Add ability to config user deletion program & args (#156)

iamseth · web-flow · commit 1196ff484dca · 2020-03-18T14:03:32.000+01:00
This adds two new configuration options. USERDEL_PROGRAM and
USERDEL_ARGS. They allow users to configure how users are deleted via
the configuration file.
diff --git a/README.md b/README.md
@@ -114,6 +114,8 @@ LOCAL_MARKER_GROUP="iam-synced-users"          # Dedicated UNIX group to mark im
 LOCAL_GROUPS="GROUPNAMES"                      # Comma seperated list of UNIX groups to add the users in
 USERADD_PROGRAM="/usr/sbin/useradd"            # The useradd program to use. defaults to `/usr/sbin/useradd`
 USERADD_ARGS="--create-home --shell /bin/bash" # Arguments for the useradd program. defaults to `--create-home --shell /bin/bash`
+USERDEL_PROGRAM="/usr/sbin/userdel"            # The userdel program to use. defaults to `/usr/sbin/userdel`
+USERDEL_ARGS="--force --remove"                # Arguments for the userdel program. defaults to `--force --remove`
 ```
 
 The LOCAL_MARKER_GROUP will be created if it does not exist. BEWARE: DO NOT add any manually created users
diff --git a/import_users.sh b/import_users.sh
@@ -54,6 +54,12 @@ fi
 # Possibility to provide custom useradd arguments
 : ${USERADD_ARGS:="--user-group --create-home --shell /bin/bash"}
 
+# Possibility to provide a custom userdel program
+: ${USERDEL_PROGRAM:="/usr/sbin/userdel"}
+
+# Possibility to provide custom userdel arguments
+: ${USERDEL_ARGS:="--force --remove"}
+
 # Initizalize INSTANCE variable
 INSTANCE_ID=$(curl -s http://169.254.169.254/latest/meta-data/instance-id)
 REGION=$(curl -s http://169.254.169.254/latest/dynamic/instance-identity/document | grep region | awk -F\" '{print $4}')
@@ -211,7 +217,8 @@ function delete_local_user() {
     /usr/bin/pkill -9 -u "${1}" || true
     sleep 1
     # Remove account now that all processes for the user are gone
-    /usr/sbin/userdel -f -r "${1}"
+    ${USERDEL_PROGRAM} ${USERDEL_ARGS} "${1}"
+
     log "Deleted user ${1}"
 }
 
diff --git a/install.sh b/install.sh
@@ -42,9 +42,11 @@ LOCAL_GROUPS=""
 ASSUME_ROLE=""
 USERADD_PROGRAM=""
 USERADD_ARGS=""
+USERDEL_PROGRAM=""
+USERDEL_ARGS=""
 RELEASE="master"
 
-while getopts :hva:i:l:s:p:u:r: opt
+while getopts :hva:i:l:s:p:u:d:f:r: opt
 do
     case $opt in
         h)
@@ -72,6 +74,12 @@ do
         u)
             USERADD_ARGS="$OPTARG"
             ;;
+        d)
+            USERDEL_PROGRAM="$OPTARG"
+            ;;
+        f)
+            USERDEL_ARGS="$OPTARG"
+            ;;
         r)
             RELEASE="$OPTARG"
             ;;
@@ -93,6 +101,8 @@ export LOCAL_GROUPS
 export ASSUME_ROLE
 export USERADD_PROGRAM
 export USERADD_ARGS
+export USERDEL_PROGRAM
+export USERDEL_ARGS
 
 # check if AWS CLI exists
 if ! [ -x "$(which aws)" ]; then
@@ -147,6 +157,16 @@ then
     echo "USERADD_ARGS=\"${USERADD_ARGS}\"" >> $MAIN_CONFIG_FILE
 fi
 
+if [ "${USERDEL_PROGRAM}" != "" ]
+then
+    echo "USERDEL_PROGRAM=\"${USERDEL_PROGRAM}\"" >> $MAIN_CONFIG_FILE
+fi
+
+if [ "${USERDEL_ARGS}" != "" ]
+then
+    echo "USERDEL_ARGS=\"${USERDEL_ARGS}\"" >> $MAIN_CONFIG_FILE
+fi
+
 ./install_configure_selinux.sh
 
 ./install_configure_sshd.sh
