Forem: Azeez The latest articles on Forem by Azeez (@hayzeddev). https://forem.com/hayzeddev https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1299670%2F858c1be8-eba8-4fde-80d9-f39adf35b168.png Forem: Azeez https://forem.com/hayzeddev en Automating User and Group Management on Linux with a Shell Script Azeez Tue, 02 Jul 2024 23:08:53 +0000 https://forem.com/hayzeddev/automating-user-and-group-management-on-linux-with-a-shell-script-5b60 https://forem.com/hayzeddev/automating-user-and-group-management-on-linux-with-a-shell-script-5b60 <p>In the world of system administration, managing users and groups efficiently is crucial. This article presents a shell script that automates user and group management on Linux systems, making the process seamless and efficient. The script takes in a file which consists of users to be added to a machine and their corresponding groups</p> <h2> Below is a detailed explanation of the shell script: </h2> <h3> 1. Script Header and Argument Check </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># Check if the correct number of arguments is passed</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"$#"</span> <span class="nt">-lt</span> 1 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"Usage: </span><span class="nv">$0</span><span class="s2"> &lt;filename&gt;"</span> <span class="nb">exit </span>1 <span class="k">fi</span> </code></pre> </div> <ul> <li>#!/bin/bash: This line specifies that the script should be run using the Bash shell.</li> <li>The script checks if at least one argument is passed (the filename). If not, it prints the usage message and exits with a status of 1, indicating an error that filename is needed which can be either relative or absolute path to the location of the filename. The filename is the file that list all the users and groups. An example file would be given later.</li> </ul> <h3> 2. Filename Argument and File Existence Check </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># The first argument is the filename</span> <span class="nv">filename</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$filename</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"File not found: </span><span class="nv">$filename</span><span class="s2">"</span> <span class="nb">exit </span>1 <span class="k">fi</span> </code></pre> </div> <ul> <li>filename="$1": Stores the first argument in the filename variable.</li> <li>The script checks if the file exists. If not, it prints an error message and exits.</li> </ul> <h3> 3. Function to Trim Whitespace </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Function to trim leading and trailing whitespace</span> trim<span class="o">()</span> <span class="o">{</span> <span class="nb">local </span><span class="nv">var</span><span class="o">=</span><span class="s2">"</span><span class="nv">$*</span><span class="s2">"</span> <span class="c"># Remove leading whitespace</span> <span class="nv">var</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">#</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">%%[![</span>:space:]]<span class="p">*</span><span class="k">}</span><span class="s2">"</span><span class="k">}</span><span class="s2">"</span> <span class="c"># Remove trailing whitespace</span> <span class="nv">var</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">%</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">##*[![</span>:space:]]<span class="k">}</span><span class="s2">"</span><span class="k">}</span><span class="s2">"</span> <span class="nb">echo</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$var</span><span class="s2">"</span> <span class="o">}</span> </code></pre> </div> <ul> <li>This function removes leading and trailing whitespace from a string.</li> <li>local var="$*": Captures all arguments passed to the function.</li> <li>var="${var#"${var%%[![:space:]]*}"}": Removes leading whitespace.</li> <li>var="${var%"${var##*[![:space:]]}"}": Removes trailing whitespace.</li> <li>echo -n "$var": Prints the trimmed string without a newline.</li> </ul> <h3> 4. Logging and Password File Setup </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Define the file to check</span> <span class="nv">user_mgt_file_path</span><span class="o">=</span><span class="s2">"/var/log/user_management.log"</span> <span class="nv">user_mgt_dir_path</span><span class="o">=</span><span class="si">$(</span><span class="nb">dirname</span> <span class="s2">"</span><span class="nv">$user_mgt_file_path</span><span class="s2">"</span><span class="si">)</span> <span class="c"># Check if the directory exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-d</span> <span class="s2">"</span><span class="nv">$user_mgt_dir_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the directory if it doesn't exist</span> <span class="nb">mkdir</span> <span class="nt">-p</span> <span class="s2">"</span><span class="nv">$user_mgt_dir_path</span><span class="s2">"</span> <span class="k">fi</span> <span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$user_mgt_file_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the file if it doesn't exist</span> <span class="nb">touch</span> <span class="s2">"</span><span class="nv">$user_mgt_file_path</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"File '</span><span class="nv">$user_mgt_file_path</span><span class="s2">' created."</span> <span class="k">fi</span> <span class="c"># Define the file to check</span> <span class="nv">user_pass_file_path</span><span class="o">=</span><span class="s2">"/var/secure/user_passwords.csv"</span> <span class="nv">user_pass_dir_path</span><span class="o">=</span><span class="si">$(</span><span class="nb">dirname</span> <span class="s2">"</span><span class="nv">$user_pass_file_path</span><span class="s2">"</span><span class="si">)</span> <span class="c"># Check if the directory exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-d</span> <span class="s2">"</span><span class="nv">$user_pass_dir_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the directory if it doesn't exist</span> <span class="nb">mkdir</span> <span class="nt">-p</span> <span class="s2">"</span><span class="nv">$user_pass_dir_path</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"Directory </span><span class="nv">$user_pass_dir_path</span><span class="s2"> created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">fi</span> <span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$user_pass_file_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the file if it doesn't exist</span> <span class="nb">touch</span> <span class="s2">"</span><span class="nv">$user_pass_file_path</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"File </span><span class="nv">$user_pass_file_path</span><span class="s2"> created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">fi</span> </code></pre> </div> <ul> <li>Sets up paths for the user management log file and the user passwords CSV file.</li> <li>Checks if the directories exist and creates them if they don’t.</li> <li>Checks if the files exist and creates them if they don’t, logging the creation actions.</li> </ul> <h3> 5. Loop Through Each Line in the File </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Loop through each line in the file</span> <span class="k">while </span><span class="nv">IFS</span><span class="o">=</span> <span class="nb">read</span> <span class="nt">-r</span> line<span class="p">;</span> <span class="k">do</span> <span class="c"># Process each line</span> <span class="c"># echo "Processing: $line"</span> </code></pre> </div> <ul> <li>IFS=: Prevents leading/trailing whitespace from being trimmed.</li> <li>read -r line: Reads each line of the file into the line variable.</li> </ul> <h3> 6. Process Each Line: Extract Username and Groups </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c"># Define the username and password</span> <span class="c"># Trim leading and trailing whitespace</span> <span class="nv">username</span><span class="o">=</span><span class="si">$(</span>trim <span class="s2">"</span><span class="k">${</span><span class="nv">line</span><span class="p">%%;*</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="nv">password</span><span class="o">=</span><span class="si">$(</span><span class="nv">LC_CTYPE</span><span class="o">=</span>C &lt; /dev/urandom <span class="nb">tr</span> <span class="nt">-dc</span> <span class="s1">'A-Za-z0-9!@#$%&amp;*'</span> | <span class="nb">head</span> <span class="nt">-c</span> 16<span class="si">)</span> <span class="c"># Generate a random password</span> <span class="nb">echo</span> <span class="s2">"Password generated for user </span><span class="nv">$username</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="nv">usergroups</span><span class="o">=</span><span class="si">$(</span>trim <span class="s2">"</span><span class="k">${</span><span class="nv">line</span><span class="p">#*;</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span> </code></pre> </div> <ul> <li>username=$(trim "${line%%;*}"): Extracts the username from the line (before the semicolon).</li> <li>password=$(LC_CTYPE=C &lt; /dev/urandom tr -dc 'A-Za-z0-9!@#$%&amp;*' | head -c 16): Generates a random 16-character password.</li> <li>usergroups=$(trim "${line#*;}"): Extracts the groups (after the semicolon).</li> </ul> <h3> 7. Split User Groups and Create Groups </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c"># Split the usergroups into an array</span> <span class="nv">IFS</span><span class="o">=</span><span class="s1">','</span> <span class="nb">read</span> <span class="nt">-r</span> <span class="nt">-a</span> groups_array <span class="o">&lt;&lt;&lt;</span> <span class="s2">"</span><span class="nv">$usergroups</span><span class="s2">"</span> <span class="k">for </span>i <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="p">!groups_array[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do </span>groups_array[<span class="nv">$i</span><span class="o">]=</span><span class="si">$(</span>trim <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[</span><span class="nv">$i</span><span class="p">]</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="k">done</span> <span class="c"># Extract the primary group (first element)</span> <span class="nv">primary_group</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">username</span><span class="k">}</span><span class="s2">"</span> <span class="c"># Extract the remaining groups</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="k">${#</span><span class="nv">groups_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span> <span class="nt">-gt</span> 0 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nv">additional_groups</span><span class="o">=</span><span class="si">$(</span><span class="nv">IFS</span><span class="o">=</span>,<span class="p">;</span> <span class="nb">echo</span> <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[*]</span>:0<span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="k">else </span><span class="nv">additional_groups</span><span class="o">=</span><span class="s2">""</span> <span class="k">fi</span> </code></pre> </div> <ul> <li>Splits the usergroups string into an array using commas.</li> <li>Trims each group name in the array.</li> <li>Sets the primary group to the username.</li> <li>Joins additional groups back into a comma-separated string if there are any.</li> </ul> <h3> 8. Function to Create Groups if They Don’t Exist </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c"># Function to check if a group exists, and create it if it doesn't</span> create_group_if_not_exists<span class="o">()</span> <span class="o">{</span> <span class="nv">groupname</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="k">if</span> <span class="o">!</span> getent group <span class="s2">"</span><span class="nv">$groupname</span><span class="s2">"</span> <span class="o">&gt;</span> /dev/null 2&gt;&amp;1<span class="p">;</span> <span class="k">then </span>groupadd <span class="s2">"</span><span class="nv">$groupname</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"User group '</span><span class="nv">$groupname</span><span class="s2">' created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"User group '</span><span class="nv">$groupname</span><span class="s2">' already exist! Skipping"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">fi</span> <span class="o">}</span> </code></pre> </div> <ul> <li>This function checks if a group exists using getent group.</li> <li>If the group doesn’t exist, it creates the group using groupadd and logs the action.</li> </ul> <h3> 9. Create Primary and Additional Groups </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c"># Check and create primary group</span> create_group_if_not_exists <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="c"># Check and create additional groups</span> <span class="k">for </span>group <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do </span>create_group_if_not_exists <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="k">done</span> </code></pre> </div> <ul> <li>Calls create_group_if_not_exists to create the primary group and each additional group if they don’t exist.</li> </ul> <h3> 10. Create User and Set Password </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c"># Check if the group already exists</span> <span class="k">if</span> <span class="o">!</span> getent group <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="o">&gt;</span> /dev/null 2&gt;&amp;1<span class="p">;</span> <span class="k">then</span> <span class="c"># Create the group if it doesn't exist</span> groupadd <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"Directory </span><span class="nv">$user_pass_dir_path</span><span class="s2"> created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="c"># TODO</span> <span class="k">fi</span> <span class="c"># Check if the user already exists</span> <span class="k">if </span><span class="nb">id</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> &amp;&gt;/dev/null<span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"User '</span><span class="nv">$username</span><span class="s2">' already exists. Skipping..."</span> <span class="nb">echo</span> <span class="s2">"User '</span><span class="nv">$username</span><span class="s2">' already exists. Skipping..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">else</span> <span class="c"># Create the user with the primary group and additional groups if any</span> <span class="k">if</span> <span class="o">[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$additional_groups</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span>useradd <span class="nt">-m</span> <span class="nt">-g</span> <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="nt">-G</span> <span class="s2">"</span><span class="nv">$additional_groups</span><span class="s2">"</span> <span class="nt">-s</span> /bin/bash <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="k">else </span>useradd <span class="nt">-m</span> <span class="nt">-g</span> <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="nt">-s</span> /bin/bash <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="k">fi</span> <span class="c"># Create the user with the specified group and set the password</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">:</span><span class="nv">$password</span><span class="s2">"</span> | chpasswd <span class="nb">echo</span> <span class="s2">"User '</span><span class="nv">$username</span><span class="s2">' created! Password has also been set for the user"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="c"># Display the created username and password</span> <span class="nb">echo</span> <span class="s2">"Password for user '</span><span class="nv">$username</span><span class="s2">' is: </span><span class="nv">$password</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_pass_file_path</span> <span class="c"># Set the home directory path</span> <span class="nv">home_directory</span><span class="o">=</span><span class="s2">"/home/</span><span class="nv">$username</span><span class="s2">"</span> <span class="c"># Set permissions and ownership for the home directory</span> <span class="nb">chown</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">:</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="nb">chmod </span>755 <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="c"># Ensure appropriate permissions for additional groups</span> <span class="k">for </span>group <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="o">!=</span> <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">chmod </span>g+rx <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> setfacl <span class="nt">-m</span> <span class="s2">"g:</span><span class="nv">$group</span><span class="s2">:rx"</span> <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="k">fi done </span><span class="nb">echo</span> <span class="s2">"User </span><span class="nv">$username</span><span class="s2"> created with home directory </span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="nb">echo</span> <span class="s2">"Users created!"</span> <span class="k">fi done</span> &lt; <span class="s2">"</span><span class="nv">$filename</span><span class="s2">"</span> </code></pre> </div> <ul> <li>Checks if a group with the username exists and creates it if not.</li> <li>Checks if a user with the username exists and skips creation if they do.</li> <li>Creates the user with the primary group and additional groups if specified.</li> <li>Sets the user’s password.</li> <li>Logs the creation actions and stores the password in a CSV file.</li> <li>Sets the home directory ownership and permissions.</li> <li>Adds read and execute</li> </ul> <h3> Here is the full script </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c"># Check if the correct number of arguments is passed</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"$#"</span> <span class="nt">-lt</span> 1 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"Usage: </span><span class="nv">$0</span><span class="s2"> &lt;filename&gt;"</span> <span class="nb">exit </span>1 <span class="k">fi</span> <span class="c"># The second argument is the filename</span> <span class="nv">filename</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$filename</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"File not found: </span><span class="nv">$filename</span><span class="s2">"</span> <span class="nb">exit </span>1 <span class="k">fi</span> <span class="c"># Function to trim leading and trailing whitespace</span> trim<span class="o">()</span> <span class="o">{</span> <span class="nb">local </span><span class="nv">var</span><span class="o">=</span><span class="s2">"</span><span class="nv">$*</span><span class="s2">"</span> <span class="c"># Remove leading whitespace</span> <span class="nv">var</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">#</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">%%[![</span>:space:]]<span class="p">*</span><span class="k">}</span><span class="s2">"</span><span class="k">}</span><span class="s2">"</span> <span class="c"># Remove trailing whitespace</span> <span class="nv">var</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">%</span><span class="s2">"</span><span class="k">${</span><span class="nv">var</span><span class="p">##*[![</span>:space:]]<span class="k">}</span><span class="s2">"</span><span class="k">}</span><span class="s2">"</span> <span class="nb">echo</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$var</span><span class="s2">"</span> <span class="o">}</span> <span class="c"># Define the file to check</span> <span class="nv">user_mgt_file_path</span><span class="o">=</span><span class="s2">"/var/log/user_management.log"</span> <span class="nv">user_mgt_dir_path</span><span class="o">=</span><span class="si">$(</span><span class="nb">dirname</span> <span class="s2">"</span><span class="nv">$user_mgt_file_path</span><span class="s2">"</span><span class="si">)</span> <span class="c"># Check if the directory exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-d</span> <span class="s2">"</span><span class="nv">$user_mgt_dir_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the directory if it doesn't exist</span> <span class="nb">mkdir</span> <span class="nt">-p</span> <span class="s2">"</span><span class="nv">$user_mgt_dir_path</span><span class="s2">"</span> <span class="k">fi</span> <span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$user_mgt_file_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the file if it doesn't exist</span> <span class="nb">touch</span> <span class="s2">"</span><span class="nv">$user_mgt_file_path</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"File '</span><span class="nv">$user_mgt_file_path</span><span class="s2">' created."</span> <span class="k">fi</span> <span class="c"># Define the file to check</span> <span class="nv">user_pass_file_path</span><span class="o">=</span><span class="s2">"/var/secure/user_passwords.csv"</span> <span class="nv">user_pass_dir_path</span><span class="o">=</span><span class="si">$(</span><span class="nb">dirname</span> <span class="s2">"</span><span class="nv">$user_pass_file_path</span><span class="s2">"</span><span class="si">)</span> <span class="c"># Check if the directory exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-d</span> <span class="s2">"</span><span class="nv">$user_pass_dir_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the directory if it doesn't exist</span> <span class="nb">mkdir</span> <span class="nt">-p</span> <span class="s2">"</span><span class="nv">$user_pass_dir_path</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"Directory </span><span class="nv">$user_pass_dir_path</span><span class="s2"> created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">fi</span> <span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$user_pass_file_path</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c"># Create the file if it doesn't exist</span> <span class="nb">touch</span> <span class="s2">"</span><span class="nv">$user_pass_file_path</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"File </span><span class="nv">$user_pass_file_path</span><span class="s2"> created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">fi</span> <span class="c"># Loop through each line in the file</span> <span class="k">while </span><span class="nv">IFS</span><span class="o">=</span> <span class="nb">read</span> <span class="nt">-r</span> line<span class="p">;</span> <span class="k">do</span> <span class="c"># Process each line</span> <span class="c"># echo "Processing: $line"</span> <span class="c"># Define the username and password</span> <span class="c"># Trim leading and trailing whitespace</span> <span class="nv">username</span><span class="o">=</span><span class="si">$(</span>trim <span class="s2">"</span><span class="k">${</span><span class="nv">line</span><span class="p">%%;*</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="nv">password</span><span class="o">=</span><span class="si">$(</span><span class="nv">LC_CTYPE</span><span class="o">=</span>C &lt; /dev/urandom <span class="nb">tr</span> <span class="nt">-dc</span> <span class="s1">'A-Za-z0-9!@#$%&amp;*'</span> | <span class="nb">head</span> <span class="nt">-c</span> 16<span class="si">)</span> <span class="c"># Generate a random password</span> <span class="nb">echo</span> <span class="s2">"Password generated for user </span><span class="nv">$username</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="nv">usergroups</span><span class="o">=</span><span class="si">$(</span>trim <span class="s2">"</span><span class="k">${</span><span class="nv">line</span><span class="p">#*;</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="c"># Split the usergroups into an array</span> <span class="nv">IFS</span><span class="o">=</span><span class="s1">','</span> <span class="nb">read</span> <span class="nt">-r</span> <span class="nt">-a</span> groups_array <span class="o">&lt;&lt;&lt;</span> <span class="s2">"</span><span class="nv">$usergroups</span><span class="s2">"</span> <span class="k">for </span>i <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="p">!groups_array[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do </span>groups_array[<span class="nv">$i</span><span class="o">]=</span><span class="si">$(</span>trim <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[</span><span class="nv">$i</span><span class="p">]</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="c"># groups_array[$i]=$(echo "${groups_array[$i]}" | xargs)</span> <span class="k">done</span> <span class="c"># Extract the primary group (first element)</span> <span class="nv">primary_group</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[0]</span><span class="k">}</span><span class="s2">"</span> <span class="c"># Extract the remaining groups</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="k">${#</span><span class="nv">groups_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span> <span class="nt">-gt</span> 1 <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nv">additional_groups</span><span class="o">=</span><span class="si">$(</span><span class="nv">IFS</span><span class="o">=</span>,<span class="p">;</span> <span class="nb">echo</span> <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[*]</span>:1<span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="k">else </span><span class="nv">additional_groups</span><span class="o">=</span><span class="s2">""</span> <span class="k">fi</span> <span class="c"># Function to check if a group exists, and create it if it doesn't</span> create_group_if_not_exists<span class="o">()</span> <span class="o">{</span> <span class="nv">groupname</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="k">if</span> <span class="o">!</span> getent group <span class="s2">"</span><span class="nv">$groupname</span><span class="s2">"</span> <span class="o">&gt;</span> /dev/null 2&gt;&amp;1<span class="p">;</span> <span class="k">then </span>groupadd <span class="s2">"</span><span class="nv">$groupname</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"User group '</span><span class="nv">$groupname</span><span class="s2">' created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"User group '</span><span class="nv">$groupname</span><span class="s2">' already exist! Skipping"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">fi</span> <span class="o">}</span> <span class="c"># Check and create primary group</span> create_group_if_not_exists <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="c"># Check and create additional groups</span> <span class="k">for </span>group <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do </span>create_group_if_not_exists <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="k">done</span> <span class="c"># Check if the group already exists</span> <span class="k">if</span> <span class="o">!</span> getent group <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="o">&gt;</span> /dev/null 2&gt;&amp;1<span class="p">;</span> <span class="k">then</span> <span class="c"># Create the group if it doesn't exist</span> groupadd <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"Directory </span><span class="nv">$user_pass_dir_path</span><span class="s2"> created..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="c"># TODO</span> <span class="k">fi</span> <span class="c"># Check if the user already exists</span> <span class="k">if </span><span class="nb">id</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> &amp;&gt;/dev/null<span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"User '</span><span class="nv">$username</span><span class="s2">' already exists. Skipping..."</span> <span class="nb">echo</span> <span class="s2">"User '</span><span class="nv">$username</span><span class="s2">' already exists. Skipping..."</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="k">else</span> <span class="c"># Create the user with the primary group and additional groups if any</span> <span class="k">if</span> <span class="o">[</span> <span class="nt">-n</span> <span class="s2">"</span><span class="nv">$additional_groups</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span>useradd <span class="nt">-m</span> <span class="nt">-g</span> <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="nt">-G</span> <span class="s2">"</span><span class="nv">$additional_groups</span><span class="s2">"</span> <span class="nt">-s</span> /bin/bash <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="k">else </span>useradd <span class="nt">-m</span> <span class="nt">-g</span> <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="nt">-s</span> /bin/bash <span class="s2">"</span><span class="nv">$username</span><span class="s2">"</span> <span class="k">fi</span> <span class="c"># Create the user with the specified group and set the password</span> <span class="c"># useradd -m -g "$username" -s /bin/bash "$username"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">:</span><span class="nv">$password</span><span class="s2">"</span> | chpasswd <span class="nb">echo</span> <span class="s2">"User '</span><span class="nv">$username</span><span class="s2">' created! Password has also been set for the user"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="c"># Display the created username and password</span> <span class="nb">echo</span> <span class="s2">"Password for user '</span><span class="nv">$username</span><span class="s2">' is: </span><span class="nv">$password</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_pass_file_path</span> <span class="c"># Set the home directory path</span> <span class="nv">home_directory</span><span class="o">=</span><span class="s2">"/home/</span><span class="nv">$username</span><span class="s2">"</span> <span class="c"># Set permissions and ownership for the home directory</span> <span class="nb">chown</span> <span class="s2">"</span><span class="nv">$username</span><span class="s2">:</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="nb">chmod </span>755 <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="c"># Ensure appropriate permissions for additional groups</span> <span class="k">for </span>group <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">groups_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="o">!=</span> <span class="s2">"</span><span class="nv">$primary_group</span><span class="s2">"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">chmod </span>g+rx <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> setfacl <span class="nt">-m</span> <span class="s2">"g:</span><span class="nv">$group</span><span class="s2">:rx"</span> <span class="s2">"</span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="k">fi done </span><span class="nb">echo</span> <span class="s2">"User </span><span class="nv">$username</span><span class="s2"> created with home directory </span><span class="nv">$home_directory</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> <span class="nv">$user_mgt_file_path</span> <span class="nb">echo</span> <span class="s2">"Users created!"</span> <span class="k">fi done</span> &lt; <span class="s2">"</span><span class="nv">$filename</span><span class="s2">"</span> </code></pre> </div> <h2> How the Script Works </h2> <ol> <li> Argument Check: The script starts by checking if the correct number of arguments is passed. It expects a filename as an argument.</li> <li> File Existence Check: It then checks if the provided file exists.</li> <li> Whitespace Trimming Function: A function trim is defined to remove leading and trailing whitespaces from strings.</li> <li> Log and Password File Management: The script ensures that the directories and files for logging user management actions and storing user passwords exist.</li> <li> Processing the Input File: The script reads the input file line by line, extracting the username and user groups, generating random passwords, and managing user and group creation accordingly.</li> </ol> <h2> Using the Script </h2> <p>To use the script, save it to a file, for example, create_users.sh, and make it executable:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">chmod</span> +x user_mgmt.sh </code></pre> </div> <p>Create a file called users.txt. Make sure it is in the same directory as create_users.sh<br> Here is an example<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>light; sudo,dev,www-data idimma; sudo mayowa; dev,www-data </code></pre> </div> <p>Run the script with the input file containing user information:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>./create_users.sh users.txt <span class="c"># OR</span> bash create_users.sh users.txt </code></pre> </div> <p>Learn More About the HNG Internship</p> <ul> <li><a href="https://hng.tech/internship">https://hng.tech/internship</a></li> <li><a href="https://hng.tech/hire">https://hng.tech/hire</a></li> </ul> <h2> Summary </h2> <p>This script automates a significant part of user and group management, ensuring consistency and saving time for system administrators. The HNG Internship program encourages such practical projects, enhancing the skills of interns through real-world tasks. If you’re interested in joining or hiring from the HNG Internship, visit the links above.</p> <p>Feel free to ask if you have any questions or need further modifications!</p> bash shell linux