#!/bin/bash

# disble_user.sh
# To decommission a user account
# Meryll Larkin  November 1, 2018
# Meryll Larkin  February 17, 2020
#  added current process detection and nologin shell


echo -n "Username to disable? "
read username
echo "Investigating current proecesses for $username"
ps aux |grep $username | grep -v grep | awk '{ print $2}'
INUSE=`ps aux |grep $username | grep -v grep | awk '{ print $2}' | wc -l`
if [[ $INUSE > 0 ]]; then 
    echo "Processes running under $username.  Investigate first."
    exit 1
fi
echo 
echo "Disabling user $username"

# determine user's home directory
homedir=`grep $username /etc/passwd | awk -F: '{print $6}'`

usermod -s /sbin/nologin  ${username}
usermod -L ${username}

# remove user from all secondary groups

usermod -G "" $username

# tar and gzip the user's home directory

homebase=`dirname $homedir`
cd $homebase
tar -czvf  ${username}.tar.gz  $homedir
rm -rf $homedir

echo "$homedir is now $homedir.tar.gz"

echo "Done."