验证用户辅助组
verify user secondary groups
我有辅助组名列表,例如 group_1 group_2.. group_n 和用户名,例如:user1
现在我需要做
确保所有组都存在
确保没有多余的组存在
我尝试使用 id -nG user1 | grep <group_1> | grep <group_2> | .. | grep <group_ n> 并评估 exitcode 但这只能确保所需的组是 present.I我不确定如何验证没有额外的组(组不在我的列表)存在。
您可以像这样使用 grep:
grep -oFf a_file_with_secondary_group_names_per_line
如何实现您想要的示例代码:
#!/bin/bash
user=username
file=file_with_secondary_groups
if [[ $(id -G "$user" |wc -w) == $(id -nG "$user" | grep -coFf "$file") ]]; then
echo "*All groups are present"
# i.e the number of group and the number of group matched is the same
if [[ $(id -G "$user" |wc -w) == $(grep -co '.' "$file") ]]; then
echo "*No extra groups"
# i.e the number of groups and the number of groups in the file are same
else
echo "-Extra groups present"
fi
else
echo "-All groups are not present"
fi
我有辅助组名列表,例如 group_1 group_2.. group_n 和用户名,例如:user1
现在我需要做
确保所有组都存在
确保没有多余的组存在
我尝试使用 id -nG user1 | grep <group_1> | grep <group_2> | .. | grep <group_ n> 并评估 exitcode 但这只能确保所需的组是 present.I我不确定如何验证没有额外的组(组不在我的列表)存在。
您可以像这样使用 grep:
grep -oFf a_file_with_secondary_group_names_per_line
如何实现您想要的示例代码:
#!/bin/bash
user=username
file=file_with_secondary_groups
if [[ $(id -G "$user" |wc -w) == $(id -nG "$user" | grep -coFf "$file") ]]; then
echo "*All groups are present"
# i.e the number of group and the number of group matched is the same
if [[ $(id -G "$user" |wc -w) == $(grep -co '.' "$file") ]]; then
echo "*No extra groups"
# i.e the number of groups and the number of groups in the file are same
else
echo "-Extra groups present"
fi
else
echo "-All groups are not present"
fi