diff --git a/check-sftp-user.sh b/check-sftp-user.sh index bf9d617..c2bb62d 100644 --- a/check-sftp-user.sh +++ b/check-sftp-user.sh @@ -43,21 +43,32 @@ print_status() { } echo "=== 1. USER ACCOUNT CHECK ===" -if id "$USERNAME" &>/dev/null; then +if id "$USERNAME" &>/dev/null 2>&1; then print_status "OK" "User account exists: $USERNAME" - echo " User ID: $(id -u $USERNAME)" - echo " Group ID: $(id -g $USERNAME)" - echo " Groups: $(id -Gn $USERNAME)" - echo " Home Directory: $(getent passwd $USERNAME | cut -d: -f6)" - echo " Shell: $(getent passwd $USERNAME | cut -d: -f7)" + USER_ID=$(id -u "$USERNAME" 2>/dev/null) + GROUP_ID=$(id -g "$USERNAME" 2>/dev/null) + USER_GROUPS=$(id -Gn "$USERNAME" 2>/dev/null) + USER_HOME_FULL=$(getent passwd "$USERNAME" 2>/dev/null | cut -d: -f6) + USER_SHELL_FULL=$(getent passwd "$USERNAME" 2>/dev/null | cut -d: -f7) + + echo " User ID: $USER_ID" + echo " Group ID: $GROUP_ID" + echo " Groups: $USER_GROUPS" + echo " Home Directory: $USER_HOME_FULL" + echo " Shell: $USER_SHELL_FULL" else print_status "ERROR" "User account does NOT exist: $USERNAME" + echo " The user '$USERNAME' was not found on this system." + echo " Please verify the username is correct." echo " Run: id $USERNAME" + echo "" + echo " Note: The diagnostic will continue but many checks will be skipped." + USER_EXISTS=false fi echo echo "=== 2. USER GROUPS CHECK ===" -if id "$USERNAME" &>/dev/null; then +if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then # Get groups using id command - ensure we capture the output correctly GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1) GROUPS_EXIT=$? @@ -95,7 +106,7 @@ fi echo echo "=== 3. HOME DIRECTORY CHECK ===" -if id "$USERNAME" &>/dev/null; then +if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then USER_HOME=$(getent passwd $USERNAME | cut -d: -f6) if [ -d "$USER_HOME" ]; then print_status "OK" "Home directory exists: $USER_HOME" @@ -125,7 +136,7 @@ fi echo echo "=== 4. DIRECTORY STRUCTURE CHECK ===" -if id "$USERNAME" &>/dev/null; then +if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then USER_HOME=$(getent passwd $USERNAME | cut -d: -f6) if [ -d "$USER_HOME/data" ]; then print_status "OK" "Data directory exists: $USER_HOME/data" @@ -190,7 +201,7 @@ fi echo echo "=== 5. PASSWORD CHECK ===" -if id "$USERNAME" &>/dev/null; then +if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then # Check if password is set (this is tricky - we can only check if shadow entry exists) if grep -q "^$USERNAME:" /etc/shadow; then print_status "OK" "User has shadow entry (password record exists)" @@ -226,12 +237,20 @@ fi # Check addon config file ADDON_CONFIG="/etc/ssh/sshd_config.d/99-sftp-addon.conf" -if [ -f "$ADDON_CONFIG" ]; then - print_status "OK" "Addon config file exists: $ADDON_CONFIG" - echo " Contents:" - cat "$ADDON_CONFIG" | sed 's/^/ /' +if [ -d "/etc/ssh/sshd_config.d" ]; then + if [ -f "$ADDON_CONFIG" ]; then + print_status "OK" "Addon config file exists: $ADDON_CONFIG" + echo " Contents:" + cat "$ADDON_CONFIG" | sed 's/^/ /' + else + print_status "WARNING" "Addon config file does NOT exist: $ADDON_CONFIG" + echo " This file should be created during addon installation." + echo " The addon may not have been properly installed or updated." + echo " Fix: Reinstall or update the addon to create this file." + fi else - print_status "WARNING" "Addon config file does NOT exist: $ADDON_CONFIG" + print_status "WARNING" "SSH config.d directory does not exist: /etc/ssh/sshd_config.d" + echo " This directory is required for the addon configuration." fi # Check main sshd_config @@ -315,7 +334,7 @@ fi echo echo "=== 9. AUTHENTICATION TEST (SIMULATED) ===" -if id "$USERNAME" &>/dev/null; then +if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then USER_SHELL=$(getent passwd $USERNAME | cut -d: -f7) AUTH_GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1) AUTH_GROUPS_EXIT=$? @@ -353,9 +372,9 @@ fi echo echo "=== 10. QUICK FIXES ===" -echo "If user exists but login fails, try these commands (as root):" -echo -if id "$USERNAME" &>/dev/null; then +if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then + echo "If user exists but login fails, try these commands (as root):" + echo echo "1. Reset password:" echo " echo '$USERNAME:NEW_PASSWORD' | chpasswd" echo