created a bash script to create an ftp account, its here -
#!/bin/bash
dir=/mnt/sftp
group=sftp_users
echo "Enter UserName:"
read user
if id $user ; then
echo "$user already exists as you can see above, please re-run the script"
exit
else
echo "$user not in system, ok to continue"
fi
echo "Enter Password:"
read passwd
echo "$user:$passwd" >> /ftp_details/accounts.csv
echo "is this a normal user (press 1) or vfx user (press 2) ?"
read choice
case $choice in
1)
useradd -g $group -d /upload -s /sbin/nologin $user
mkdir -p $dir/$user/upload
chown $user:$group $dir/$user/upload
touch $dir/$user/upload/WARNING_everything_in_here_will_get_removed_in_14_days_time.txt
;;
2)
useradd $user -s /sbin/nologin -b /mnt/vfx/
;;
*)
echo "invalid selection, please re-run the script"
exit
;;
esac
echo $user:$passwd | chpasswd
it works great but now i want to do something else which i dont know if possible but i will try and explain
i want the end user/customer/client or whoever submits an ftp user creation for us to send an email to sftp.molinare.co.uk and when they email it, the sftp server i created with the script will pick up what username and password they want to make the ftp account and it will create it and then send them an email saying the ftp account has been created with the username/password they gave
obviously i will configure postfix SMTP on the sftp server so it can do this
Do you mean that the account they would email is sftp@....?
If the server the email is directed to has /etc/aliases then you could pass it all into a script by adding a line like this:-
sftp: |/path/to/script
Would that help? I'm not sure who the script would run as, but you could, at least, capture the file to a spool area and have a scheduled job looking out for them that runs as a privileged account that can perform the necessary operations.
If the above line is added into /etc/aliases and a command newaliases is run, then any mail arriving at your server for sftp will cause the script /path/to/script to be run with the email as standard input.
You can do something dull with it, so the script could just be as short as:-
.... which will write the email to a timestamped (and process id) spool file that something else could be watching for.
You would still need to be able to read through the email and decipher what the request was, but then you can create the account and send them a reply fairly easily.
I think that you should ask prospective users to apply off line for a key/token and validate that information on the request to create an account otherwise you will likely be inundated with spam accounts. Also I think that you should assign the userid and collect and correlate the user's email and phone.