From 3158e56b8b35fd548570a823aa442c1b47d3f621 Mon Sep 17 00:00:00 2001 From: Mike Gabriel Date: Thu, 14 Nov 2019 11:34:37 +0100 Subject: itzks-reset-userprofile: New tool for resetting all/most configurations in users' home directories. --- bin/itzks-reset-userprofile | 170 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 170 insertions(+) create mode 100755 bin/itzks-reset-userprofile diff --git a/bin/itzks-reset-userprofile b/bin/itzks-reset-userprofile new file mode 100755 index 0000000..2d5369d --- /dev/null +++ b/bin/itzks-reset-userprofile @@ -0,0 +1,170 @@ +#!/bin/bash + +# Copyright (C) 2019 Mike Gabriel +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + +# This scripts resets a user profile (the .dot files in $HOME). +# +# Always test before really executing... +# +# Dry-Run: itzks-reset-userprofile +# ... then read its output!!! +# +# Really-do: itzks-reset-userprofile really-do +# + +this_DATE="$(date +%Y%m%d)" + +this_USER="${USER}" +if [ "x${this_USER}" = "xroot" ]; then + + if [ "x${1}" != "x" ]; then + this_USER="${1}" + else + echo "ERROR: specify an existing user name for user profile reset" + exit 1 + fi + +else + echo "ERROR: $(basename $0) must run with super-user privileges" + exit 2 +fi + +if ! id "${this_USER}" 1>/dev/null 2>/dev/null; then + echo "ERROR: no such user known on this site" + exit 3 +fi + +this_GROUP="$(id -gn "$this_USER")" + +this_HOME="$(getent passwd ${this_USER} | cut -d ":" -f6)" + +# if we are root, we cannot work over a network filesystem +if ! echo "${this_HOME}" | grep -qE "/skole/$(hostname -s)/home.*"; then + echo "home directory not on this machine" + exit 4 +fi + +if [ -d "${this_HOME}/.profile-reset-${this_DATE}" ]; then + echo "ERROR: user profile has been reset today already, cannot do this twice on one day" + exit 5 +fi + +really_DO="${2}" + +if [ "x$really_DO" != "xreally-do" ]; then + fake_cmd="echo -e" + echo + echo "########################################################################" + echo +fi + +$fake_cmd cd ${this_HOME} +$fake_cmd mkdir .profile-reset-${this_DATE}/ +$fake_cmd chown ${this_USER}:${this_GROUP} .profile-reset-${this_DATE}/ + +echo +echo "Backing up configuration directories to ${this_HOME}/.profile-reset-${this_DATE}" +find . -maxdepth 1 -type d | grep -E '\./\..*' | while read confdir; do + + # don't back up this or older profile reset backups + if echo "${confdir}" | grep -q -E '.*/\.profile-reset-[0-9]{8}$'; then + continue + fi + + # keep SSH and GnuPG configuration + if [ "x${confdir}" = "x./.ssh" ]; then + continue + fi + if [ "x${confdir}" = "x./.gnupg" ]; then + continue + fi + + $fake_cmd mv -v $confdir ".profile-reset-${this_DATE}/" +done + +echo +echo "Backing up configuration files to ${this_HOME}/.profile-reset-${this_DATE}" +find . -maxdepth 1 -type f | grep -E '\./\..*' | while read conffile; do + $fake_cmd mv -v $conffile .profile-reset-${this_DATE}/ +done + +echo +echo "Backing up special application data folders to ${this_HOME}/.profile-reset-${this_DATE}" + +# FIXME: this needs to be adapted to XDG desktop folder naming +[ -d "${this_HOME}/Desktop" ] && { + $fake_cmd mkdir "${this_HOME}/.profile-reset-${this_DATE}/Desktop/" + $fake_cmd mv -v "${this_HOME}/Desktop/*.desktop" "${this_HOME}/.profile-reset-${this_DATE}/Desktop/" +} +[ -d "${this_HOME}/Schreibtisch" ] && { + $fake_cmd mkdir "${this_HOME}/.profile-reset-${this_DATE}/Schreibtisch/" + $fake_cmd mv -v "${this_HOME}/Schreibtisch" "${this_HOME}/.profile-reset-${this_DATE}/Schreibtisch/" +} + +# FIXME: this is ITZkS specific, it needs to be "out-sourced" +[ -d "${this_HOME}/Netzwerkordner" ] && $fake_cmd mv -v "${this_HOME}/Netzwerkordner" "${this_HOME}/.profile-reset-${this_DATE}/" + +# GrandOrgue directories +[ -d "${this_HOME}/GrandOrgue" ] && $fake_cmd mv -v "${this_HOME}/GrandOrgue" "${this_HOME}/.profile-reset-${this_DATE}/" +[ -d "${this_HOME}/GrandOrgueCache" ] && $fake_cmd mv -v "${this_HOME}/GrandOrgueCache" "${this_HOME}/.profile-reset-${this_DATE}/" +[ -d "${this_HOME}/GrandOrgueConfig" ] && $fake_cmd mv -v "${this_HOME}/GrandOrgueConfig" "${this_HOME}/.profile-reset-${this_DATE}/" +[ -d "${this_HOME}/GrandOrgueData" ] && $fake_cmd mv -v "${this_HOME}/GrandOrgueData" "${this_HOME}/.profile-reset-${this_DATE}/" + +# arduino sketch book +[ -d "${this_HOME}/sketchbook" ] && $fake_cmd mv -v "${this_HOME}/sketchbook" "${this_HOME}/.profile-reset-${this_DATE}/" + +echo +echo "Re-creating a fresh user profile" +$fake_cmd cp -avT "/etc/skel/" "${this_HOME}/" + +echo +echo "Fixing ownership of re-created user profile" +$fake_cmd chown -Rf "${this_USER}:${this_GROUP}" "${this_HOME}/" + +echo +echo "Setting 0750/0640 mask for permissions on user directory" +$fake_cmd chmod -Rf g-w,o-rwx "${this_HOME}/" + +[ -d "${this_HOME}/public_html" ] && { + echo + echo "Making '${this_HOME}/public_html' accessible to the webserver" + $fake_cmd chmod o+x "${this_HOME}" + $fake_cmd chmod o+rx "${this_HOME}/public_html/" +} + +echo +echo "Done" +if [ "x$really_DO" != "xreally-do" ]; then + + $fake_cmd cd - + + echo + echo "########################################################################" + + echo + echo "NOTICE: Only showing what would happen, use" + echo + echo " $(basename $0) really-do" + echo + echo " to really enforce a user profile reset." + echo +else + + cd - 1>/dev/null + +fi -- cgit v1.2.3