Automating the creation of users and groups can help with administrative tasks and ensure adequate consistency across systems. This demonstrates how to create a Bash script that reads user and group information from a file and processes it accordingly.
Below is a Bash script that reads from a file called users.txt, which contains usernames and groups, and then creates the users and groups on the system.
#!/bin/bash
# Check if running as root
if [[ $UID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
# Define the input file, log file, and secure password file
INPUT_FILE="$1"
LOG_FILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.csv"
# Check if the input file was provided and exists
if [[ -z "$INPUT_FILE" ]]; then
echo "No input file provided."
exit 1
fi
if [[ ! -f "$INPUT_FILE" ]]; then
echo "File $INPUT_FILE not found."
exit 1
fi
# Create the log file and password file if they don't exist
touch "$LOG_FILE"
mkdir -p /var/secure
touch "$PASSWORD_FILE"
# Function to generate a random password
generate_password() {
tr -dc A-Za-z0-9 </dev/urandom | head -c 12
}
# Function to log messages
log_message() {
echo "$1" | tee -a "$LOG_FILE"
}
log_message "Backing up created files"
# Backup existing files
cp "$PASSWORD_FILE" "${PASSWORD_FILE}.bak"
cp "$LOG_FILE" "${LOG_FILE}.bak"
# Set permissions for password file
chmod 600 "$PASSWORD_FILE"
# Read the input file line by line
while IFS=';' read -r username groups || [[ -n "$username" ]]; do
# Ignore whitespace
username=$(echo "$username" | sed 's/ //g')
groups=$(echo "$groups" | sed 's/ //g')
# Parse the username and groups
echo "$username"
echo "$groups"
# Create the user and their personal groups if they don't exist
if id "$username" &>/dev/null; then
log_message "User $username already exists. Skipping..."
else
# Create personal groups for the user
groupadd "$username"
# Create user with their personal groups
useradd -m -s /bin/bash -g "$username" "$username"
if [ $? -eq 0 ]; then
log_message "User $username created with home directory."
else
log_message "Failed to create user $username."
continue
fi
# Generate a random password and set it for the user
PASSWORD=$(generate_password)
echo "$username,$PASSWORD"
if [ $? -eq 0 ]; then
log_message "Password for user $username set."
else
log_message "Failed to set password for user $username."
fi
# Store the password securely
echo "$username,$PASSWORD" >> "$PASSWORD_FILE"
# Set the correct permissions for the home directory
chmod 700 /home/"$username"
chown "$username":"$username" /home/"$username"
log_message "Home directory permissions set for user $username."
fi
# Add user to additional groups
if [ -n "$groups" ]; then
IFS=',' read -r -a groups_ARRAY <<< "$groups"
for groups in "${groups_ARRAY[@]}"; do
# Create groups if it doesn't exist
if ! getent group "$groups" > /dev/null 2>&1; then
groupadd "$groups"
log_message "group $groups created."
fi
# Add user to the groups
usermod -a -G "$groups" "$username"
if [ $? -eq 0 ]; then
log_message "User $username added to groups $groups."
else
log_message "Failed to add user $username to groups $groups."
fi
done
fi
done < "$INPUT_FILE"
log_message "User creation process completed."
Breakdown of the script
Check if Running as Root:
if [[ $UID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
Define Input, Log, and Password Files:
INPUT_FILE="$1"
LOG_FILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.csv"
Check if Input File Exists:
if [[ -z "$INPUT_FILE" ]]; then
echo "No input file provided."
exit 1
fi
if [[ ! -f "$INPUT_FILE" ]]; then
echo "File $INPUT_FILE not found."
exit 1
fi
Create Log and Password Files:
touch "$LOG_FILE"
mkdir -p /var/secure
touch "$PASSWORD_FILE"
Generate Random Password and log message functions:
generate_password() {
tr -dc A-Za-z0-9 </dev/urandom | head -c 12
}
log_message() {
echo "$1" | tee -a "$LOG_FILE"
}
Backup Existing Files:
log_message "Backing up created files"
cp "$PASSWORD_FILE" "${PASSWORD_FILE}.bak"
cp "$LOG_FILE" "${LOG_FILE}.bak"
Set Permissions for Password File:
chmod 600 "$PASSWORD_FILE"
Read Input File and Process Each Line:
while IFS=';' read -r username groups || [[ -n "$username" ]]; do
username=$(echo "$username" | sed 's/ //g')
groups=$(echo "$groups" | sed 's/ //g')
Create User and Groups:
if id "$username" &>/dev/null; then
log_message "User $username already exists. Skipping..."
else
groupadd "$username"
useradd -m -s /bin/bash -g "$username" "$username"
if [ $? -eq 0 ]; then
log_message "User $username created with home directory."
else
log_message "Failed to create user $username."
continue
fi
PASSWORD=$(generate_password)
echo "$username,$PASSWORD"
if [ $? -eq 0 ]; then
log_message "Password for user $username set."
else
log_message "Failed to set password for user $username."
fi
echo "$username,$PASSWORD" >> "$PASSWORD_FILE"
chmod 700 /home/"$username"
chown "$username":"$username" /home/"$username"
log_message "Home directory permissions set for user $username."
fi
Add User to Additional Groups:
if [ -n "$groups" ]; then
IFS=',' read -r -a groups_ARRAY <<< "$groups"
for groups in "${groups_ARRAY[@]}"; do
if ! getent group "$groups" > /dev/null 2>&1; then
groupadd "$groups"
log_message "group $groups created."
fi
usermod -a -G "$groups" "$username"
if [ $? -eq 0 ]; then
log_message "User $username added to groups $groups."
else
log_message "Failed to add user $username to groups $groups."
fi
done
fi
Complete User Creation Process:
done < "$INPUT_FILE"
log_message "User creation process completed."
Example users.txt File
Here is an example of what the users.txt file might look like:
light; umanager,datadev,devops
tosingh; datadev,devops
peter; umanager
Running the Script
- Save the script to a file, e.g., create_users.sh.
- Ensure the script is executable
- Run the script with the input file as an argument
chmod +x create_users.sh
sudo ./create_users.sh users.txt
After running , the password and log location should contain information needed.
you can learn more about this and so much more by registering on HNG