Linux (Bash): Are Login Scripts With Exit Conditions Or Exec Commands Possible?

I want to run a login script for all users, that checks whether the user is an administrator and, if so, offers the option of a host login, or launches a systemd-nspawn container by default - that way all users start in a container, unless they are an admin, who actively opts to log into the host directly for the purpose of fixing things.

#! /bin/bash


# Break on error (log out)

set -e



# Prevent breakout from script

set -o ignoreeof

trap "" 1 2 3 6 9 15 17 18 19 20 21 22 23 24 26 27



# Trap exit conditions

trap "echo -e '\n\nDropping to CLI\n'" EXIT



# Suppress cursor

tput civis



#  Get list of groups to which user belongs

   groupList=$(id -G)



#  Remove user's primary group from head of list

   groupList=${groupList#* }



   for i in $groupList ; do


       if  [[ $i -gt 0 ]] && [[ $i -lt 1000 ]] ; then : # Ignore non-root GIDs lower than 1,000


       else

           case $i in 
                     0|1000|2000|30000) # If user is an (root|org|domain|host) administrator

                                          echo -e '\n'

                                          while true; do # Offer bare metal login

                                                        echo -en "Administer Host Machine [y/N] ? \r"

                                                        read -s -n 1 yesno

                                                        case $yesno in 
                                                                      [Yy]* ) # Exit to host system

                                                                                tput cnorm # Restore cursor

                                                                                exit

                                                                           ;;

                                                                      [Nn]* ) # Pass control to guest machine login

                                                                                tput cnorm # Resore cursor

                                                                                exec '/usr/local/sbin/scripts/system/defaultLogin'
                                                                           ;;
                                                        esac
                                          done
                                     ;;



                                     *) # Otherwise, pass control to guest machine login

                                          exec '/usr/local/sbin/scripts/system/defaultLogin'
                                     ;;

           esac
       fi
   done

Try as I might, however, I cannot find a way to prevent it automatically logging the user out.

I've tried suppressing both the set -e and the EXIT trap.

I've tried replacing the exit in the [Yy] condition with . '/usr/local/sbin/scripts/system/return-error', sourcing a script which simply contains

#! /bin/bash

return 1

... to force the set -e to break and drop to the CLI.

It doesn't matter, if I move the script from /etc/profile.d to another location and source it from a user's .bashrc - so, it doesn't even work for individual users.

It doesn't matter, if I eliminate all but the exec - that just results in an automatic logout too.

Is there any way of doing this, or is it a lost cause?

I really would rather not have to maintain .bashrc files, if at all possible - quite apart from the administrative headache, that would either mean users can mess things up by editing it, or I have to change the ownership, meaning they can't tweak their own config (which is also not good). So, a system-wide solution is preferable.

Thanks in advance.