creds_msdos revision 1.2
1 #!/bin/sh 2 # 3 # $NetBSD: creds_msdos,v 1.2 2019/06/12 00:28:56 mrg Exp $ 4 # 5 # Copyright (c) 2019 Matthew R. Green 6 # All rights reserved. 7 # 8 # Redistribution and use in source and binary forms, with or without 9 # modification, are permitted provided that the following conditions 10 # are met: 11 # 1. Redistributions of source code must retain the above copyright 12 # notice, this list of conditions and the following disclaimer. 13 # 2. Redistributions in binary form must reproduce the above copyright 14 # notice, this list of conditions and the following disclaimer in the 15 # documentation and/or other materials provided with the distribution. 16 # 3. The name of the author may not be used to endorse or promote products 17 # derived from this software without specific prior written permission. 18 # 19 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 # BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 # SUCH DAMAGE. 30 31 # 32 # If "creds_msdos_partition" is an msdos partition and has a creds.txt 33 # in it, perform these commands: 34 # "sshkeyfile <user> <path on msdos>" 35 # "sshkey <user> <entry>" 36 # "useraddhash <user> <passwd hash>" 37 # "useradd <user> <passwd>" 38 # If the "useradd" method is used, this the creds.txt file will be 39 # shredded and deleted with rm -P. 40 41 # PROVIDE: creds_msdos 42 # REQUIRE: mountall 43 44 $_rc_subr_loaded . /etc/rc.subr 45 46 name="creds_msdos" 47 start_cmd="creds_msdos_start" 48 stop_cmd=":" 49 fstab_file=/etc/fstab 50 51 fail() { 52 echo "$@" 1>&2 53 exit 1 54 } 55 56 sshkey_setup() { 57 local user="$1" 58 local group="wheel" 59 60 # don't create existing users 61 id=$(id -u $user 2>/dev/null) 62 if [ $? -ne 0 ]; then 63 useradd -m -G "${group}" "$user" || fail "Useradd failed." 64 fi 65 66 eval sshdir=~"${user}/.ssh" 67 eval mkdir -p -m 755 "${sshdir}" || fail "mkdir ~/.ssh failed." 68 chown "${user}" "${sshdir}" 69 eval userkeys="${sshdir}/authorized_keys" 70 } 71 72 sshkey_finish() { 73 local user="$1" 74 local userkeys="$2" 75 76 chmod 644 "${userkeys}" 77 chown "${user}" "${userkeys}" 78 } 79 80 do_sshkeyfile() { 81 local user="$1" 82 local newkeys="${creds_msdos_partition}/$2" 83 84 if [ ! -f "${newkeys}" ]; then 85 return 86 fi 87 88 sshkey_setup "$user" 89 90 # check entry is not present 91 while read type keydata name; do 92 if fgrep -q "${keydata}" "${userkeys}" 2>/dev/null; then 93 continue 94 fi 95 echo "${type} ${keydata} ${name}" >> "${userkeys}" 96 done < "${newkeys}" 97 98 sshkey_finish "$user" "${userkeys}" 99 } 100 101 do_sshkey() { 102 local user="$1" 103 local newkey="$2" 104 105 sshkey_setup "$user" 106 107 echo "${newkey}" >> "${userkeys}" 108 109 sshkey_finish "$user" "${userkeys}" 110 } 111 112 do_useraddpwhash() { 113 local user="$1" 114 local pwhash="$2" 115 local group="wheel" 116 117 # don't add to existing users 118 id=$(id -u "${user}" 2>/dev/null) 119 if [ $? -eq 0 ]; then 120 return 121 fi 122 123 useradd -m -p "${pwhash}" -G "${group}" "${user}" || fail "Useradd failed." 124 } 125 126 do_useradd() { 127 local user="$1" 128 local password="$2" 129 130 local pwhash=$(pwhash "$password") 131 do_useraddpwhash "${user}" "${pwhash}" 132 } 133 134 creds_msdos_start() 135 { 136 if [ -z "${creds_msdos_partition}" ]; then 137 echo "Not looking for credientials on msdos" 138 return; 139 fi 140 check_fs= 141 while read junk1 mp fstype junk2; do 142 if [ "${mp}" != "${creds_msdos_partition}" ]; then 143 continue 144 fi 145 if [ "${fstype}" != "msdos" ]; then 146 echo "Not checking for creds on ${creds_msdos_partition}: not an msdos file system" 147 return; 148 fi 149 break 150 done < "${fstab_file}" 151 152 delete_creds=no 153 creds_file="${creds_msdos_partition}/creds.txt" 154 155 if [ -f "${creds_file}" ]; then 156 while read type user arg1; do 157 # strip cr 158 arg1=$(echo "$arg1" | tr -d '\015') 159 case "$type" in 160 \#*|'') 161 continue 162 ;; 163 sshkeyfile) 164 echo "Added user ${user} via ssh key file method." 165 do_sshkeyfile "${user}" "${arg1}" 166 ;; 167 sshkey) 168 echo "Added user ${user} via ssh key string method." 169 do_sshkey "${user}" "${arg1}" 170 ;; 171 useraddpwhash) 172 echo "Added user ${user} via password hash method." 173 do_useraddpwhash "${user}" "${arg1}" 174 ;; 175 useradd) 176 echo "Added user ${user} via password method, shredding credentials file." 177 do_useradd "${user}" "${arg1}" 178 delete_creds=yes 179 ;; 180 *) 181 echo "Do not understand '$type' creds" 1>&2 182 exit 1 183 ;; 184 esac 185 done < "${creds_file}" 186 fi 187 188 if [ $delete_creds = yes ]; then 189 rm -P -f "${creds_file}" 190 fi 191 } 192 193 load_rc_config $name 194 run_rc_command "$1" 195
Indexes created Sat Sep 27 22:09:54 GMT 2025