Auth: Jin
Date: 20140403
Content:
1 #!/bin/bash - 2 ### auth: Jin 3 ### date: 20140311 4 ### Desc: 创建没有写入权限的普通用户,创建修改随机密码脚本changepassword.sh并将脚本加入crontab 5 ### Usage: ./tmp.sh 6 7 #user and permit 8 groupadd viewer && useradd viewer -g viewer && cat /proc/sys/kernel/random/uuid|passwd --stdin viewer && printf "umask 222\n" >> ~viewer/.bashrc && chmod 500 /home/viewer 9 #ssh key 10 mkdir ~viewer/.ssh/ && cp ~root/.ssh/authorized_keys ~viewer/.ssh/ 11 12 13 #change password shell 14 mkdir -p /home/gbin && touch /home/gbin/changepassword.sh && chmod 750 /home/gbin/changepassword.sh 15 #content 16 shellcontent="#/bin/bash 17 ### auth: Jin 18 ### date: 20140311 19 20 secret=\`cat /proc/sys/kernel/random/uuid | cut -d'-' -f1,3,5\` 21 22 passwd <<EOF 23 \$secret 24 \$secret 25 EOF 26 27 if [ $? -eq 0 ];then 28 echo 'Change password OK' 29 else 30 echo 'Change password fail' 31 fi" 32 33 cat > /home/gbin/changepassword.sh << EOF 34 $shellcontent 35 EOF 36 37 #注意几个转意的地方 38 #add crontal 39 cat >> /var/spool/cron/root << EOF 40 0 2 * * * /home/gbin/changepassword.sh >> /home/gbin/changepassword.log 2>&1 41 EOF 42 43 #test change password shell 44 /home/gbin/changepassword.sh >> /home/gbin/changepassword.log 2>&1 && cat /home/gbin/changepassword.log 45 46 trap "rm -f ./tmp.sh;exit" 0