BASH SCRIPT AUTOMATION FOR NEW USERS ONBOARDING

#webdev #bash #bashscript #devops

Managing users and groups on a Linux system can be a cumbersome task, especially when dealing with a large number of users, automating the creation and management of user accounts can save significant time and reduce errors. This article will walk through a Bash script designed to automate this process, ensuring that new users and their respective groups, logs and passwords are created seamlessly.

Overview
This script performs the following tasks:

Checks and installs necessary dependencies.
Creates secure files and sets appropriate permissions.
Reads user and group data from an input file.
Creates groups and users as specified.
Assign passwords to users and store them securely.
Log all actions for auditing purposes.

The Script
Here's a detailed look at the Bash script designed to manage user accounts:

#!/bin/bash

# Log file and secure passwords file
LOGFILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.txt"

# Ensure the secure passwords file exists and set the correct permissions
sudo mkdir -p /var/secure
sudo touch $PASSWORD_FILE
sudo chmod 600 $PASSWORD_FILE

# Function to generate a random password
generate_password() {
    openssl rand -base64 12
}

# Check if openssl is installed
if ! command -v openssl &> /dev/null; then
    echo "openssl is required but not installed. Please install it and try again." >&2
    exit 1
fi

#Read the input file line by line
while IFS=';' read -r username groups; do
    # Remove any leading or trailing whitespace
    username=$(echo "$username" | xargs)
    groups=$(echo "$groups" | xargs)

    # Create a personal group with the same name as the username
    if ! getent group "$username" > /dev/null 2>&1; then
        if sudo groupadd "$username"; then
            echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$username' created." >> "$LOGFILE"
        else
            echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating group '$username'." >> "$LOGFILE"
            continue
        fi
    else
        echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$username' already exists." >> "$LOGFILE"
    fi

    # Create the user if it does not exist
    if ! id -u "$username" > /dev/null 2>&1; then
        if sudo useradd -m -s /bin/bash -g "$username" "$username"; then
            echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' created." >> "$LOGFILE"

            # Generate a random password for the user
            password=$(generate_password)
            echo "$username:$password" | sudo chpasswd
            echo "$username:$password" | sudo tee -a "$PASSWORD_FILE" > /dev/null

            # Set ownership and permissions for the user's home directory
            sudo chown "$username":"$username" "/home/$username"
            sudo chmod 700 "/home/$username"

            echo "$(date '+%Y-%m-%d %H:%M:%S') - Password for '$username' set and stored securely." >> "$LOGFILE"
        else
            echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating user '$username'." >> "$LOGFILE"
            continue
        fi
    else
        echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' already exists." >> "$LOGFILE"
    fi

    # Add user to additional groups
    IFS=',' read -ra group_array <<< "$groups"
    for group in "${group_array[@]}"; do
        group=$(echo "$group" | xargs)
        if ! getent group "$group" > /dev/null 2>&1; then
            if sudo groupadd "$group"; then
                echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$group' created." >> "$LOGFILE"
            else
                echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating group '$group'." >> "$LOGFILE"
                continue
            fi
        fi
        if sudo usermod -aG "$group" "$username"; then
            echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' added to group '$group'." >> "$LOGFILE"
        else
            echo "$(date '+%Y-%m-%d %H:%M:%S') - Error adding user '$username' to group '$group'." >> "$LOGFILE"
        fi
    done
done < "$1"

KEY FEATURES
Logging: All actions, including successes and errors, are logged to /var/log/user_management.log.

Password Security: Generated passwords are stored securely in /var/secure/user_passwords.txt with appropriate permissions.

User and Group Creation: Ensures users and their personal groups are created, even if the group name is not provided in the input.

Error Handling: Checks for existing users and groups to avoid conflicts.

Running the Script
To run this script, follow these steps:

To make the Script Executable:

chmod +x create_users.sh

Run the Script with Sudo:
sudo ./create_users.sh user_list.txt
Reading the Input File: The script reads each line from the input file containing usernames and groups separated by a semicolon. Multiple groups are separated by commas.

Example Input File:

light; sudo,dev,www-data
idimma; sudo
mayowa; dev,www-data

This input creates users Light,idimma, and Mayowa assigning them to the specified groups.

Conclusion
Automating user management with a Bash script can streamline the onboarding process for new developers, ensuring consistency and security. This script provides a robust solution for creating user accounts and managing group memberships efficiently. For more insights and resources on improving your SysOps skills, explore the HNG Internship and discover how to hire talented developers from the [HNG platform] https://hngtech/hire.

For more articles and resources, visit (https://hng.tech/premium)

DEV Community

BASH SCRIPT AUTOMATION FOR NEW USERS ONBOARDING

Top comments (0)

Read next

Introduction to CI/CD: A Beginner's Guide

Should you really Roll your own auth?

6 ways to turn your browser into super-debug-hero (ft. node.js + next.js!)

Creating forms in React.