Skip to content

Commit f0361e9

Browse files
GuimoveGuimove
committed
rollback some cosmetic as they are interpreted by tf
1 parent e2dffb2 commit f0361e9

File tree

1 file changed

+18
-18
lines changed

1 file changed

+18
-18
lines changed

user_data.sh

Lines changed: 18 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ mkdir /usr/bin/bastion
2727
cat > /usr/bin/bastion/shell << 'EOF'
2828
2929
# Check that the SSH client did not supply a command
30-
if [[ -z ${SSH_ORIGINAL_COMMAND} ]]; then
30+
if [[ -z $SSH_ORIGINAL_COMMAND ]]; then
3131
3232
# The format of log files is /var/log/bastion/YYYY-MM-DD_HH-MM-SS_user
3333
LOG_FILE="`date --date="today" "+%Y-%m-%d_%H-%M-%S"`_`whoami`"
@@ -36,14 +36,14 @@ if [[ -z ${SSH_ORIGINAL_COMMAND} ]]; then
3636
# Print a welcome message
3737
echo ""
3838
echo "NOTE: This SSH session will be recorded"
39-
echo "AUDIT KEY: ${LOG_FILE}"
39+
echo "AUDIT KEY: $LOG_FILE"
4040
echo ""
4141
4242
# I suffix the log file name with a random string. I explain why later on.
4343
SUFFIX=`mktemp -u _XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX`
4444
4545
# Wrap an interactive shell into "script" to record the SSH session
46-
script -qf --timing=${LOG_DIR}${LOG_FILE}${SUFFIX}.time ${LOG_DIR}${LOG_FILE}${SUFFIX}.data --command=/bin/bash
46+
script -qf --timing=$LOG_DIR$LOG_FILE$SUFFIX.time $LOG_DIR$LOG_FILE$SUFFIX.data --command=/bin/bash
4747
4848
else
4949
@@ -86,18 +86,18 @@ cat > /usr/bin/bastion/sync_s3 << 'EOF'
8686
8787
# We check that the previous copy is not already running
8888
for pid in $(pgrep -f sync_s3); do
89-
if [ ${pid} != $$ ]; then
90-
echo "[$(date)] : sync_s3 : Process is already running with PID ${pid}"
89+
if [ $pid != $$ ]; then
90+
echo "[$(date)] : sync_s3 : Process is already running with PID $pid"
9191
exit 1
9292
else
93-
echo "Running with PID ${pid}"
93+
echo "Running with PID $pid"
9494
fi
9595
done
9696
9797
# Copy log files to S3 with server-side encryption enabled.
9898
# Then, if successful, delete log files that are older than a day.
9999
LOG_DIR="/var/log/bastion/"
100-
aws s3 cp ${LOG_DIR} s3://${bucket_name}/logs/ --sse --region ${aws_region} --recursive && find ${LOG_DIR}* -mtime +1 -exec rm {} \;
100+
aws s3 cp $LOG_DIR s3://${bucket_name}/logs/ --sse --region ${aws_region} --recursive && find $LOG_DIR* -mtime +1 -exec rm {} \;
101101
102102
EOF
103103

@@ -117,11 +117,11 @@ cat > /usr/bin/bastion/sync_users << 'EOF'
117117
118118
# We check that the previous copy is not already running
119119
for pid in $(pgrep -f sync_users); do
120-
if [ ${pid} != $$ ]; then
121-
echo "[$(date)] : sync_users : Process is already running with PID ${pid}"
120+
if [ $pid != $$ ]; then
121+
echo "[$(date)] : sync_users : Process is already running with PID $pid"
122122
exit 1
123123
else
124-
echo "Running with PID ${pid}"
124+
echo "Running with PID $pid"
125125
fi
126126
done
127127
@@ -143,13 +143,13 @@ while read line; do
143143
if [[ "$USER_NAME" =~ ^[a-z][-a-z0-9]*$ ]]; then
144144
145145
# Create a user account if it does not already exist
146-
cut -d: -f1 /etc/passwd | grep -qx ${USER_NAME}
146+
cut -d: -f1 /etc/passwd | grep -qx $USER_NAME
147147
if [ $? -eq 1 ]; then
148-
/usr/sbin/adduser ${USER_NAME} && \
149-
mkdir -m 700 /home/${USER_NAME}/.ssh && \
150-
chown ${USER_NAME}:${USER_NAME} /home/${USER_NAME}/.ssh && \
148+
/usr/sbin/adduser $USER_NAME && \
149+
mkdir -m 700 /home/$USER_NAME/.ssh && \
150+
chown $USER_NAME:$USER_NAME /home/$USER_NAME/.ssh && \
151151
echo "$line" >> ~/keys_installed && \
152-
echo "`date --date="today" "+%Y-%m-%d %H-%M-%S"`: Creating user account for ${USER_NAME} ($line)" >> ${LOG_FILE}
152+
echo "`date --date="today" "+%Y-%m-%d %H-%M-%S"`: Creating user account for $USER_NAME ($line)" >> $LOG_FILE
153153
fi
154154
155155
# Copy the public key from S3, if an user account was created from this key
@@ -158,7 +158,7 @@ while read line; do
158158
if [ $? -eq 0 ]; then
159159
aws s3 cp s3://${bucket_name}/$line /home/$USER_NAME/.ssh/authorized_keys --region ${aws_region}
160160
chmod 600 /home/$USER_NAME/.ssh/authorized_keys
161-
chown ${USER_NAME}:${USER_NAME} /home/${USER_NAME}/.ssh/authorized_keys
161+
chown $USER_NAME:$USER_NAME /home/$USER_NAME/.ssh/authorized_keys
162162
fi
163163
fi
164164
@@ -172,8 +172,8 @@ if [ -f ~/keys_installed ]; then
172172
comm -13 ~/keys_retrieved_from_s3 ~/keys_installed | sed "s/\t//g" > ~/keys_to_remove
173173
while read line; do
174174
USER_NAME="`get_user_name "$line"`"
175-
echo "`date --date="today" "+%Y-%m-%d %H-%M-%S"`: Removing user account for ${USER_NAME} ($line)" >> ${LOG_FILE}
176-
/usr/sbin/userdel -r -f ${USER_NAME}
175+
echo "`date --date="today" "+%Y-%m-%d %H-%M-%S"`: Removing user account for $USER_NAME ($line)" >> $LOG_FILE
176+
/usr/sbin/userdel -r -f $USER_NAME
177177
done < ~/keys_to_remove
178178
comm -3 ~/keys_installed ~/keys_to_remove | sed "s/\t//g" > ~/tmp && mv ~/tmp ~/keys_installed
179179
fi

0 commit comments

Comments
 (0)