Automating User and Group Creation Using Bash script

Adebimpe peter — Tue, 02 Jul 2024 14:29:39 +0000

Automating the creation of users and groups can help with administrative tasks and ensure adequate consistency across systems. This demonstrates how to create a Bash script that reads user and group information from a file and processes it accordingly.

Below is a Bash script that reads from a file called users.txt, which contains usernames and groups, and then creates the users and groups on the system.

#!/bin/bash

# Check if running as root
if [[ $UID -ne 0 ]]; then
   echo "This script must be run as root"
   exit 1
fi

# Define the input file, log file, and secure password file
INPUT_FILE="$1"
LOG_FILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.csv"

# Check if the input file was provided and exists
if [[ -z "$INPUT_FILE" ]]; then
   echo "No input file provided."
   exit 1
fi
if [[ ! -f "$INPUT_FILE" ]]; then
   echo "File $INPUT_FILE not found."
   exit 1
fi

# Create the log file and password file if they don't exist
touch "$LOG_FILE"
mkdir -p /var/secure
touch "$PASSWORD_FILE"

# Function to generate a random password
generate_password() {
  tr -dc A-Za-z0-9 </dev/urandom | head -c 12
}

# Function to log messages
log_message() {
  echo "$1" | tee -a "$LOG_FILE"
}

log_message "Backing up created files"
# Backup existing files
cp "$PASSWORD_FILE" "${PASSWORD_FILE}.bak"
cp "$LOG_FILE" "${LOG_FILE}.bak"

# Set permissions for password file
chmod 600 "$PASSWORD_FILE"

# Read the input file line by line
while IFS=';' read -r username groups || [[ -n "$username" ]]; do
   # Ignore whitespace
  username=$(echo "$username" | sed 's/ //g')
  groups=$(echo "$groups" | sed 's/ //g')

  # Parse the username and groups
  echo "$username"
  echo "$groups"

  # Create the user and their personal groups if they don't exist
  if id "$username" &>/dev/null; then
      log_message "User $username already exists. Skipping..."
  else
      # Create personal groups for the user
      groupadd "$username"
      # Create user with their personal groups
      useradd -m -s /bin/bash -g "$username" "$username"
      if [ $? -eq 0 ]; then
          log_message "User $username created with home directory."
      else
          log_message "Failed to create user $username."
          continue
      fi
      # Generate a random password and set it for the user
      PASSWORD=$(generate_password)
      echo "$username,$PASSWORD"
      if [ $? -eq 0 ]; then
          log_message "Password for user $username set."
      else
          log_message "Failed to set password for user $username."
      fi
      # Store the password securely
      echo "$username,$PASSWORD" >> "$PASSWORD_FILE"
      # Set the correct permissions for the home directory
      chmod 700 /home/"$username"
      chown "$username":"$username" /home/"$username"
      log_message "Home directory permissions set for user $username."
  fi

  # Add user to additional groups
  if [ -n "$groups" ]; then
      IFS=',' read -r -a groups_ARRAY <<< "$groups"
      for groups in "${groups_ARRAY[@]}"; do
          # Create groups if it doesn't exist
          if ! getent group "$groups" > /dev/null 2>&1; then
              groupadd "$groups"
              log_message "group $groups created."
          fi
          # Add user to the groups
          usermod -a -G "$groups" "$username"
          if [ $? -eq 0 ]; then
              log_message "User $username added to groups $groups."
          else
              log_message "Failed to add user $username to groups $groups."
          fi
      done
  fi
done < "$INPUT_FILE"
log_message "User creation process completed."

Breakdown of the script

Check if Running as Root:

if [[ $UID -ne 0 ]]; then
   echo "This script must be run as root"
   exit 1
fi

Define Input, Log, and Password Files:

INPUT_FILE="$1"
LOG_FILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.csv"

Check if Input File Exists:

if [[ -z "$INPUT_FILE" ]]; then
   echo "No input file provided."
   exit 1
fi
if [[ ! -f "$INPUT_FILE" ]]; then
   echo "File $INPUT_FILE not found."
   exit 1
fi

Create Log and Password Files:

touch "$LOG_FILE"
mkdir -p /var/secure
touch "$PASSWORD_FILE"

Generate Random Password and log message functions:

generate_password() {
  tr -dc A-Za-z0-9 </dev/urandom | head -c 12
}

log_message() {
  echo "$1" | tee -a "$LOG_FILE"
}

Backup Existing Files:


log_message "Backing up created files"
cp "$PASSWORD_FILE" "${PASSWORD_FILE}.bak"
cp "$LOG_FILE" "${LOG_FILE}.bak"

Set Permissions for Password File:

chmod 600 "$PASSWORD_FILE"

Read Input File and Process Each Line:

while IFS=';' read -r username groups || [[ -n "$username" ]]; do
   username=$(echo "$username" | sed 's/ //g')
   groups=$(echo "$groups" | sed 's/ //g')

Create User and Groups:

if id "$username" &>/dev/null; then
    log_message "User $username already exists. Skipping..."
else
    groupadd "$username"
    useradd -m -s /bin/bash -g "$username" "$username"
    if [ $? -eq 0 ]; then
        log_message "User $username created with home directory."
    else
        log_message "Failed to create user $username."
        continue
    fi
    PASSWORD=$(generate_password)
    echo "$username,$PASSWORD"
    if [ $? -eq 0 ]; then
        log_message "Password for user $username set."
    else
        log_message "Failed to set password for user $username."
    fi
    echo "$username,$PASSWORD" >> "$PASSWORD_FILE"
    chmod 700 /home/"$username"
    chown "$username":"$username" /home/"$username"
    log_message "Home directory permissions set for user $username."
fi

Add User to Additional Groups:

if [ -n "$groups" ]; then
    IFS=',' read -r -a groups_ARRAY <<< "$groups"
    for groups in "${groups_ARRAY[@]}"; do
        if ! getent group "$groups" > /dev/null 2>&1; then
            groupadd "$groups"
            log_message "group $groups created."
        fi
        usermod -a -G "$groups" "$username"
        if [ $? -eq 0 ]; then
            log_message "User $username added to groups $groups."
        else
            log_message "Failed to add user $username to groups $groups."
        fi
    done
fi

Complete User Creation Process:

done < "$INPUT_FILE"
log_message "User creation process completed."

Example users.txt File
Here is an example of what the users.txt file might look like:

light; umanager,datadev,devops
tosingh; datadev,devops
peter; umanager

Running the Script

Save the script to a file, e.g., create_users.sh.
Ensure the script is executable
Run the script with the input file as an argument

chmod +x create_users.sh
sudo ./create_users.sh users.txt

After running , the password and log location should contain information needed.

you can learn more about this and so much more by registering on HNG

DEV Community: Adebimpe peter

Automating User and Group Creation Using Bash script

Breakdown of the script