Linux User Administration using Bash Scripts

Brian Kemboi — Sun, 07 Jul 2024 17:45:00 +0000

Introduction

As an integral part of DevOps and Sysadmin, creation of users and groups is an important function, thus we ease our work load by creating a bash script that takes in a file containing the users and groups and automatically creates them.

As a HNG Intern, the following article shows the steps that I took to analyze the Stage 1 DevOps task and the required code snippets to accomplish the task.

Requirements

This is a step by step guide to accomplish the following tasks:

reads a file which contains a user and group
Creates the users and groups
checks whether there is an existing user and skips
adds a user to the specified group and create a group with the user's name
Randomly generates passwords for the created users and save them in
- /var/log/user_management.log
create a log file of all the things that the script performs.
- /var/secure/user_passwords.csv

Code

Run the script with elevated privileges

Since all requirements have been defined. The first section of the script ensures that the script is run as sudo because user and group creation requires sudo.

if (("$UID" != 0));
then 
    echo "script requires root priviledge"
    exit 1
fi

Confirm the existence of the file

The section below checks whether a file is supplied to the script

if [ -z "$1"]; then
    echo "Error: No file was provided"
    exit 1
fi

Functions

Read the provided text file

read_text_file(){
    local filename="$1"
    while IFS=';' read -r user groups; do
        users+=("$(echo "$user" | xargs)")
        group_list+=("$(echo "$groups" | xargs)")
    done < "$filename"
}

Create the users and the group

create_user_and_group(){
    local username="$1"
    if id "$username" &>/dev/null; then
        echo "User $username already exists." | tee -a "$LOG_FILE"
    else
        groupadd "$username"
        useradd -m -g  "$username" -s /bin/bash "$username"
        echo "Created user $username and created group $username." | tee -a "$LOG_FILE"
    fi 
}

Setting a password for the user

set_password(){
    local username="$1"
    local password=$(openssl rand -base64 8)
    echo "$username:$password" | chpasswd
    echo "$username:$password" >> "$PASSWORD_FILE"
    echo "password for $username created and stored in $PASSWORD_FILE." | tee -a "$LOG_FILE"
}

Declare variables

We need variables to store all the file paths that are created.

INPUT_FILE="$1"
LOG_FILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.txt"
declare -a users
declare -a group_list

Create the log and password files

mkdir -p /var/log /var/secure
touch "$LOG_FILE"
touch "$PASSWORD_FILE"
chmod 600 "$PASSWORD_FILE"

Execution of the code

read_text_file "$INPUT_FILE"

for ((i = 0; i < ${#users[@]}; i++)); do
  username="${users[i]}"
  user_groups="${group_list[i]}"

  if [[ "$username" == "" ]]; then
    continue  # Skip empty usernames
  fi

  create_user_and_group "$username"
  set_password "$username"
  add_users_groups "$username" "$user_groups"
done

echo "Users created and group assignment completed." | tee -a "$LOG_FILE"

Script execution

To run the script pass the text file containing the users and groups to the script as: sudo bash create_users.sh users.txt

Conclusion

This is a small demonstration of how to develop a batch script to automatically create users, generate random passwords and create groups.

Forem: Brian Kemboi