Adjusted Shell script added debugging and security

add-sftp.sh

@@ -15,6 +15,12 @@ ROOT_DIRECTORY="/var/www/webroot/ROOT"
 # Get the group ownership of the ROOT_DIRECTORY
 ROOT_GROUP=$(stat -c '%G' $ROOT_DIRECTORY)
 
+# Ensure the ROOT_DIRECTORY exists
+if [ ! -d "$ROOT_DIRECTORY" ]; then
+    echo "ROOT_DIRECTORY $ROOT_DIRECTORY does not exist." >> $LOG_FILE
+    exit 1
+fi
+
 # Check if user already exists
 if id "$USERNAME" &>/dev/null; then
     echo "User $USERNAME already exists." >> $LOG_FILE
@@ -45,7 +51,19 @@ if [ $? -ne 0 ]; then
 fi
 echo "$USERNAME added to groups $ROOT_GROUP and root" >> $LOG_FILE
 
+# Check if the user-specific directory already exists
+if [ ! -d "$USER_SPECIFIC_DIR" ]; then
+    # Create a user-specific directory inside ROOT_DIRECTORY
+    mkdir $USER_SPECIFIC_DIR
+    chown $USERNAME:$ROOT_GROUP $USER_SPECIFIC_DIR
+    chmod 750 $USER_SPECIFIC_DIR  # Owner has rwx, group has r-x, others have no permissions
+else
+    echo "User-specific directory $USER_SPECIFIC_DIR already exists." >> $LOG_FILE
+fi
+
+# Set the SetGID bit on ROOT_DIRECTORY
+chmod g+s $ROOT_DIRECTORY
+
 HOSTNAME=$(hostname -f)
 echo "Script completed for user $USERNAME with hostname $HOSTNAME" >> $LOG_FILE
 echo "{ \"USERNAME\": \"$USERNAME\", \"PASSWORD\": \"$PASSWORD\" }"
-