Managing users on Linux systems can be daunting, especially in environments with frequent changes. As part of my online internship at https://hng.tech/internship, I've been assigned a task to develop a Bash script to automate this process. Let's dive into how this script works:
1. Initial Setup
# Check if script is run with sudo
if [ "$(id -u)" != "0" ]; then
echo "This script must be run with sudo. Exiting..."
exit 1
fi
# Redirect stdout and stderr to log file
exec > >(tee -a "$LOG_FILE") 2>&1
echo "Executing script... (note that this line will be logged twice)" | tee -a $LOG_FILE
2. Input Validation
# Check if an argument was provided
if [ $# -eq 0 ]; then
echo "No file path provided."
echo "Usage: $0 <user-data-file-path>"
exit 1
fi
# Check if the user's data file exists
if [ ! -e "$USERS_FILE" ]; then
echo "The provided user's data file does not exist: $USERS_FILE"
exit 1
fi
3. Dependency Management
# Function to check if a package is installed
is_package_installed() {
dpkg -s "$1" >/dev/null 2>&1
}
# Check if openssl is installed
if ! is_package_installed openssl; then
echo "openssl is not installed. Installing..."
sudo apt-get update
sudo apt-get install -y openssl
fi
# Check if pwgen is installed
if ! is_package_installed pwgen; then
echo "pwgen is not installed. Installing..."
sudo apt-get update
sudo apt-get install -y pwgen
fi
4. File and Directory Management
# Create the directory where the user's password file will be stored
sudo mkdir -p "$PASSWORD_FILE_DIRECTORY"
# load the content of the users.txt file into an array: lines
mapfile -t lines < "$USERS_FILE"
5. User Creation and Management
# loop over each line in the array
for line in "${lines[@]}"; do
# Remove leading and trailing whitespaces
line=$(echo "$line" | xargs)
# Split line by ';' and store the second part
IFS=';' read -r user groups <<< "$line"
# Remove leading and trailing whitespaces from the second part
user=$(echo "$user" | xargs)
groups=$(echo "$groups" | xargs)
# Check if user exists
if id "$user" &>/dev/null; then
echo "User $user already exists. Skipping creation."
continue
fi
6. Password Handling
# Generate a 6-character password using pwgen
password=$(pwgen -sBv1 6 1)
# Encrypt the password before storing it
encrypted_password=$(encrypt_password "$password" "$PASSWORD_ENCRYPTION_KEY")
# Store the encrypted password in the file
echo "$user:$encrypted_password" >> "$PASSWORD_FILE"
7. User and Group Operations
# Create the user with the generated password
sudo useradd -m -p $(openssl passwd -6 "$password") "$user"
# Set Bash as the default shell
set_bash_default_shell "$user"
# loop over each group in the groups array
for group in "${groupsArray[@]}"; do
group=$(echo "$group" | xargs)
# Check if group exists, if not, create it
if ! grep -q "^$group:" /etc/group; then
sudo groupadd "$group"
echo "Created group $group"
fi
# Add user to the group
sudo usermod -aG "$group" "$user"
echo "Added $user to $group"
done
8. Conclusion and Cleanup
# remove the created password from the current shell session
unset password
After completing this task and the follow-up tasks to stage 10 in the internship, I believe I will be ready for the job market in the DevOps field. If you are a hiring manager reading this article, you can get exceptional talent here https://hng.tech/hire. Thank you for reading my article.
Author: Ambrose Onsare
Top comments (0)