fyb/server-toolset
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

more tools

Browse Source
This commit is contained in:
yigid balaban
2025-08-29 09:40:20 +03:00
parent 4346b838ed
commit 4448764bca
15 changed files with 513 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

102
ssh-notify/uninstall.sh Normal file
View File

@@ -0,0 +1,102 @@
#!/usr/bin/env bash
# uninstall.sh
# part of ssh-notify from server-toolset
# 2025 © Yigid BALABAN <fyb@fybx.dev>
# This script must be run as root. It uninstalls the SSH login notification script,
# example config, updates PAM, and uninstalls the logrotate config in a transactional manner.
set -euo pipefail
# Ensure running as root
if [[ "$(id -u)" -ne 0 ]]; then
echo "Error: This script must be run as root." >&2
exit 1
fi
# Create temporary directory for backups
TMPDIR="$(mktemp -d)"
BACKUP_DIR="${TMPDIR}/backup"
mkdir -p "$BACKUP_DIR"
# Rollback function on error
rollback() {
echo "Error encountered. Rolling back changes..." >&2
[[ -f "$BACKUP_DIR/sshd.bak" ]] && mv "$BACKUP_DIR/sshd.bak" /etc/pam.d/sshd
[[ -f "$BACKUP_DIR/ssh-notify.sh.bak" ]] && mv "$BACKUP_DIR/ssh-notify.sh.bak" /usr/local/sbin/ssh-notify.sh
[[ -f "$BACKUP_DIR/config.conf.bak" ]] && mv "$BACKUP_DIR/config.conf.bak" /etc/ssh-notify/config.conf
[[ -f "$BACKUP_DIR/ssh-notify.logrotate.bak" ]] && mv "$BACKUP_DIR/ssh-notify.logrotate.bak" /etc/logrotate.d/ssh-notify
rm -rf "$TMPDIR"
exit 1
}
trap rollback ERR
# Determine project root and destinations
_project_root="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
SCRIPT_DEST="/usr/local/sbin/ssh-notify.sh"
CONF_DIR="/etc/ssh-notify"
CONF_DEST="${CONF_DIR}/config.conf"
PAM_FILE="/etc/pam.d/sshd"
LOGROTATE_FILE="/etc/logrotate.d/ssh-notify"
# Step 1: Remove PAM exec entry and associated comment
if [[ -f "$PAM_FILE" ]]; then
cp "$PAM_FILE" "$BACKUP_DIR/sshd.bak"
# Filter out sshnotify lines and trim any trailing blank lines
awk '
# skip the install.sh comment
$0 ~ /^# Send notification upon successful login \(added by sshnotify install\.sh\)/ { next }
# skip the pam_exec line
$0 ~ /^session[[:space:]]+optional[[:space:]]+pam_exec\.so.*sshnotify\.sh/ { next }
# collect other lines
{ buf[++n] = $0 }
END {
# drop trailing empty lines
while (n > 0 && buf[n] == "") n--
for (i = 1; i <= n; i++) print buf[i]
}
' "$PAM_FILE" > "$PAM_FILE.tmp"
if ! cmp -s "$PAM_FILE" "$PAM_FILE.tmp"; then
mv "$PAM_FILE.tmp" "$PAM_FILE"
echo "Removed PAM exec entry for ssh-notify from $PAM_FILE"
else
rm -f "$PAM_FILE.tmp"
echo "PAM exec entry for ssh-notify not found in $PAM_FILE (no changes made)"
fi
else
echo "PAM file $PAM_FILE not found."
fi
# Step 2: Remove main script
if [[ -f "$SCRIPT_DEST" ]]; then
cp "$SCRIPT_DEST" "$BACKUP_DIR/ssh-notify.sh.bak"
rm "$SCRIPT_DEST"
echo "Removed script $SCRIPT_DEST"
fi
# Step 3: Remove configuration
depart_dir_config() {
if [[ -f "$CONF_DEST" ]]; then
cp "$CONF_DEST" "$BACKUP_DIR/config.conf.bak"
rm "$CONF_DEST"
echo "Removed config $CONF_DEST"
fi
if [[ -d "$CONF_DIR" ]]; then
rmdir "$CONF_DIR" 2>/dev/null || true
echo "Removed directory $CONF_DIR"
fi
}
depart_dir_config
# Step 4: Remove logrotate configuration
if [[ -f "$LOGROTATE_FILE" ]]; then
cp "$LOGROTATE_FILE" "$BACKUP_DIR/ssh-notify.logrotate.bak"
rm "$LOGROTATE_FILE"
echo "Removed logrotate file $LOGROTATE_FILE"
fi
trap - ERR
echo "Uninstallation completed successfully."
echo "Backup files are located in $BACKUP_DIR. You may delete this directory manually."