Chinaunix首页 | 论坛 | 博客
  • 博客访问: 542819
  • 博文数量: 78
  • 博客积分: 1913
  • 博客等级: 上尉
  • 技术积分: 829
  • 用 户 组: 普通用户
  • 注册时间: 2008-03-14 21:29
文章分类

全部博文(78)

文章存档

2011年(27)

2010年(26)

2009年(20)

2008年(5)

我的朋友

分类:

2010-12-28 15:02:37

在Mac下使用shell command删除一个用户账户, 其实涉及到很多细节, 方法如下:

#!/bin/bash


# cf. http://www.macos.utah.edu/documentation/authentication/dscl.html


# networksetup -removepreferredwirelessnetwork airport kmisz


if [[ "$(/usr/bin/whoami)" != "root" ]]; then printf '\nMust be run as root!\n\n';     exit 1; fi

OPATH=$PATH
export PATH=/usr/bin:/usr/sbin:/bin:/sbin

OIFS=$IFS
export IFS=$' \t\n'

declare sudo=/usr/bin/sudo

# read user


for user in "$@"; do
    printf "\e[1mDelete user account\e[m:$user"

    if [[ -z "$user" ]]; then printf '\nNo user specified! Please, try again!\n\n'; exit 1; fi

    # make sure the user exists

    usertest="$(/usr/bin/dscl . -search /Users name "$user" 2>/dev/null)"
     if [[ -z "$usertest" ]]; then printf "\nUser does not exist: $user\n\n"; exit 1; fi
    user="$(/usr/bin/dscl . -read /Users/"$user" RecordName | /usr/bin/awk '{print $NF;}')"
    printf "($user)\n";
    # get user's group memberships

    groups_of_user="$(/usr/bin/id -Gn "$user")"

    if [[ $? -eq 0 ]] && [[ -n "$(/usr/bin/dscl . -search /Groups GroupMembership "$user")" ]]; then
     # delete the user's group memberships

     for group in $groups_of_user; do
         $sudo /usr/bin/dscl . -delete "/Groups/$group" GroupMembership "$user"
         printf "delete group membership of $user"
         #$sudo /usr/sbin/dseditgroup -o edit -d "$user" -t user "$group"

     done
    fi


    # delete the user's primary group, be careful not to delete the admin group!

    lowerUser="$(/bin/echo "$user" | tr '[:upper:]' '[:lower:]')"
    #printf "My God: "$lowerUser""

    if [[ "$lowerUser" != 'admin' ]]; then
        # printf "delete private group of "$user"\n";

        if [[ -n "$(/usr/bin/dscl . -search /Groups name "$user")" ]]; then
         $sudo /usr/sbin/dseditgroup -o delete "$user"
         # printf "___delete "$user""

        fi
    fi
    # find the GeneratedUID of the user and remove the password hash file

    # from /private/var/db/shadow/hash/

    # sudo ls -a /private/var/db/shadow/hash

    # sudo ls -l /private/var/db/shadow/hash/


    guid="$(/usr/bin/dscl . -read "/Users/$user" GeneratedUID | /usr/bin/awk '{print $NF;}')"

    if [[ -f "/private/var/db/shadow/hash/$guid" ]]; then
     $sudo /bin/rm -f /private/var/db/shadow/hash/$guid
    fi


    # delete the user

    $sudo /usr/bin/dscl . -delete "/Users/$user"

    # make a backup

    #if [[ -d "/Users/$user" ]]; then

    # $sudo /usr/bin/ditto -rsrc -c -k "/Users/$user" "/Users/${user}-archive-$(/bin/date).zip"

    #fi


    # remove the user's home directory

    if [[ -d "/Users/$user" ]]; then
     $sudo /bin/rm -rf "/Users/$user"
    fi
done

export IFS=$OIFS
export PATH=$OPATH

exit 0



原文在: 但是它有一些严重的问题没有考虑到:
1).如果这个用户就叫admin,则codesnippets的脚本会删除掉admin这个组而导致计算机丢失掉管理员,这个时候你没有办法改回来,我后来试着启用root,加了一个admin的组,但发现不能增加帐户了,这是个天大的bug.
2).codesnippets的脚本不能同时删除多个账户.
3).如果账户名包含有空格,codesnippets的脚本也不能完成任务.

上面的脚本已由我修改过.
阅读(14048) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~