問題:
ここに$ userという変数が必要です。
chown $user:$user "$HOME"/.bashrc
ただし、Sudo
およびEOF
の外部からはアクセスできません。
for user in "$@"
do
if [ "$user" = root ]
then
continue
fi
Sudo -i -u "$user" bash <<'EOF'
sleep 5
cp -f $CURRENTDIR/.bashrc "$HOME"/.bashrc
chown $user:$user "$HOME"/.bashrc
sleep 5
chmod 644 "$HOME"/.bashrc
sleep 5
wget https://raw.github.com/trapd00r/LS_COLORS/master/LS_COLORS -O "$HOME"/.dircolors
sleep 5
echo 'eval $(dircolors -b $HOME/.dircolors)' >> "$HOME"/.bashrc
. "$HOME"/.bashrc
EOF
done
質問:
スクリプトで$ userにアクセスするにはどうすればよいですか?
完全なスクリプトは次のとおりです。
#!/bin/bash -x
SCRIPTNAME=`basename "$0"`
if [ "$#" -eq 0 ]
then
echo "No arguments supplied"
echo "Usage: $SCRIPTNAME user1name user2name\(optional\) user3name\(optional\)"
sleep 10
exit 27
fi
sleep 5
echo "Setting up server.........."
sleep 10
DIRBASHRCROOT="$HOME"/.bashrcroot
DIRBASHRC="$HOME"/.bashrc
#CURRENTDIR="./"
BASHRC=.bashrc
NANORC=.nanorc
BASHRCROOT=.bashrcroot
ROOT=root
USER1="$1"
USER2="$2"
USER3="$3"
USER_PROGRAMMER=""
SOURCE=sources.list
var=0
for i in "$@"
do
if [ "$i" = root ]
then
break
Elif [ "$i" != root ]
then
var=`expr $var + 1`
if [ $var -eq 3 ]
then
USER_PROGRAMMER=root
fi
fi
done
if [ $USER_PROGRAMMER != "" ]
then
echo "$USER_PROGRAMMER is set and ready!"
fi
sleep 5
echo "Please select/provide the port-number for ssh in iptables:"
read port
PORT=$port
################# Make my variable global for all ########################3↓
echo "export CURRENTDIR=\"/tmp/svaka\"" >> /root/.bashrc
touch /etc/profile.d/bashProgrammer.sh
echo "export CURRENTDIR=\"/tmp/svaka\"" >> /etc/profile.d/bashProgrammer.sh
. /root/.bashrc
. /etc/profile
. /etc/profile.d/bashProgrammer.sh
################ Users and access settings #####################
checkIfUser()
{
for name in "$@"
do
if id -u "$name" #>/dev/null 2>&1
then
echo "User: $name exists....setting up now\!"
sleep 5
else
echo "User: "$name" does not exists....creating now\!"
useradd -m -s /bin/bash "$name" #>/dev/null 2>&1
sleep 5
fi
done
}
checkIfUser $1 $2 $3
################33 user passwords
userPass()
{
for i in "$@"
do
if [ "$i" = root ]
then
continue
fi
if [[ $(passwd --status "$i" | awk '{print $2}') = NP ]]
then
echo "$i doesn't have a password."
echo "Changing password for $i:"
echo $i:$i"YOURSTRONGPASSWORDHERE12345Áá" | chpasswd
if [ "$?" = 0 ]
then
echo "Password for user $i changed successfully"
sleep 5
fi
fi
done
}
userPass $1 $2 $3
################################################ setting up iptables ####################3
cat << EOT >> /etc/iptables.test.rules
*filter
IPTABLES CODE HERE
COMMIT
EOT
sleep 5
iptables-restore < /etc/iptables.test.rules
sleep 5
iptables-save > /etc/iptables.up.rules
sleep 3
printf "#!/bin/bash\n/sbin/iptables-restore < /etc/iptables.up.rules" > /etc/network/if-pre-up.d/iptables
chmod +x /etc/network/if-pre-up.d/iptables
sleep 6
###################################################33 sshd_config
cp -f "$CURRENTDIR/sshd_config" /etc/ssh/sshd_config
sed -i "s/Port 34504/Port $PORT/g" /etc/ssh/sshd_config
chmod 644 /etc/ssh/sshd_config
/etc/init.d/ssh restart
#################################################3333 Remove or comment out DVD/cd line from sources.list
sed -i '/deb cdrom:\[Debian GNU\/Linux/s/^/#/' /etc/apt/sources.list
####################################################33 update system
apt update && apt upgrade -y
##########################################3 Disable login www #########
passwd -l www-data
###############################################################
############################# check if programs installed and/or install
if [ ! -x /usr/bin/git ] || [ ! -x /usr/bin/wget ] || [ ! -x /usr/bin/curl ] || [ ! -x /usr/bin/gcc ] || [ ! -x /usr/bin/make ]
then
echo "Some tools with which to work with data not found installing now......................"
apt install -y git wget curl gcc make
fi
#####################################################3 update sources.list
cp -f $CURRENTDIR/$SOURCE /etc/apt/sources.list
chmod 644 /etc/apt/sources.list
wget http://www.deb-multimedia.org/pool/main/d/deb-multimedia-keyring/deb-multimedia-keyring_2016.8.1_all.deb
dpkg -i deb-multimedia-keyring_2016.8.1_all.deb
wget -q https://www.virtualbox.org/download/Oracle_vbox_2016.asc -O- | Sudo apt-key add -
apt update && apt upgrade -y
apt install -y vlc vlc-data browser-plugin-vlc mplayer youtube-dl libdvdcss2 libdvdnav4 libdvdread4 smplayer mencoder
sleep 5
apt update && apt upgrade -y
sleep 5
#################################### firmware
apt install -y firmware-linux-nonfree firmware-linux
sleep 5
################ NANO SYNTAX-HIGHLIGHTING #####################3
if [ ! -d "$CURRENTDIR/nanorc" ]
then
if [ "$UID" != 0 ]
then
Sudo -u "$ROOT" bash <<'EOF'
sleep 5
git clone https://github.com/nanorc/nanorc.git
sleep 5
cd nanorc
make install-global
sleep 5
cp -f "$CURRENTDIR/.nanorc" /etc/nanorc
chown root:root /etc/nanorc
chmod 644 /etc/nanorc
if [ "$?" = 0 ]
then
echo "Implementing a custom nanorc file succeeded\!"
else
echo "Nano setup DID NOT SUCCEED\!"
fi
EOF
else
echo "Doing user: $USER....please, wait\!"
git clone https://github.com/nanorc/nanorc.git
sleep 5
cd nanorc
sleep 5
make install-global
sleep 5
cp -f "$CURRENTDIR/$NANORC" /etc/nanorc
chown root:root /etc/nanorc
chmod 644 /etc/nanorc
if [ "$?" = 0 ]
then
echo "Implementing a custom nanorc file succeeded\!"
else
echo "Nano setup DID NOT SUCCEED\!"
fi
fi
fi
echo "Finished setting up nano\!"
################ LS_COLORS SETTINGS #############################
if [ "$UID" != 0 ]
then
echo "This program should be run as root, exiting\! now....."
exit 1
# Sudo -i -u "$ROOT" bash <<'EOF'
# BASHRCROOT=.bashrcroot
# cp "$CURRENTDIR/$BASHRCROOT" "$HOME"/.bashrc
# wget https://raw.github.com/trapd00r/LS_COLORS/master/LS_COLORS -O "$HOME"/.dircolors
# echo 'eval $(dircolors -b $HOME/.dircolors)' >> "$HOME"/.bashrc
# . "$HOME"/.bashrc
#EOF
else
cp -f "$CURRENTDIR/$BASHRCROOT" "$HOME"/.bashrc
chown root:root "$HOME"/.bashrc
chmod 644 "$HOME"/.bashrc
sleep 5
wget https://raw.github.com/trapd00r/LS_COLORS/master/LS_COLORS -O "$HOME"/.dircolors
sleep 5
echo 'eval $(dircolors -b $HOME/.dircolors)' >> "$HOME"/.bashrc
sleep 5
. "$HOME"/.bashrc
fi
for user in "$@"
do
if [ "$user" = root ]
then
continue
fi
Sudo -i -u "$user" bash <<'EOF'
sleep 5
cp -f $CURRENTDIR/.bashrc "$HOME"/.bashrc
chown $user:$user "$HOME"/.bashrc
sleep 5
chmod 644 "$HOME"/.bashrc
sleep 5
wget https://raw.github.com/trapd00r/LS_COLORS/master/LS_COLORS -O "$HOME"/.dircolors
sleep 5
echo 'eval $(dircolors -b $HOME/.dircolors)' >> "$HOME"/.bashrc
. "$HOME"/.bashrc
EOF
done
echo "Finished setting up your system\!"
echo rm -rf /tmp/svaka
一般的な解決策として、実行するコマンドラインで複数のVAR=value
ペアを使用して、追加の環境変数をSudoコマンドに渡すことができます。
この特定のケースでは、$user
変数を渡すために、次を使用できます。
Sudo -i -u "$user" user="$user" bash <<'EOF'
...
chown $user:$user "$HOME"/.bashrc
...
EOF
(rcfilesを介してこれをプッシュする代わりに、このメソッドを使用して$CURRENTDIR
などの変数を渡すこともできます。スクリプトの残りの部分からそうしているようです。)
追加の環境変数を設定するには、Sudo
に特定の権限が必要です。のように Sudoマンページのこのセクション 状態:
Setenvオプションがsudoersで設定されている場合、実行されるコマンドに
SETENV
タグが設定されているか、一致するコマンドがALL
である場合、ユーザーは過度に禁止される変数を設定できます。詳細は sudoers(5) を参照してください。