Automating User and Group Management in Linux with a Bash Script

Let's make your manual and tedious repetitive task of creating users and groups for new employees interesting with bash scripting to boost your productivity as a SysOps Engineer.

Before we get into the task, this take was made possible by the HNG Internship, HNG is a prestigious program designed to empower young developers and designers with practical skills and experience in software development. Participants engage in real-world projects across various disciplines, including DevOps, web and mobile app development, UI/UX design, and more. This internship is renowned for its hands-on approach, remote work opportunities, and emphasis on collaborative learning and innovation.

For more information about the HNG internship, you can visit their official website and explore their internship program.

Introduction

As a sysops engineer, managing users and groups in a Linux system can be a time-consuming task. However, with the help of automation, this process can be streamlined and made more efficient. In this article, we will explore a bash script that automates the creation of users and groups, assigns users to existing groups, generates secure passwords, and securely stores them. This article walks you through a script that reads user data from a text file and performs these tasks, ensuring secure password generation and logging all actions.

Prerequisites

• Basic Knowledge of Linux Commands

• Knowledge of the Bash Language

• Admin privileges on the system

• A text editor such as Nano, vim, vi, etc., or IDE such as VSCode.

Key Concepts

Before diving into the code, let's familiarize ourselves with some key concepts:

1. Text File: The script expects a text file as an argument. This file contains user and group information in the format username;group1,group2,group3. Each line represents a user, where username is the desired username, and group1, group2, group3 are the groups the user should be assigned to.

2. Users: Users are individuals who interact with a Linux system. Each user has a unique username and can belong to one or more groups.

3. Groups: Groups are collections of users with similar permissions and access rights. A user can belong to multiple groups.

4. Automation: Automation involves using scripts or tools to perform repetitive tasks automatically, reducing manual effort and increasing efficiency.

5. Secure Passwords: Secure passwords are randomly generated and provide a higher level of security compared to easily guessable passwords.

Script Overview

The provided bash script automates user and group management in Linux systems. Let's break down the code structure:

• Argument Check: The script checks if a text file is provided as an argument. If not, it displays a usage message and exits.

• Secure Directory Creation: The script creates a secure directory, /var/secure, to store passwords if it doesn't already exist. This directory is given appropriate permissions to ensure that only authorized users can access it.

• Text File Processing: The script reads a text file line by line, where each line contains a username and a comma-separated list of groups the user should belong to.

• User and Group Creation: For each line in the text file, the script performs the following actions:

  • Checks if the username is empty. If so, it skips to the next line.
  • Checks if the user already exists. If so, it skips to the next line.
  • Checks if the group already exists. If not, it creates the group.
  • Assigns the user to existing groups.
  • Creates the user and adds them to the specified groups.
  • Generates a random password for the user.
  • Sets the password for the user and securely stores it in /var/secure/user_passwords.txt.

• Permissions Setting: The script sets appropriate permissions for the user_passwords.txt file to ensure it is only accessible by authorized users.

• Completion Message: Finally, the script displays a completion message and suggests checking the /var/log/user_management.log file for detailed information.

Script Breakdown

Here’s a detailed explanation of the script:

Argument Check:

This code snippet checks if the number of arguments provided is not equal to 1. If so, it displays a usage message indicating the correct way to run the script and exits with a non-zero status code.

User and Group Creation:

This code snippet reads the text file line by line, where each line contains a username and a comma-separated list of groups. It performs the following actions:

- Skips the line if the username is empty.
- Checks if the user already exists. If so, it skips to the next line.
- Checks if the group already exists. If not, it creates the group.
- Assigns the user to existing groups.

Password Generation and Storage:

This code snippet generates a random password using the openssl rand command and sets it for the user. It securely stores the username and password in the /var/secure/user_passwords.txt file for future reference.

Conclusion

Automating user and group management in Linux systems can greatly simplify the process and save valuable time for sysops engineers. The provided bash script automates the creation of users and groups, assigns users to existing groups, generates secure passwords, and securely stores them. By leveraging automation, sysops engineers can focus on more critical tasks while ensuring efficient user and group management in their Linux systems.