Linux User Creation Bash Script

Iheme chidera favour — Fri, 05 Jul 2024 16:38:47 +0000

[As part of the HNG Internship program, we were tasked with creating a bash script named create_users.sh to automate the creation of new users and groups on a Linux system.
Checkout (https://hng.tech/internship) and (https://hng.tech/premium) for more information]

Overview
This script, create_users.sh, automates the creation of users and their associated groups, sets up their home directories, generates random passwords, and logs all actions. The script reads from a specified text file containing usernames and group names.

Prerequisites
The script must be run with root privileges.
Ensure the input file with usernames and groups is formatted correctly and exists.

Script steps
I created a file called Create_Users.sh

Using vim editor, I created a log file , password.txt file .
Ensure my script is run as root and set up specific instructions and permissions.
Below is the content of the script.

!/bin/bash

Create log file and secure password file with proper permissions

LOG_FILE="/var/secure/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.txt"

Ensure the script is run as root

if [[ "$(id -u)" -ne 0 ]]; then
echo "This script must be run as root."
exit 1
fi

Ensure the log file exists

touch "$LOG_FILE"

Setup password file

if [[ ! -d "/var/secure" ]]; then
mkdir /var/secure
fi
if [[ ! -f "$PASSWORD_FILE" ]]; then
touch "$PASSWORD_FILE"
chmod 600 "$PASSWORD_FILE"
fi

Check if the input file is provided

if [[ -z "$1" ]]; then
echo "Usage: bash create_users.sh "
echo "$(date '+%Y-%m-%d %H:%M:%S') - ERROR: No input file provided." >> "$LOG_FILE"
exit 1
fi

Read the input file line by line

while IFS=';' read -r username groups; do
# Skip empty lines
[[ -z "$username" ]] && continue

# Remove whitespace
username=$(echo "$username" | xargs)
groups=$(echo "$groups" | xargs)

# Create user if not exists
if ! id "$username" &>/dev/null; then
    # Create the user with a home directory
    useradd -m -s /bin/bash "$username"
    if [[ $? -ne 0 ]]; then
        echo "$(date '+%Y-%m-%d %H:%M:%S') - ERROR: Failed to create user $username." >> "$LOG_FILE"
        continue
    fi
    echo "$(date '+%Y-%m-%d %H:%M:%S') - INFO: User $username created." >> "$LOG_FILE"

    # Generate a random password for the user
    password=$(openssl rand -base64 12)
    echo "$username:$password" | chpasswd

    # Save the password to the secure password file
    echo "$username,$password" >> "$PASSWORD_FILE"
    echo "$(date '+%Y-%m-%d %H:%M:%S') - INFO: Password for user $username generated and stored." >> "$LOG_FILE"
else
    echo "$(date '+%Y-%m-%d %H:%M:%S') - INFO: User $username already exists." >> "$LOG_FILE"
fi

# Create groups and add user to them
IFS=',' read -ra group_list <<< "$groups"
for group in "${group_list[@]}"; do
    group=$(echo "$group" | xargs)
    # Create group if not exists
    if ! getent group "$group" >/dev/null; then
        groupadd "$group"
        echo "$(date '+%Y-%m-%d %H:%M:%S') - INFO: Group $group created." >> "$LOG_FILE"
    fi
    # Add user to the group
    usermod -a -G "$group" "$username"
    echo "$(date '+%Y-%m-%d %H:%M:%S') - INFO: User $username added to group $group." >> "$LOG_FILE"
done

# Set ownership and permissions for the home directory
chown -R "$username:$username" "/home/$username"
chmod 700 "/home/$username"
echo "$(date '+%Y-%m-%d %H:%M:%S') - INFO: Home directory for user $username set up with appropriate permissions." >> "$LOG_FILE"

done < "$1"

echo "$(date '+%Y-%m-%d %H:%M:%S') - INFO: User creation script completed." >> "$LOG_FILE"

exit 0#

Next, I created an employees.txt file for the usernames and groups.

Granted permission to the Create_Users.sh file using chmod +x /home/kali/Desktop/HNG/Create_Users.sh (this is the file path) and sudo /home/kali/Desktop/HNG/Create_Users.sh /home/kali/Desktop/HNG/employees.txt.

Verify Execution
Input the following to verify execution

id John for user creation verification

Groups John to verify the groups John is in.

Cat /var/log/user_management.log to print log details.

Cat /car/secure/user_passwords.txt to print passwords.

Learn More About HNG Internship
The HNG Internship is a remote internship program designed to find and develop the most talented software developers. It offers a stimulating environment for interns to improve their skills and showcase their abilities through real-world tasks.
(https://hng.tech/internship)

DEV Community: Iheme chidera favour