LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   awk/gawk/sed - read lines from file1, comment out or delete matching lines in file2 (http://www.linuxquestions.org/questions/linux-general-1/awk-gawk-sed-read-lines-from-file1-comment-out-or-delete-matching-lines-in-file2-447908/)

rascal84 05-23-2006 08:26 PM

awk/gawk/sed - read lines from file1, comment out or delete matching lines in file2
 
So here's what I'm up to. Feel free to give me other solutions or just point me in the right direction.

Please don't just send me to the man pages. I have already read them, but my understanding of programming / scripting isn't up to snuff. I'm working on that.

I want to restrict ftp users on a system that I'm running without having to manually add them to a restricted list, so my solution is to create a list of all users on the system and output the list to the denied ftp users file.

############
names.awk
1 BEGIN {
2 FS=":"
3 }
4 {
5 print $1
6 }
############
gawk -f names.awk /etc/passwd |sort -o /etc/ftpusers
############

After that I manually vi the ftpusers file and comment out or delete the users that are ALLOWED to login.


What I would like to do is create a file with ALLOWED users:

############
user1
user2
user3
user4
############

and check the ftpusers file against the allowedusers file, commenting out or deleting any lines that match.

############
adm
apache
bin
#user1
#user2
#user3
#user4
nobody
mail
postfix
etc...
############

I tried reaching my goal - denying all ftp access except allowed list - by changing the /etc/pam.d/ftp file from:

############
auth required pam_listfile.so item=user sense=deny file=/etc/ftpusers onerr=succeed
############

to

############
auth required pam_listfile.so item=user sense=allow file=/etc/ftpusers onerr=succeed
############

but that did not work at all.

So basically I would like to just create a script that does the file comparison that I described earlier, or find another way to manage who has access to ftp and who doesn't.

I'm not a total linux newbie, but I will admit that I haven't worked with it that long and I'm not a programmer, so coding stuff (shell scripts for example) isn't really my thing.

I suppose this could also be done using more/less & grep with the -v option, but awk/gawk/sed looked like a better solution.

Thanks in advance for the help - by the way, this is my first post on LinuxQuestions.org!!


***EDIT***
I found this other thread:
http://www.linuxquestions.org/questi...d.php?t=446640
which is basically what I want to do, but I would still like other input on the problem (managing who has ftp access to the system) if anyone has any ideas.

Thanks again!

berbae 05-24-2006 09:19 AM

Hello rascal84
Welcome here!
For the script part of your question I propose something like that :
Code:

SCRIPT=`sed '{s!^\([[:alnum:]]*\)$!\{ s/^\1$/#\1/ \}!}' allowedusers`
sed "$SCRIPT" ftpusers >deniedusers

the first sed generates a script for the second sed!
This results with a hash sign before the allowed users in the deniedusers file.
Regards.


All times are GMT -5. The time now is 05:56 AM.