Introduction
We can use a Bash script to automate the creation of users and groups, set up home directories, generate random passwords, and log all actions.
Script Overview
The script we're going to discuss performs the following functions:
Create Users and Groups: Reads a file containing usernames and group names, creates the users and groups if they do not exist, and assigns users to the specified groups.
Setup Home Directories: Sets up home directories with appropriate permissions and ownership for each user.
Generate Random Passwords: Generates random passwords for the users and stores them securely.
Log Actions: Logs all actions to /var/log/user_management.log for auditing and troubleshooting.
Store Passwords Securely: Stores the generated passwords in /var/secure/user_passwords.csv with restricted access.
The Script
Here is the complete Bash script:
#!/bin/bash
LOG_FILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.csv"
# Ensure /var/secure exists and has the correct permissions
mkdir -p /var/secure
chmod 700 /var/secure
touch "$PASSWORD_FILE"
chmod 600 "$PASSWORD_FILE"
# Function to log messages
log_message() {
echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "$LOG_FILE"
}
# Function to generate random passwords
generate_password() {
local password_length=12
tr -dc A-Za-z0-9 </dev/urandom | head -c $password_length
}
# Function to add users, groups and set up home directories
setup_user() {
local username=$1
local groups=$2
# Create the user
# &>/dev/null
if ! id -u "$username" &>/dev/null; then
password=$(generate_password)
useradd -m -s /bin/bash "$username"
echo "$username:$password" | chpasswd
log_message "User $username created."
# Store the username and password
echo "$username,$password" >> "$PASSWORD_FILE"
log_message "Password for $username stored."
else
log_message "User $username already exists."
fi
# Create groups and add user to groups
IFS=',' read -ra group_array <<< "$groups"
for group in "${group_array[@]}"; do
if ! getent group "$group" &>/dev/null; then
groupadd "$group"
log_message "Group $group created."
fi
usermod -aG "$group" "$username"
log_message "Added $username to $group."
done
# Set up the home directory
local home_dir="/home/$username"
chown "$username":"$username" "$home_dir"
chmod 700 "$home_dir"
log_message "Home directory for $username set up with appropriate permissions."
}
# Main script
if [ $# -eq 0 ]; then
log_message "Usage: $0 <input_file>"
exit 1
fi
input_file=$1
log_message "Starting user management script."
# Read the input file and process each line
while IFS=';' read -r username groups; do
setup_user "$username" "$groups"
done < "$input_file"
log_message "User management script completed."
Logging and Password File Setup
- The script ensures that the /var/secure directory exists and has the appropriate permissions.
- It creates the password file /var/secure/user_passwords.csv and ensures only the owner can read it.
mkdir -p /var/secure
chmod 700 /var/secure
touch "$PASSWORD_FILE"
chmod 600 "$PASSWORD_FILE"
Message_Log
The log_message function logs messages to /var/log/user_management.log with a timestamp.
log_message() {
echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" | tee -a "$LOG_FILE"
}
password function
The generate_password function generates a random password of a specified length (12 characters in this case).
generate_password() {
local password_length=12
tr -dc A-Za-z0-9 </dev/urandom | head -c $password_length
}
User Setup Function
The setup_user function creates users, adds them to groups, sets up home directories with appropriate permissions, and logs each action. It also generates and stores passwords securely.
setup_user() {
local username=$1
local groups=$2
# Create the user
if ! id -u "$username" &>/dev/null; then
password=$(generate_password)
useradd -m -s /bin/bash "$username"
echo "$username:$password" | chpasswd
log_message "User $username created."
# Store the username and password
echo "$username,$password" >> "$PASSWORD_FILE"
log_message "Password for $username stored."
else
log_message "User $username already exists."
fi
Main Script
The main part of the script takes an input file as an argument, reads it line by line, and processes each line to create users and groups, set up home directories, and log actions.
if [ $# -eq 0 ]; then
log_message "Usage: $0 <input_file>"
exit 1
fi
This makes sure you run the script with an input_file, i.e input.txt
input_file=$1
log_message "Starting user management script."
Usage
To use this script, save it to a file (e.g., user_management.sh), make it executable, and run it as a root user with the path to your input file as an argument:
input.txt
user1;group1,group2
user2;group3,group4
on the Command Line(CMD) | Terminal
chmod +x user_management.sh
./create_users.sh input.txt
Talents
HNG Internship
HNG Tech
Top comments (0)