addons
/
add-sftp-user
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improve diagnostic script: better user existence checks, error handling, and SSH config validation

main
Anthony 2025-11-04 18:19:22 +08:00
parent 02990680ba
commit b1e2ef1307
1 changed files with 38 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
check-sftp-user.sh
View File

@ -43,21 +43,32 @@ print_status() {
} }
echo "=== 1. USER ACCOUNT CHECK ===" echo "=== 1. USER ACCOUNT CHECK ==="
if id "$USERNAME" &>/dev/null; then if id "$USERNAME" &>/dev/null 2>&1; then
print_status "OK" "User account exists: $USERNAME" print_status "OK" "User account exists: $USERNAME"
echo " User ID: $(id -u $USERNAME)" USER_ID=$(id -u "$USERNAME" 2>/dev/null)
echo " Group ID: $(id -g $USERNAME)" GROUP_ID=$(id -g "$USERNAME" 2>/dev/null)
echo " Groups: $(id -Gn $USERNAME)" USER_GROUPS=$(id -Gn "$USERNAME" 2>/dev/null)
echo " Home Directory: $(getent passwd $USERNAME | cut -d: -f6)" USER_HOME_FULL=$(getent passwd "$USERNAME" 2>/dev/null | cut -d: -f6)
echo " Shell: $(getent passwd $USERNAME | cut -d: -f7)" USER_SHELL_FULL=$(getent passwd "$USERNAME" 2>/dev/null | cut -d: -f7)
echo " User ID: $USER_ID"
echo " Group ID: $GROUP_ID"
echo " Groups: $USER_GROUPS"
echo " Home Directory: $USER_HOME_FULL"
echo " Shell: $USER_SHELL_FULL"
else else
print_status "ERROR" "User account does NOT exist: $USERNAME" print_status "ERROR" "User account does NOT exist: $USERNAME"
echo " The user '$USERNAME' was not found on this system."
echo " Please verify the username is correct."
echo " Run: id $USERNAME" echo " Run: id $USERNAME"
echo ""
echo " Note: The diagnostic will continue but many checks will be skipped."
USER_EXISTS=false
fi fi
echo echo
echo "=== 2. USER GROUPS CHECK ===" echo "=== 2. USER GROUPS CHECK ==="
if id "$USERNAME" &>/dev/null; then if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
# Get groups using id command - ensure we capture the output correctly # Get groups using id command - ensure we capture the output correctly
GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1) GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1)
GROUPS_EXIT=$? GROUPS_EXIT=$?
@ -95,7 +106,7 @@ fi
echo echo
echo "=== 3. HOME DIRECTORY CHECK ===" echo "=== 3. HOME DIRECTORY CHECK ==="
if id "$USERNAME" &>/dev/null; then if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
USER_HOME=$(getent passwd $USERNAME | cut -d: -f6) USER_HOME=$(getent passwd $USERNAME | cut -d: -f6)
if [ -d "$USER_HOME" ]; then if [ -d "$USER_HOME" ]; then
print_status "OK" "Home directory exists: $USER_HOME" print_status "OK" "Home directory exists: $USER_HOME"
@ -125,7 +136,7 @@ fi
echo echo
echo "=== 4. DIRECTORY STRUCTURE CHECK ===" echo "=== 4. DIRECTORY STRUCTURE CHECK ==="
if id "$USERNAME" &>/dev/null; then if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
USER_HOME=$(getent passwd $USERNAME | cut -d: -f6) USER_HOME=$(getent passwd $USERNAME | cut -d: -f6)
if [ -d "$USER_HOME/data" ]; then if [ -d "$USER_HOME/data" ]; then
print_status "OK" "Data directory exists: $USER_HOME/data" print_status "OK" "Data directory exists: $USER_HOME/data"
@ -190,7 +201,7 @@ fi
echo echo
echo "=== 5. PASSWORD CHECK ===" echo "=== 5. PASSWORD CHECK ==="
if id "$USERNAME" &>/dev/null; then if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
# Check if password is set (this is tricky - we can only check if shadow entry exists) # Check if password is set (this is tricky - we can only check if shadow entry exists)
if grep -q "^$USERNAME:" /etc/shadow; then if grep -q "^$USERNAME:" /etc/shadow; then
print_status "OK" "User has shadow entry (password record exists)" print_status "OK" "User has shadow entry (password record exists)"
@ -226,12 +237,20 @@ fi
# Check addon config file # Check addon config file
ADDON_CONFIG="/etc/ssh/sshd_config.d/99-sftp-addon.conf" ADDON_CONFIG="/etc/ssh/sshd_config.d/99-sftp-addon.conf"
if [ -f "$ADDON_CONFIG" ]; then if [ -d "/etc/ssh/sshd_config.d" ]; then
print_status "OK" "Addon config file exists: $ADDON_CONFIG" if [ -f "$ADDON_CONFIG" ]; then
echo " Contents:" print_status "OK" "Addon config file exists: $ADDON_CONFIG"
cat "$ADDON_CONFIG" | sed 's/^/ /' echo " Contents:"
cat "$ADDON_CONFIG" | sed 's/^/ /'
else
print_status "WARNING" "Addon config file does NOT exist: $ADDON_CONFIG"
echo " This file should be created during addon installation."
echo " The addon may not have been properly installed or updated."
echo " Fix: Reinstall or update the addon to create this file."
fi
else else
print_status "WARNING" "Addon config file does NOT exist: $ADDON_CONFIG" print_status "WARNING" "SSH config.d directory does not exist: /etc/ssh/sshd_config.d"
echo " This directory is required for the addon configuration."
fi fi
# Check main sshd_config # Check main sshd_config
@ -315,7 +334,7 @@ fi
echo echo
echo "=== 9. AUTHENTICATION TEST (SIMULATED) ===" echo "=== 9. AUTHENTICATION TEST (SIMULATED) ==="
if id "$USERNAME" &>/dev/null; then if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
USER_SHELL=$(getent passwd $USERNAME | cut -d: -f7) USER_SHELL=$(getent passwd $USERNAME | cut -d: -f7)
AUTH_GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1) AUTH_GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1)
AUTH_GROUPS_EXIT=$? AUTH_GROUPS_EXIT=$?
@ -353,9 +372,9 @@ fi
echo echo
echo "=== 10. QUICK FIXES ===" echo "=== 10. QUICK FIXES ==="
echo "If user exists but login fails, try these commands (as root):" if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
echo echo "If user exists but login fails, try these commands (as root):"
if id "$USERNAME" &>/dev/null; then echo
echo "1. Reset password:" echo "1. Reset password:"
echo " echo '$USERNAME:NEW_PASSWORD' | chpasswd" echo " echo '$USERNAME:NEW_PASSWORD' | chpasswd"
echo echo