exozyme/scripts
3
1
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity
scripts/adduser

85 lines
2.7 KiB
Python
Executable file
Raw Blame History

#!/usr/bin/python
from sys import argv
from os import remove, chown
from subprocess import run, call, check_output
from secrets import token_bytes
from hashlib import sha1
from base64 import b64encode
# Hash a password for LDAP
# https://github.com/tonyprawiro/cracking-ldap
# Maybe use a stronger hash function?
def ldap_hash(password):
salt = token_bytes(4)
return '{SSHA}' + b64encode(sha1(password.encode('utf-8') + salt).digest() + salt).decode('utf-8')
# Add a new user
def adduser(username, firstname, lastname, email, password, ldap_pass=None):
# Get UID
output = str(check_output(['getent', 'passwd']))
uid = [u for u in range(1000, 10000) if str(u) not in output][0]
# Construct LDIF
ldif = '''dn: uid={username},ou=People,dc=exozy,dc=me
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: shadowAccount
uid: {username}
cn: {firstname} {lastname}
sn: {lastname}
givenName: {firstname}
userPassword: {hashedpassword}
mail: {email}
loginShell: /bin/fish
uidNumber: {uid}
gidNumber: {uid}
homeDirectory: /home/{username}
dn: cn={username},ou=Group,dc=exozy,dc=me
objectClass: top
objectClass: posixGroup
cn: {username}
gidNumber: {uid}'''.format(username=username,
firstname=firstname,
lastname=lastname,
email=email,
uid=uid,
hashedpassword=ldap_hash(password))
# Write to file and get confirmation
filename = username + '.ldif'
with open(filename, 'w') as f:
f.write(ldif)
# Add user
if ldap_pass == None:
run(['vim', filename])
ret = call(['ldapadd', '-D', 'cn=Manager,dc=exozy,dc=me', '-W', '-f', filename])
else:
ret = call(['ldapadd', '-D', 'cn=Manager,dc=exozy,dc=me', '-w', ldap_pass, '-f', filename])
if ret != 0:
remove(filename)
return
chown(filename, 1000, 1000)
rename(filename, '/home/ta180m/git/LDAP/users' + filename)
# Configure user
run(['sudo', 'mkhomedir_helper', username, '077'])
run(['sudo', '-u', username, 'mkdir', '/home/' + username + '/.config'])
# Set up Flatpak
run(['sudo', '-u', username, 'flatpak', 'remote-add', '--if-not-exists', 'flathub',
'https://dl.flathub.org/repo/flathub.flatpakrepo', '--user'])
# Set default browser
run(['sudo', '-u', username, 'xdg-settings', 'set', 'default-web-browser', 'firefox.desktop'])
# Running as script
if __name__ == "__main__":
username, firsname, lastname, email, password = [argv[i] for i in range(1, 6)]
adduser(username, firstname, lastname, email, password)
Reference in a new issue View git blame Copy permalink