DEV Community: Onyeka Ekwunife The latest articles on DEV Community by Onyeka Ekwunife (@onyeka_embedded). https://dev.to/onyeka_embedded https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1714345%2Faf8765cf-d251-4810-b854-1dae8c32b5c8.jpg DEV Community: Onyeka Ekwunife https://dev.to/onyeka_embedded en How To Automate The Creation Of Users And Groups In Linux Using Bash Script. Onyeka Ekwunife Tue, 02 Jul 2024 23:00:16 +0000 https://dev.to/onyeka_embedded/how-to-automate-the-creation-of-users-and-groups-in-linux-using-bash-script-33am https://dev.to/onyeka_embedded/how-to-automate-the-creation-of-users-and-groups-in-linux-using-bash-script-33am <p><strong>INTRODUCTION</strong><br> Imagine you work in very big firm, and your company recruited about 100 new staffs and you are saddle with the responsibility of creating user accounts for them as well as adding them to different groups in a Linux system.</p> <p>Performing this tasks manually can be very tiring and also error prone. In this post, I will walk you through the process of automating this process using a BASH script. </p> <p><strong>REQUIREMENTS</strong></p> <ul> <li>Linux machine</li> <li>Basic knowledge of scripting </li> <li>A .txt file that contain names of the employees(users) and their groups N/B: The usernames and groups should be separated by ';', and in a situation where a user belongs to more than one group, the groups should be separated with a comma(','). check example below;</li> </ul> <p><em>employees.txt</em><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Onyeka;electronics,devOps Charles;admin Bukola;marketing </code></pre> </div> <p><strong>Step 1</strong><br> Open your terminal and create a script named create_users.sh, you can use nano or vim</p> <p><code>nano create_users.sh</code></p> <p><strong>Step 2</strong><br> Let's create directories for storing the generated users and their passwords, also the log files. We'll make sure shebang (#!/bin/bash) is added on top of the script before every other thing.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c">#create main directory to save files</span> <span class="nb">mkdir </span>var <span class="nb">cd </span>var <span class="c">#move inside the created dir</span> <span class="c">#create log folder and user_mgt.log inside the folder</span> <span class="nb">mkdir </span>log <span class="o">&amp;&amp;</span> <span class="nb">touch </span>log/user_management.log <span class="c">#create secure folder and user_passwd file inside the folder</span> <span class="nb">mkdir </span>secure <span class="o">&amp;&amp;</span> <span class="nb">touch </span>secure/user_passwords.txt <span class="c">#Read and Write permission for the owner only</span> <span class="nb">chmod </span>700 secure <span class="c"># go back to the home dir</span> <span class="nb">cd</span> .. </code></pre> </div> <p>As shown above, the script will create a dir named var, inside the var dir, two more folders are created named log and secure with user_management.log and user_passwords.txt inside them respectively. Then restrict access to secure folder using #chmod.</p> <p><strong>Step 3</strong><br> Here, we'll create functions for generating random password, creating new user, new group and adding created users to different groups.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#function to generate password</span> generate_password<span class="o">()</span> <span class="o">{</span> <span class="nb">local </span><span class="nv">password</span><span class="o">=</span><span class="si">$(</span>openssl rand <span class="nt">-base64</span> 12<span class="si">)</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$password</span><span class="s2">"</span> <span class="o">}</span> <span class="c">#Create users, groups and generate password</span> <span class="c">#for them, then assign groups to the created users</span> <span class="c">#function to create users</span> createUser<span class="o">(){</span> <span class="nb">local </span><span class="nv">user</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="nb">id</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> &amp;&gt;/dev/null <span class="k">if</span> <span class="o">[</span> <span class="nv">$?</span> <span class="nt">-eq</span> 1 <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c">#check if user is existing</span> <span class="nb">sudo </span>useradd <span class="nt">-m</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"user </span><span class="nv">$user</span><span class="s2"> created"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2"> already created"</span> <span class="k">fi</span> <span class="o">}</span> <span class="c">#function to create group</span> createGroup<span class="o">(){</span> <span class="nb">local </span><span class="nv">group</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> getent group <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> &amp;&gt;/dev/null <span class="k">if</span> <span class="o">[</span> <span class="nv">$?</span> <span class="nt">-eq</span> 2 <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c">#check if group has been created</span> <span class="nb">sudo </span>groupadd <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"group </span><span class="nv">$group</span><span class="s2"> created"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2"> already created"</span> <span class="k">fi</span> <span class="o">}</span> <span class="c">#function to add users to group</span> addUser_to_group<span class="o">(){</span> <span class="nb">local </span><span class="nv">user</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="nb">local </span><span class="nv">group</span><span class="o">=</span><span class="s2">"</span><span class="nv">$2</span><span class="s2">"</span> <span class="nb">sudo </span>usermod <span class="nt">-aG</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2"> added to group: </span><span class="nv">$group</span><span class="s2">"</span> <span class="o">}</span> </code></pre> </div> <p><strong>Step 4</strong><br> This is the 'MAIN' entry point of the script. Firstly, we use the code below to check the argument (.txt file that contains users and their groups) provided for validation purposes, then save the file in a variable (user_file).<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="k">if</span> <span class="o">[[</span> <span class="nv">$# </span><span class="nt">-ne</span> 1 <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"error: check the file provided"</span> <span class="nb">exit </span>1 <span class="k">fi</span> <span class="c"># user details</span> <span class="nv">user_file</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> </code></pre> </div> <p>After that, we read the file line by line, validate it, create users, create group and generate passwords for the users as shown in the code snippet below.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$user_file</span><span class="s2">"</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"user file not found!"</span> <span class="nb">exit </span>1 <span class="k">fi</span> <span class="c"># Read the file line by line</span> <span class="k">while </span><span class="nv">IFS</span><span class="o">=</span><span class="s2">";"</span> <span class="nb">read</span> <span class="nt">-r</span> user <span class="nb">groups</span><span class="p">;</span> <span class="k">do </span><span class="nv">user</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$user</span> | xargs<span class="si">)</span> <span class="c"># Check to know if user and group</span> <span class="c"># contains strings for validation</span> <span class="k">if</span> <span class="o">[[</span> <span class="nt">-z</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="o">&amp;&amp;</span> <span class="nt">-z</span> <span class="s2">"</span><span class="nv">$groups</span><span class="s2">"</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"Empty entry!!"</span> <span class="k">else</span> <span class="c">#create group and user if they don't exist</span> createUser <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> createGroup <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="c">#create group with the same name as the user</span> <span class="nb">sudo </span>usermod <span class="nt">-aG</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="c">#extract the groups one by one</span> <span class="nv">IFS</span><span class="o">=</span><span class="s1">','</span> <span class="nb">read</span> <span class="nt">-ra</span> group_array <span class="o">&lt;&lt;&lt;</span> <span class="s2">"</span><span class="nv">$groups</span><span class="s2">"</span> <span class="k">for </span>group <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">group_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do </span><span class="nv">group</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$group</span> | xargs<span class="si">)</span> createGroup <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> addUser_to_group <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="k">done </span><span class="nv">password</span><span class="o">=</span><span class="si">$(</span>generate_password<span class="si">)</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">:</span><span class="nv">$password</span><span class="s2">"</span> | <span class="nb">sudo </span>chpasswd <span class="nb">echo</span> <span class="s2">"password assigned to </span><span class="nv">$user</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">,</span><span class="nv">$password</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> ./var/secure/user_passwords.txt <span class="c">#PASSWD_PATH</span> <span class="k">fi done</span> &lt; <span class="s2">"</span><span class="nv">$user_file</span><span class="s2">"</span> </code></pre> </div> <p><strong>Complete Code</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#!/bin/bash</span> <span class="c">#create main directory to save files</span> <span class="nb">mkdir </span>var <span class="nb">cd </span>var <span class="c">#move inside the created dir</span> <span class="c">#create log folder and user_mgt.log inside the folder</span> <span class="nb">mkdir </span>log <span class="o">&amp;&amp;</span> <span class="nb">touch </span>log/user_management.log <span class="c">#create secure folder and user_passwd file inside the folder</span> <span class="nb">mkdir </span>secure <span class="o">&amp;&amp;</span> <span class="nb">touch </span>secure/user_passwords.txt <span class="c">#Read and Write permission for the owner only</span> <span class="nb">chmod </span>700 secure <span class="c"># go back to the home dir</span> <span class="nb">cd</span> .. <span class="c">#LOG_FILE_PATH=./var/log/user_management.log</span> <span class="c">#PASSWD_PATH=./var/secure/user_password.txt</span> <span class="c">#function to generate password</span> generate_password<span class="o">()</span> <span class="o">{</span> <span class="nb">local </span><span class="nv">password</span><span class="o">=</span><span class="si">$(</span>openssl rand <span class="nt">-base64</span> 12<span class="si">)</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$password</span><span class="s2">"</span> <span class="o">}</span> <span class="c">#Create users, groups and generate password</span> <span class="c">#for them, then assign groups to the created users</span> <span class="c">#function to create users</span> createUser<span class="o">(){</span> <span class="nb">local </span><span class="nv">user</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="nb">id</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> &amp;&gt;/dev/null <span class="k">if</span> <span class="o">[</span> <span class="nv">$?</span> <span class="nt">-eq</span> 1 <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c">#check if user is existing</span> <span class="nb">sudo </span>useradd <span class="nt">-m</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"user </span><span class="nv">$user</span><span class="s2"> created"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2"> already created"</span> <span class="k">fi</span> <span class="o">}</span> <span class="c">#function to create group</span> createGroup<span class="o">(){</span> <span class="nb">local </span><span class="nv">group</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> getent group <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> &amp;&gt;/dev/null <span class="k">if</span> <span class="o">[</span> <span class="nv">$?</span> <span class="nt">-eq</span> 2 <span class="o">]</span><span class="p">;</span> <span class="k">then</span> <span class="c">#check if group has been created</span> <span class="nb">sudo </span>groupadd <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"group </span><span class="nv">$group</span><span class="s2"> created"</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2"> already created"</span> <span class="k">fi</span> <span class="o">}</span> <span class="c">#function to add users to group</span> addUser_to_group<span class="o">(){</span> <span class="nb">local </span><span class="nv">user</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="nb">local </span><span class="nv">group</span><span class="o">=</span><span class="s2">"</span><span class="nv">$2</span><span class="s2">"</span> <span class="nb">sudo </span>usermod <span class="nt">-aG</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2"> added to group: </span><span class="nv">$group</span><span class="s2">"</span> <span class="o">}</span> <span class="c">########## MAIN ENTRY POINT OF THE SCRIPT ##############</span> <span class="c">#Read and validate .txt file containing</span> <span class="c">#employees username and groups</span> <span class="c"># Check if the correct number of arguments is provided</span> <span class="o">(</span> <span class="k">if</span> <span class="o">[[</span> <span class="nv">$# </span><span class="nt">-ne</span> 1 <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"error: check the file provided"</span> <span class="nb">exit </span>1 <span class="k">fi</span> <span class="c"># user details</span> <span class="nv">user_file</span><span class="o">=</span><span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="c"># Check if the file exists</span> <span class="k">if</span> <span class="o">[[</span> <span class="o">!</span> <span class="nt">-f</span> <span class="s2">"</span><span class="nv">$user_file</span><span class="s2">"</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"user file not found!"</span> <span class="nb">exit </span>1 <span class="k">fi</span> <span class="c"># Read the file line by line</span> <span class="k">while </span><span class="nv">IFS</span><span class="o">=</span><span class="s2">";"</span> <span class="nb">read</span> <span class="nt">-r</span> user <span class="nb">groups</span><span class="p">;</span> <span class="k">do </span><span class="nv">user</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$user</span> | xargs<span class="si">)</span> <span class="c"># Check to know if user and group</span> <span class="c"># contains strings for validation</span> <span class="k">if</span> <span class="o">[[</span> <span class="nt">-z</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="o">&amp;&amp;</span> <span class="nt">-z</span> <span class="s2">"</span><span class="nv">$groups</span><span class="s2">"</span> <span class="o">]]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"Empty entry!!"</span> <span class="k">else</span> <span class="c">#create group and user if they don't exist</span> createUser <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> createGroup <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="c">#create group with the same name as the user</span> <span class="nb">sudo </span>usermod <span class="nt">-aG</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="c">#extract the groups one by one</span> <span class="nv">IFS</span><span class="o">=</span><span class="s1">','</span> <span class="nb">read</span> <span class="nt">-ra</span> group_array <span class="o">&lt;&lt;&lt;</span> <span class="s2">"</span><span class="nv">$groups</span><span class="s2">"</span> <span class="k">for </span>group <span class="k">in</span> <span class="s2">"</span><span class="k">${</span><span class="nv">group_array</span><span class="p">[@]</span><span class="k">}</span><span class="s2">"</span><span class="p">;</span> <span class="k">do </span><span class="nv">group</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$group</span> | xargs<span class="si">)</span> createGroup <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> addUser_to_group <span class="s2">"</span><span class="nv">$user</span><span class="s2">"</span> <span class="s2">"</span><span class="nv">$group</span><span class="s2">"</span> <span class="k">done </span><span class="nv">password</span><span class="o">=</span><span class="si">$(</span>generate_password<span class="si">)</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">:</span><span class="nv">$password</span><span class="s2">"</span> | <span class="nb">sudo </span>chpasswd <span class="nb">echo</span> <span class="s2">"password assigned to </span><span class="nv">$user</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$user</span><span class="s2">,</span><span class="nv">$password</span><span class="s2">"</span> <span class="o">&gt;&gt;</span> ./var/secure/user_passwords.txt <span class="c">#Log the generated user and password to user_passwords.txt</span> <span class="k">fi done</span> &lt; <span class="s2">"</span><span class="nv">$user_file</span><span class="s2">"</span> <span class="o">)</span> | <span class="nb">tee</span> <span class="nt">-a</span> ./var/log/user_management.log <span class="c">#Log all actions to user_management.txt</span> </code></pre> </div> <p>finally, make sure the script is executable by running the following command.</p> <p><code>chmod +x create_users.sh</code></p> <p><strong>How To Use The Script</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> ./create_users.sh employee.txt #where employee.txt contains user;group(s) </code></pre> </div> linux aws devops cloudcomputing