Temitope Olatunji
Posted on July 5, 2024
Introduction
Managing user accounts and groups on Linux systems can indeed be time-consuming, especially when dealing with multiple users. As a SysOps Engineer, you can simplify this process by creating a Bash script that automates user and group management. The script can read user and group information from a file, create users, assign them to groups, and set passwords. Let's explore the step-by-step process of achieving this automation. This task is courtesy of HNG, an internship program designed to enhance your programming knowledge across various domains. You can find more information about HNG on their website: HNG Internship. Now, let's dive into the details! ππ
Why automate?
Have you ever performed a long and complex task at the command line and thought, "Glad that's done. Now I never have to worry about it again!"? I haveβfrequently. I ultimately figured out that almost everything that I ever need to do on a computer will need to be done again sometime in the future.
Prerequisite
- Basic knowledge of Linux command line
- Text Editor
Script Code
#!/bin/bash
# automating user account creation
# Check if the script is run with the input file argument
if [ -z "$1" ]; then
echo "Usage: sudo $0 <name-of-text-file>"
exit 1
fi
# Input file (usernames and groups)
input_file="$1"
# Log file
log_file="/var/log/user_management.log"
# Secure password storage file
password_file="/var/secure/user_passwords.txt"
# Create secure directory
sudo mkdir -p /var/secure
sudo chmod 700 /var/secure
sudo touch "$password_file"
sudo chmod 600 "$password_file"
# Function to generate a random password
generate_password() {
openssl rand -base64 12
}
# Read input file line by line
while IFS=';' read -r username groups; do
# Skip empty lines or lines that don't have the proper format
[[ -z "$username" || -z "$groups" ]] && continue
# Create groups if they don't exist
for group in $(echo "$groups" | tr ',' ' '); do
sudo groupadd "$group" 2>/dev/null || echo "Group $group already exists"
done
# Create user if not exists
if id "$username" &>/dev/null; then
echo "User $username already exists"
echo "$(date '+%Y-%m-%d %H:%M:%S') - User $username already exists" | sudo tee -a "$log_file" > /dev/null
else
sudo useradd -m -s /bin/bash -G "$groups" "$username" || { echo "Failed to add user $username"; continue; }
# Set password for newly created user
password=$(generate_password)
echo "$username:$password" | sudo chpasswd || { echo "Failed to set password for $username"; continue; }
# Log actions
echo "$(date '+%Y-%m-%d %H:%M:%S') - Created user $username with groups: $groups" | sudo tee -a "$log_file" > /dev/null
# Store password securely
echo "$username:$password" | sudo tee -a "$password_file" > /dev/null
fi
done < "$input_file"
echo "$(date '+%Y-%m-%d %H:%M:%S') - User management process completed." | sudo tee -a "$log_file" > /dev/null
Script Overview
The script performs the following tasks:
- Creates two file, a log file to store logs and the other to store user's password.
- Set right permission for both files.
- Reads a list of users and groups from a file.
- Creates users and assigns them to specified groups.
- Generates random passwords for each newly created user.
- Logs all actions to /var/log/user_management.log.
- Stores the generated passwords securely in /var/secure/user_passwords.txt.
Key Features
Automated User and Group Creation:
The script automates the creation of users and their respective groups by reading from a file containing user and group information.
Personal groups are created for each user to ensure clear ownership and enhanced security.
Users can be assigned to multiple groups, facilitating organized and efficient permission management.
Secure Password Generation:
The script generates random passwords for each user, enhancing security.
Passwords are securely stored in a file with restricted access, ensuring that only authorized personnel can view them.
Logging and Documentation:
Actions performed by the script are logged to a file, providing an audit trail for accountability and troubleshooting.
Usage:
1 Input File: The script takes an input file containing the list and users and groups they are to be added. it is formatted as user;groups
Conclusion
Automating user and group management with a bash script is a very good way to streamline administrative tasks and ensure consistency across a system. In this module, we have demonstrated how to create a script that reads user and group information from a file, creates users, group and sets password while logging the entire process into a log file. This script can be modified and adapted into different environment and requirements making it a versatile tool for system administrators.
Here's a link to my script: here
Posted on July 5, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.