134 lines
2.5 KiB
Bash
134 lines
2.5 KiB
Bash
#! /bin/sh
|
|
|
|
### AddPrivileges ver 1.4 12 Jul 2010 ###
|
|
### ------------------------------------------------------ ###
|
|
### This script creates Passwd&Group files and sets ###
|
|
### additional privileges only for Windows users ###
|
|
### with Computer administrator privileges. ###
|
|
### It must be run at the first Torque pbs_server ###
|
|
### and Torque pbs_mom installation on Cygwin. ###
|
|
|
|
|
|
OS=`uname -s | tr '[A-Z]' '[a-z]'`
|
|
|
|
case $OS in
|
|
cygwin*) ;;
|
|
*) echo " Script can run on Cygwin only"
|
|
exit 1;;
|
|
esac
|
|
|
|
|
|
case $1 in
|
|
|
|
-h | --h*)
|
|
cat <<\EOF
|
|
|
|
Usage: AddPrivileges --help | --version or
|
|
AddPrivileges --add [mom | SYSTEM]
|
|
|
|
Set additional privileges for Windows (Cygwin) user
|
|
|
|
Run from user with Computer administrator privileges only
|
|
|
|
Options:
|
|
--help, -h display this help and exit
|
|
|
|
--version, -v output version information and exit
|
|
|
|
--add add privileges
|
|
|
|
mom for Torque pbs_mom (set the SeCreateTokenPrivilege)
|
|
SYSTEM for native Windows user
|
|
|
|
EOF
|
|
exit $?
|
|
;;
|
|
|
|
-v | --v*)
|
|
echo
|
|
echo " AddPrivileges ver 1.4 12 Jul 2010"
|
|
exit $?
|
|
;;
|
|
|
|
--add)
|
|
|
|
CURRENTU=`whoami`
|
|
|
|
PASSWDF=/etc/passwd
|
|
|
|
GROUPF=/etc/group
|
|
|
|
ADMINGRL=544
|
|
|
|
ADMINGRD=10512
|
|
|
|
mkpasswd -l -d > $PASSWDF
|
|
mkgroup -l -d > $GROUPF;
|
|
|
|
if id -G | grep -q "$ADMINGRD"
|
|
|
|
then
|
|
echo " $CURRENTU is a domain administrator"
|
|
|
|
elif id -G | grep -q "$ADMINGRL"
|
|
|
|
then
|
|
echo " $CURRENTU is a local administrator"
|
|
|
|
else echo " Current user '$CURRENTU' has not administrator privileges"
|
|
exit $?;
|
|
fi
|
|
|
|
|
|
chmod 644 $PASSWDF
|
|
|
|
chmod 644 $GROUPF
|
|
|
|
|
|
if [ "$2" = "SYSTEM" ]; then
|
|
|
|
echo
|
|
echo " Passwd&Group files were created"
|
|
echo
|
|
exit $?;
|
|
|
|
fi
|
|
|
|
|
|
if [ "$2" = "mom" ]; then
|
|
|
|
editrights -a SeCreateTokenPrivilege -u "$CURRENTU"
|
|
|
|
echo " Reboot your computer that the SeCreateTokenPrivilege has taken effect"
|
|
|
|
fi
|
|
|
|
|
|
editrights -a SeServiceLogonRight -u "$CURRENTU"
|
|
editrights -a SeAssignPrimaryTokenPrivilege -u "$CURRENTU"
|
|
|
|
|
|
if [[ $? -eq $SUCCESS ]]; then
|
|
|
|
cat <<\EOF
|
|
|
|
Passwd&Group files and additional privileges were set successfully
|
|
|
|
Should run 'editrights -l -u UserAdmin'
|
|
to ascertain of the privileges installation
|
|
|
|
Warning!!! You have to understand that the installing of additional privileges
|
|
can decrease your OS security level
|
|
|
|
EOF
|
|
fi
|
|
|
|
exit $?
|
|
;;
|
|
|
|
esac
|
|
|
|
echo " Bad syntax. Try \`$0 --help' for more information."
|
|
exit 1;
|
|
|