Improve diagnostic script: better user existence checks, error handling, and SSH config validation
parent
02990680ba
commit
b1e2ef1307
|
|
@ -43,21 +43,32 @@ print_status() {
|
|||
}
|
||||
|
||||
echo "=== 1. USER ACCOUNT CHECK ==="
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
if id "$USERNAME" &>/dev/null 2>&1; then
|
||||
print_status "OK" "User account exists: $USERNAME"
|
||||
echo " User ID: $(id -u $USERNAME)"
|
||||
echo " Group ID: $(id -g $USERNAME)"
|
||||
echo " Groups: $(id -Gn $USERNAME)"
|
||||
echo " Home Directory: $(getent passwd $USERNAME | cut -d: -f6)"
|
||||
echo " Shell: $(getent passwd $USERNAME | cut -d: -f7)"
|
||||
USER_ID=$(id -u "$USERNAME" 2>/dev/null)
|
||||
GROUP_ID=$(id -g "$USERNAME" 2>/dev/null)
|
||||
USER_GROUPS=$(id -Gn "$USERNAME" 2>/dev/null)
|
||||
USER_HOME_FULL=$(getent passwd "$USERNAME" 2>/dev/null | cut -d: -f6)
|
||||
USER_SHELL_FULL=$(getent passwd "$USERNAME" 2>/dev/null | cut -d: -f7)
|
||||
|
||||
echo " User ID: $USER_ID"
|
||||
echo " Group ID: $GROUP_ID"
|
||||
echo " Groups: $USER_GROUPS"
|
||||
echo " Home Directory: $USER_HOME_FULL"
|
||||
echo " Shell: $USER_SHELL_FULL"
|
||||
else
|
||||
print_status "ERROR" "User account does NOT exist: $USERNAME"
|
||||
echo " The user '$USERNAME' was not found on this system."
|
||||
echo " Please verify the username is correct."
|
||||
echo " Run: id $USERNAME"
|
||||
echo ""
|
||||
echo " Note: The diagnostic will continue but many checks will be skipped."
|
||||
USER_EXISTS=false
|
||||
fi
|
||||
echo
|
||||
|
||||
echo "=== 2. USER GROUPS CHECK ==="
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
|
||||
# Get groups using id command - ensure we capture the output correctly
|
||||
GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1)
|
||||
GROUPS_EXIT=$?
|
||||
|
|
@ -95,7 +106,7 @@ fi
|
|||
echo
|
||||
|
||||
echo "=== 3. HOME DIRECTORY CHECK ==="
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
|
||||
USER_HOME=$(getent passwd $USERNAME | cut -d: -f6)
|
||||
if [ -d "$USER_HOME" ]; then
|
||||
print_status "OK" "Home directory exists: $USER_HOME"
|
||||
|
|
@ -125,7 +136,7 @@ fi
|
|||
echo
|
||||
|
||||
echo "=== 4. DIRECTORY STRUCTURE CHECK ==="
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
|
||||
USER_HOME=$(getent passwd $USERNAME | cut -d: -f6)
|
||||
if [ -d "$USER_HOME/data" ]; then
|
||||
print_status "OK" "Data directory exists: $USER_HOME/data"
|
||||
|
|
@ -190,7 +201,7 @@ fi
|
|||
echo
|
||||
|
||||
echo "=== 5. PASSWORD CHECK ==="
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
|
||||
# Check if password is set (this is tricky - we can only check if shadow entry exists)
|
||||
if grep -q "^$USERNAME:" /etc/shadow; then
|
||||
print_status "OK" "User has shadow entry (password record exists)"
|
||||
|
|
@ -226,12 +237,20 @@ fi
|
|||
|
||||
# Check addon config file
|
||||
ADDON_CONFIG="/etc/ssh/sshd_config.d/99-sftp-addon.conf"
|
||||
if [ -f "$ADDON_CONFIG" ]; then
|
||||
print_status "OK" "Addon config file exists: $ADDON_CONFIG"
|
||||
echo " Contents:"
|
||||
cat "$ADDON_CONFIG" | sed 's/^/ /'
|
||||
if [ -d "/etc/ssh/sshd_config.d" ]; then
|
||||
if [ -f "$ADDON_CONFIG" ]; then
|
||||
print_status "OK" "Addon config file exists: $ADDON_CONFIG"
|
||||
echo " Contents:"
|
||||
cat "$ADDON_CONFIG" | sed 's/^/ /'
|
||||
else
|
||||
print_status "WARNING" "Addon config file does NOT exist: $ADDON_CONFIG"
|
||||
echo " This file should be created during addon installation."
|
||||
echo " The addon may not have been properly installed or updated."
|
||||
echo " Fix: Reinstall or update the addon to create this file."
|
||||
fi
|
||||
else
|
||||
print_status "WARNING" "Addon config file does NOT exist: $ADDON_CONFIG"
|
||||
print_status "WARNING" "SSH config.d directory does not exist: /etc/ssh/sshd_config.d"
|
||||
echo " This directory is required for the addon configuration."
|
||||
fi
|
||||
|
||||
# Check main sshd_config
|
||||
|
|
@ -315,7 +334,7 @@ fi
|
|||
echo
|
||||
|
||||
echo "=== 9. AUTHENTICATION TEST (SIMULATED) ==="
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
|
||||
USER_SHELL=$(getent passwd $USERNAME | cut -d: -f7)
|
||||
AUTH_GROUPS_OUTPUT=$(id -Gn "$USERNAME" 2>&1)
|
||||
AUTH_GROUPS_EXIT=$?
|
||||
|
|
@ -353,9 +372,9 @@ fi
|
|||
echo
|
||||
|
||||
echo "=== 10. QUICK FIXES ==="
|
||||
echo "If user exists but login fails, try these commands (as root):"
|
||||
echo
|
||||
if id "$USERNAME" &>/dev/null; then
|
||||
if [ "${USER_EXISTS:-true}" != "false" ] && id "$USERNAME" &>/dev/null 2>&1; then
|
||||
echo "If user exists but login fails, try these commands (as root):"
|
||||
echo
|
||||
echo "1. Reset password:"
|
||||
echo " echo '$USERNAME:NEW_PASSWORD' | chpasswd"
|
||||
echo
|
||||
|
|
|
|||
Loading…
Reference in New Issue