useradd -m -G "${group}" "${user}" || fail "Useradd failed." 61 fi 62 63 eval ssh_userdir=~"${user}/.ssh" 64 mkdir -p -m 755 "${ssh_userdir}" || fail "mkdir ~/.ssh failed." 65 chmod 755 "${ssh_userdir}" 66 chown "${user}" "${ssh_userdir}" 67 68 ssh_userkeys="${ssh_userdir}/authorized_keys" 69 } 70 71 sshkey_finish() { 72 local user="$1" 73 74 chmod 644 "${ssh_userkeys}" 75 chown "${user}" "${ssh_userkeys}" 76 } 77 78 do_sshkeyfile() { 79 local user="$1" 80 local newkeys="${creds_msdos_partition}/$2" 81 82 if [ ! -f "${newkeys}" ]; then 83 return 84 fi 85 86 sshkey_setup "${user}" 87 88 # check entry is not present 89 while read type keydata name; do 90 if fgrep -q "${keydata}" "${ssh_userkeys}" 2>/dev/null; then 91 continue 92 fi 93 echo "${type} ${keydata} ${name}" >> "${ssh_userkeys}" 94 done < "${newkeys}" 95 96 sshkey_finish "${user}" 97 } 98 99 do_sshkey() { 100 local user="$1" 101 local newkey="$2" 102 103 sshkey_setup "${user}" 104 105 echo "${newkey}" >> "${ssh_userkeys}" 106 107 sshkey_finish "${user}" 108 } 109 110 do_useraddpwhash() { 111 local user="$1" 112 local pwhash="$2" 113 local group="wheel" 114 115 # don't add to existing users 116 if id -u "${user}" > /dev/null 2>&1; then 117 return 118 fi 119 120 useradd -m -p "${pwhash}" -G "${group}" "${user}" || fail "Useradd failed." 121 } 122 123 do_useradd() { 124 local user="$1" 125 local password="$2" 126 127 local pwhash=$(pwhash "$password") 128 do_useraddpwhash "${user}" "${pwhash}" 129 } 130 131 creds_msdos_start() 132 { 133 local fstab_file=/etc/fstab 134 135 if [ -z "${creds_msdos_partition}" ]; then 136 echo "Not looking for credentials on msdos" 137 return 138 fi 139 while read junk1 mp fstype junk2; do 140 if [ "${mp}" != "${creds_msdos_partition}" ]; then 141 continue 142 fi 143 if [ "${fstype}" != "msdos" ]; then 144 echo "Not checking for creds on ${creds_msdos_partition}: not an msdos file system" 145 return 146 fi 147 break 148 done < "${fstab_file}" 149 150 local delete_creds=no 151 local creds_file="${creds_msdos_partition}/creds.txt" 152 153 if [ -f "${creds_file}" ]; then 154 while read type user args; do 155 # strip cr 156 local clean_args="$(echo "$args" | tr -d '\015')" 157 case "$type" in 158 \#*|'') 159 continue 160 ;; 161 sshkeyfile) 162 echo "Added user ${user} via ssh key file method." 163 do_sshkeyfile "${user}" "${clean_args}" 164 ;; 165 sshkey) 166 echo "Added user ${user} via ssh key string method." 167 do_sshkey "${user}" "${clean_args}" 168 ;; 169 useraddpwhash) 170 echo "Added user ${user} via password hash method." 171 do_useraddpwhash "${user}" "${clean_args}" 172 ;; 173 useradd) 174 echo "Added user ${user} via password method, shredding credentials file." 175 do_useradd "${user}" "${clean_args}" 176 delete_creds=yes 177 ;; 178 *) 179 echo "Do not understand '$type' creds" 1>&2 180 exit 1 181 ;; 182 esac 183 done < "${creds_file}" 184 fi 185 186 if [ $delete_creds = yes ]; then 187 rm -P -f "${creds_file}" 188 fi 189 } 190 191 load_rc_config $name 192 run_rc_command "$1" 193
Indexes created Sat Sep 20 22:09:52 GMT 2025