Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/sh
- USER=openvpn-timed-user
- SERVER=server2
- ACTION=$1;
- if [ "$ACTION" != "enable" -a "$ACTION" != "disable" ]; then
- echo "Usage: $0 enable|disable"
- exit
- fi
- if [ "$ACTION" = "enable" ]; then
- #create new user and reload openvpn
- echo "Enabling $USER access"
- #the user should have a disabled (!) password in /etc/shadow. Remove the !
- disabled=`grep "$USER:!" /etc/shadow | wc -l`;
- if [ "$disabled" -gt "0" ]; then
- sed -i "s/^$USER:!/$USER:/" /etc/shadow
- echo "Enabled user $USER";
- else
- echo "User $USER was not disabled";
- fi
- fi
- if [ "$ACTION" = "disable" ]; then
- #disable user and reload openvpn (if connected)
- echo "Disabling $USER access"
- disabled=`grep "$USER:!" /etc/shadow | wc -l`;
- if [ "$disabled" -gt "0" ]; then
- echo "$USER was already disabled"
- else
- sed -i "s/^$USER:/$USER:!/" /etc/shadow
- echo "Disabled $USER";
- fi
- connected=`cat /etc/openvpn/$SERVER/status | grep CLIENT_LIST | grep "$USER" | wc -l`
- if [ "$connected" -gt "0" ]; then
- #reload openvpn
- echo "Restarting openvpn to cut existing connection"
- /sbin/service stop_vpn${SERVER}
- /sbin/service start_vpn${SERVER}
- else
- echo "Not restarting openvpn because user is not connected"
- fi
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement