#!/bin/bash

# -------------- DISCLAIMER -------------------

#  It is recommended to test the script on a local machine for its purpose and effects.
#  ManageEngine Desktop Central will not be responsible for any
#  damage/loss to the data/setup based on the behavior of the script.

# Description  :   This script is used to add the local sudo user in the system.  Username is taken as an argument to this script.
#			             For security purposes, the password is stored inside this script. The script will be deleted once executed.
#
# 					       If password contains dollar symbol, kindly use escape character before $ to avoid password issue
#					             Example :	If User password is Manageengine$ ,then Modify the line password="Manageengine\$"
#								       If User password is Manageengine$$ ,then Modify the line password="Manageengine\$\$"
#  					       Modify the line password="passwd" to password="your_password".
#
# Returns       :   0 if successfully user added.
#                   1 if there is an error failure in user adding.
#                   2 if there are invalid arguments.
#
# Usage         :   bash CreateSudoUserOnLinux.bash ${username}
#
# Example       :   bash CreateSudoUserOnLinux.bash "myuser"
#
# Maintainer    :   ManageEngine Desktop Central <desktopcentral-support@manageengine.com>

errorCode=2
euid=$(id -u)

for i in 1; do
  # check sudo access
  if [ $euid -ne 0 ]; then
    echo "This script must be run as root"
    break
  fi

  if [ $# -ne 1 ]; then
    echo "Incorrect Usage : Arguments mismatch."
    echo "Usage : bash CreateSudoUserOnLinux.bash \${username}"
    break
  fi

  errorCode=0
  username=$1

  # If password contains dollar symbol, kindly use escape character before $ to avoid password issue
  #	Example :	If User password is Manageengine$ ,then Modify the line password="Manageengine\$"
  #	If User password is Manageengine$$ ,then Modify the line password="Manageengine\$\$"
  password="passwd"

  # check given user exist or not
  doesUserExist=$(grep -c '^'$username':' /etc/passwd)

  if [ $doesUserExist -eq 1 ]; then
    echo "User: $username already exists"
    errorCode=1
    break
  fi

  export HISTIGNORE="*passwd*"

  # adding user
  if [ -e /usr/sbin/adduser ]; then
    adduser $username --gecos "$username,RoomNumber,WorkPhone,HomePhone" --disabled-password
    if [ $? -ne 0 ]; then
      useradd -m -d /home/$username -s /bin/bash $username
      if [ $? -eq 0 ]; then
        echo "Added user by useradd"
      fi
    fi
  else
    useradd -m -d /home/$username -s /bin/bash $username
  fi

  # adding user as sudo
  adduser $username sudo
  if [ $? -ne 0 ]; then
    usermod -aG sudo $username
    # fallback if sudo fails
    if [ $? -ne 0 ]; then
      echo "$username ALL=(ALL) ALL" >>/etc/sudoers
      echo "Added user in sudoers file"
    fi
  fi

  echo $username:$password | chpasswd
  # fallback if chpasswd fails
  if [ $? -ne 0 ]; then
    echo -e "$password\n$password" | passwd $username
    if [ $? -ne 0 ]; then
      echo "$password\n$password" | passwd $username
    fi
    if [ $? -eq 0 ]; then
      echo "Changed password by passwd"
    fi
  fi

  if [ $? -eq 0 ]; then
    echo "User: $username Successfully Created"
  else
    echo "User: $username Could not be Created"
    errorCode=1
  fi
done

errorFunc() {
  return $errorCode
}
errorFunc