目的在于让用户只能用脚本提供的dialog对话框进行操作。
对话框中用mysql进行身份验证,并对不同用户建立不同的可选命令列表以供使用。
通过禁用ctrl-c ctrl-d ctrl-\禁止用户退出脚本。
#!/bin/sh
#/scripts/test.sh
# kill 所有dialog
pkill -9 dialog
#将ctrl-c ctrl-d ctrl-\设置为不使用字符
stty susp ^@#$
stty intr ^@$#
stty quit ^*#$
: ${DIALOG=dialog}
rm -f ./testfile*
rm -f ./temp*
loginpassn=1
function loginuser ()
{
#创建login dialog
tempfile=`tempfile 2>/dev/null` || tempfile=/tmp/test$$
trap "rm -f $tempfile" 0 1 2 5 15
$DIALOG --title "LOGIN" --clear
--inputbox "\n\n Please Input UserName:\n" 16 51 2> $tempfile
retval=$?
case $retval in
0)
usr=`cat $tempfile`
echo "USE test;" > ./temp
echo "SELECT user FROM user WHERE user='"$usr"';" >> ./temp
mysql -h 10.0.0.1 -u test -p"test" < ./temp > ./testfile
LINE=`cat ./testfile |wc -l`
case $LINE in
2)
#若返回纪录表示用户名存在,引导password dialog,其他任何情况均重新引导login dialog
loginpass
;;
*)
#loginusern=$(( $loginusern + 1 ))
#if [ $loginusern -le 3 ]
#then
loginuser
#fi
;;
esac
;;
1)
loginuser
# echo "Cancel pressed."
;;
255)
if test -s $tempfile ; then
cat $tempfile
else
loginuser
# echo "ESC pressed."
fi
;;
esac
}
function loginpass ()
{
: ${DIALOG=dialog}
tempfile1=`tempfile 2>/dev/null` || tempfile1=/tmp/test$$
trap "rm -f $tempfile1" 0 1 2 5 15
$DIALOG --title "You can try pass 3 times, Now is $loginpassn" --clear
--insecure
--passwordbox "\n\n Your Login name is: $usr \n Now Input Password:\n" 16 51 2> $tempfile1
retval1=$?
case $retval1 in
0)
pd=`cat $tempfile1`
echo "USE test;" > ./temp1
echo "SELECT passwd FROM user WHERE passwd=md5('"$pd"');" >> ./temp1
mysql -h 10.0.0.1 -u test -p"test" < ./temp1 > ./testfile1
LINE=`cat ./testfile1 |wc -l`
case $LINE in
2)
#若输入密码与mysql中相同,则建立该用户的menulist
menulist
;;
*)
#允许三次输入密码错误
loginpassn=$(( $loginpassn + 1 ))
if [ $loginpassn -le 3 ]
then
loginpass
fi
;;
esac
;;
1)
loginuser
# echo "Cancel pressed."
;;
255)
if test -s $tempfile1 ; then
cat $tempfile1
else
loginuser
# echo "ESC pressed."
fi
;;
esac
}
function menulist ()
{
#呵呵,这部分写的太乱了,只是根据用户创建其能使用的命令项
echo "USE test;" > ./temp
echo "SELECT * FROM userscmd WHERE user='"$usr"' ;" >> ./temp
mysql -h 10.0.0.1 -u test -p"test" < ./temp > ./testfile2
sed '1d' ./testfile2 | sed 's/\t/\n/g' | sed '1d' | sed '/^$/d' > ./testfile2-1
LINETEXTFILE=`cat ./testfile2-1 |wc -l`
ii=1
rm -f ./aatest
touch ./aatest
while [ $LINETEXTFILE -gt 0 ]
do
tempcmd=`sed -n ''"$ii"'p' ./testfile2-1`
echo "USE test;" > ./temp
echo "SELECT cmdtitle FROM cmd WHERE cmd='"$tempcmd"' ;" >> ./temp
mysql -h 10.0.0.1 -u test -p"test" < ./temp > ./testfile3
aatemp=`sed '1d' ./testfile3`
echo "$aatemp \"\" " >> ./aatest
ii=$(( $ii + 1 ))
LINETEXTFILE=$(( $LINETEXTFILE - 1 ))
done
tomenubox=`cat ./aatest`
: ${DIALOG=dialog}
exec 3>&1
value=`dialog --backtitle "$usr Tools List" --title "$usr Tools List" --default-item Dialog --menu "The allow tools is in the list:" 20 60 11 $tomenubox 2>&1 1>&3`
retvala=$?
exec 3>&-
case $retvala in
0)
echo "$value chosen."
echo "USE test;" > ./temp
echo "SELECT cmdline FROM cmd WHERE cmdtitle='"$value"' ;" >> ./temp
mysql -h 10.0.0.1 -u test -p"test" < ./temp > ./testfile4
cmdtemp=`sed '1d' ./testfile4`
echo "#!/bin/sh" > ./tempcmdfile
echo "$cmdtemp" >> ./tempcmdfile
chmod 700 ./tempcmdfile
: ${DIALOG=dialog}
#显示所选择命令项的执行结果
./killall tempcmdfile
./tempcmdfile >tempcmdfile.out &
$DIALOG --title "TAIL BOX"
--tailbox tempcmdfile.out 24 70
case $? in
0)
menulist
# echo "OK"
;;
255)
menulist
# echo "ESC pressed."
;;
esac
./killall tempcmdfile
;;
1)
echo "Cancel pressed.";;
2)
echo "Help pressed ($value)";;
255)
if test -n "$value" ; then
echo "$value"
else
loginuser
# echo "ESC pressed."
fi
;;
esac
}
loginuser
if [ $loginpassn -gt 3 ]
then
echo "Login Password input error"
else
loginuser
fi |
