#!/bin/bash CHD=$1 if [ $# -lt 1 ]; then echo "Usage: sync-chr-users [chroot] [SURE]" exit 3 fi if ! [ -d "$CHD/etc" ]; then echo "Chroot dir $CHD doesn't exist" exit 23 fi echo "************************************" echo "*** syncing chroot users to root ***" echo "************************************" if [ "$2" != "SURE" ]; then echo "*** TEST RUN *** TEST RUN *** TEST RUN *** TEST RUN *** TEST RUN *** TEST RUN ***" fi PWF=$CHD/etc/passwd GRF=$CHD/etc/group if [ -f $PWF ]; then echo "*** $CHD ***" # check for users allusers=`cat $PWF |cut -d: -f1` for user in $allusers; do pwline=`grep -e "^$user\:" $PWF` uid=`echo "$pwline" |cut -d: -f3` gid=`echo "$pwline" |cut -d: -f4` rpwline=`grep -e "^$user\:" /etc/passwd` ruid=`echo "$rpwline" |cut -d: -f3` rgid=`echo "$rpwline" |cut -d: -f4` if [ "x$ruid" == "x" ]; then echo "ERROR: User $user (in $CHD chroot) doesn't exist in root!" echo "Please create $user user in root and start again." exit 43 fi done #check for groups allgroups=`cat $GRF |cut -d: -f1` for group in $allgroups; do grline=`grep -e "^$group\:" $GRF` gid=`echo "$grline" |cut -d: -f3` rgrline=`grep -e "^$group\:" /etc/group` rgid=`echo "$rgrline" |cut -d: -f3` if [ "x$rgid" == "x" ]; then echo "ERROR: Group $group (in $CHD chroot) doesn't exist in root!" echo "Please create $group group in root and start again." exit 45 fi done # do the sync pruid="" prgid="" #allusers=`cat $PWF |cut -d: -f1` for user in $allusers; do pwline=`grep -e "^$user\:" $PWF` uid=`echo "$pwline" |cut -d: -f3` gid=`echo "$pwline" |cut -d: -f4` rpwline=`grep -e "^$user\:" /etc/passwd` ruid=`echo "$rpwline" |cut -d: -f3` rgid=`echo "$rpwline" |cut -d: -f4` tmpuid=50000 tmpgid=50000 let tmpuid=$ruid+50000 let tmpgid=$rgid+50000 # change uid and update passwd file if [ "$uid" != "$ruid" ]; then echo "$user -> changing uid: $uid / r$ruid ($tmpuid)" find $CHD -mount -uid $uid if [ "$2" == "SURE" ]; then find $CHD -mount -uid $uid -exec chown $tmpuid {} \; echo "updating $PWF..." cat $PWF | sed -e "s/\(^$user\:.*\:\)$uid\:/\1$tmpuid:/g" >$PWF-tmp mv $PWF-tmp $PWF fi pruid="$pruid $ruid" fi # change gid and update passwd/group file if [ "$gid" != "$rgid" ]; then echo "$user -> changing gid: $gid / r$rgid ($tmpgid)" find $CHD -mount -gid $gid if [ "$2" == "SURE" ]; then find $CHD -mount -gid $gid -exec chgrp $tmpgid {} \; echo "updating $PWF..." cat $PWF | sed -e "s/\(^$user\:.*\:.*\:\)$gid\:/\1$tmpgid:/g" >$PWF-tmp mv $PWF-tmp $PWF echo "updating $GRF..." cat $GRF | sed -e "s/\(^.*\:.*\:\)$gid\:/\1$tmpgid:/g" >$GRF-tmp mv $GRF-tmp $GRF fi prgid="$prgid $rgid" fi done # change groups that are not connected to uid allgroups=`cat $GRF |cut -d: -f1` skipgroups="$prgid" for group in $allgroups; do grline=`grep -e "^$group\:" $GRF` gid=`echo "$grline" |cut -d: -f3` rgrline=`grep -e "^$group\:" /etc/group` rgid=`echo "$rgrline" |cut -d: -f3` tmpgid=50000 let tmpgid=$rgid+50000 skipg="0" for prg in $skipgroups; do if [ "$rgid" == "$prg" ]; then skipg="1"; fi done if [ "$skipg" == "0" ]; then if [ "$gid" != "$rgid" ]; then echo "group $group -> changing gid: $gid / r$rgid ($tmpgid)" find $CHD -mount -gid $gid if [ "$2" == "SURE" ]; then find $CHD -mount -gid $gid -exec chgrp $tmpgid {} \; fi prgid="$prgid $rgid" fi if [ "$gid" != "$rgid" ]; then if [ "$2" == "SURE" ]; then echo "updating $PWF..." cat $PWF | sed -e "s/\(^.*\:.*\:.*\:\)$gid\:/\1$tmpgid:/g" >$PWF-tmp mv $PWF-tmp $PWF echo "updating $GRF..." cat $GRF | sed -e "s/\(^$group\:.*\:\)$gid\:/\1$tmpgid:/g" >$GRF-tmp mv $GRF-tmp $GRF fi fi fi done #finalize uids if [ "$2" == "SURE" ]; then for uid in $pruid; do let tmpuid=$uid+50000 echo "finalizing uid: $uid ($tmpuid)" find $CHD -mount -uid $tmpuid find $CHD -mount -uid $tmpuid -exec chown $uid {} \; echo "finalizing $PWF stage 1..." cat $PWF | sed -e "s/\(^.*\:.*\:\)$tmpuid\:/\1$uid:/g" >$PWF-tmp mv $PWF-tmp $PWF done for gid in $prgid; do let tmpgid=$gid+50000 echo "finalizing gid: $gid ($tmpgid)" find $CHD -mount -gid $tmpgid find $CHD -mount -gid $tmpgid -exec chgrp $gid {} \; echo "finalizing $PWF stage 2..." cat $PWF | sed -e "s/\(^.*\:.*\:.*\:\)$tmpgid\:/\1$gid:/g" >$PWF-tmp mv $PWF-tmp $PWF echo "finalizing $GRF..." cat $GRF | sed -e "s/\(^.*\:.*\:\)$tmpgid\:/\1$gid:/g" >$GRF-tmp mv $GRF-tmp $GRF done fi fi if [ "$2" != "SURE" ]; then echo "************************************************************************************" echo "NOTE: I haven't done anything yet." echo "WARNING! This script will sync all user uids and gids in chroots to the root system." echo "If you are sure, type SURE as parameter" echo "Usage: sync-chr-users [chroot] [SURE]" exit 7 fi