-
Notifications
You must be signed in to change notification settings - Fork 0
/
42-deleteuser
58 lines (44 loc) · 1.58 KB
/
42-deleteuser
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
#!/bin/bash
## deleteuser--Deletes a user account without a trace...
# Not for use with OS X
homedir="/home"
pwfile="/etc/passwd"
shadow="/etc/shadow"
newpwfile="/etc/passwd.new"
newshadow="/etc/shadow.new"
locker="/etc/passwd.lock"
if [ -z $1 ] ; then
echo "Usage: $0 account" >&2; exit 1
elif [ "$(whoami)" != "root" ] ; then
echo "Error: you must be 'root' to run this command.">&2; exit 1
fi
suspenduser $1 # Suspend their account while we do the dirty work.
uid="$(grep -E "^${1}:" $pwfile | cut -d: -f3)"
if [ -z $uid ] ; then
echo "Error: no account $1 found in $pwfile" >&2; exit 1
fi
# Remove from the password and shadow files.
grep -vE "^${1}:" $pwfile > $newpwfile
grep -vE "^${1}:" $shadow > $newshadow
lockcmd="$(which lockfile)" # Find lockfile app in the path.
if [ ! -z $lockcmd ] ; then # let's use the system lockfile
eval $lockcmd -r 15 $locker
else # Ulp, let's do it ourselves.
while [ -e $locker ] ; do
echo "waiting for the password file" ; sleep 1
done
touch $locker # created a file-based lock
fi
mv $newpwfile $pwfile
mv $newshadow $shadow
rm -f $locker # click! unlocked again
chmod 644 $pwfile
chmod 400 $shadow
# Now remove home directory and list anything left...
rm -rf $homedir/$1
echo "Files still left to remove (if any):"
find / -uid $uid -print 2>/dev/null | sed 's/^/ /'
echo ""
echo "Account $1 (uid $uid) has been deleted, and their home directory "
echo "($homedir/$1) has been removed."
exit 0