Managing users and groups on a Linux system can be a cumbersome task, especially when dealing with a large number of users, automating the creation and management of user accounts can save significant time and reduce errors. This article will walk through a Bash script designed to automate this process, ensuring that new users and their respective groups, logs and passwords are created seamlessly.
Overview
This script performs the following tasks:
- Checks and installs necessary dependencies.
- Creates secure files and sets appropriate permissions.
- Reads user and group data from an input file.
- Creates groups and users as specified.
- Assign passwords to users and store them securely.
- Log all actions for auditing purposes.
The Script
Here's a detailed look at the Bash script designed to manage user accounts:
#!/bin/bash
# Log file and secure passwords file
LOGFILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.txt"
# Ensure the secure passwords file exists and set the correct permissions
sudo mkdir -p /var/secure
sudo touch $PASSWORD_FILE
sudo chmod 600 $PASSWORD_FILE
# Function to generate a random password
generate_password() {
openssl rand -base64 12
}
# Check if openssl is installed
if ! command -v openssl &> /dev/null; then
echo "openssl is required but not installed. Please install it and try again." >&2
exit 1
fi
#Read the input file line by line
while IFS=';' read -r username groups; do
# Remove any leading or trailing whitespace
username=$(echo "$username" | xargs)
groups=$(echo "$groups" | xargs)
# Create a personal group with the same name as the username
if ! getent group "$username" > /dev/null 2>&1; then
if sudo groupadd "$username"; then
echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$username' created." >> "$LOGFILE"
else
echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating group '$username'." >> "$LOGFILE"
continue
fi
else
echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$username' already exists." >> "$LOGFILE"
fi
# Create the user if it does not exist
if ! id -u "$username" > /dev/null 2>&1; then
if sudo useradd -m -s /bin/bash -g "$username" "$username"; then
echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' created." >> "$LOGFILE"
# Generate a random password for the user
password=$(generate_password)
echo "$username:$password" | sudo chpasswd
echo "$username:$password" | sudo tee -a "$PASSWORD_FILE" > /dev/null
# Set ownership and permissions for the user's home directory
sudo chown "$username":"$username" "/home/$username"
sudo chmod 700 "/home/$username"
echo "$(date '+%Y-%m-%d %H:%M:%S') - Password for '$username' set and stored securely." >> "$LOGFILE"
else
echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating user '$username'." >> "$LOGFILE"
continue
fi
else
echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' already exists." >> "$LOGFILE"
fi
# Add user to additional groups
IFS=',' read -ra group_array <<< "$groups"
for group in "${group_array[@]}"; do
group=$(echo "$group" | xargs)
if ! getent group "$group" > /dev/null 2>&1; then
if sudo groupadd "$group"; then
echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$group' created." >> "$LOGFILE"
else
echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating group '$group'." >> "$LOGFILE"
continue
fi
fi
if sudo usermod -aG "$group" "$username"; then
echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' added to group '$group'." >> "$LOGFILE"
else
echo "$(date '+%Y-%m-%d %H:%M:%S') - Error adding user '$username' to group '$group'." >> "$LOGFILE"
fi
done
done < "$1"
KEY FEATURES
Logging: All actions, including successes and errors, are logged to /var/log/user_management.log
.
Password Security: Generated passwords are stored securely in /var/secure/user_passwords.txt
with appropriate permissions.
User and Group Creation: Ensures users and their personal groups are created, even if the group name is not provided in the input.
Error Handling: Checks for existing users and groups to avoid conflicts.
Running the Script
To run this script, follow these steps:
- To make the Script Executable:
chmod +x create_users.sh
Run the Script with Sudo:
sudo ./create_users.sh user_list.txt
Reading the Input File: The script reads each line from the input file containing usernames and groups separated by a semicolon. Multiple groups are separated by commas.
Example Input File:
light; sudo,dev,www-data
idimma; sudo
mayowa; dev,www-data
This input creates users Light,idimma, and Mayowa assigning them to the specified groups.
Conclusion
Automating user management with a Bash script can streamline the onboarding process for new developers, ensuring consistency and security. This script provides a robust solution for creating user accounts and managing group memberships efficiently. For more insights and resources on improving your SysOps skills, explore the HNG Internship and discover how to hire talented developers from the [HNG platform] https://hngtech/hire.
For more articles and resources, visit (https://hng.tech/premium)
Top comments (0)