DEV Community: Udealor Ngozika

Creating Users and Groups with Bash Script: A Comprehensive Guide

Udealor Ngozika — Sat, 06 Jul 2024 01:26:38 +0000

The ng_users.sh Script
Below is the detailed explanation of each section in the ng_users.sh script:

!/bin/bash

Log file and secure passwords file

LOGFILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.txt"

Ensure the secure passwords file exists and set the correct permissions

sudo mkdir -p /var/secure
sudo touch $PASSWORD_FILE
sudo chmod 600 $PASSWORD_FILE

Function to generate a random password

generate_password() {
openssl rand -base64 12
}

Check if openssl is installed

if ! command -v openssl &> /dev/null; then
echo "openssl is required but not installed. Please install it and try again." >&2
exit 1
fi

Read the input file line by line

while IFS=';' read -r username groups; do
# Remove any leading or trailing whitespace
username=$(echo "$username" | xargs)
groups=$(echo "$groups" | xargs)

# Create a personal group with the same name as the username
if ! getent group "$username" > /dev/null 2>&1; then
    if sudo groupadd "$username"; then
        echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$username' created." >> "$LOGFILE"
    else
        echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating group '$username'." >> "$LOGFILE"
        continue
    fi
else
    echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$username' already exists." >> "$LOGFILE"
fi

# Create the user if it does not exist
if ! id -u "$username" > /dev/null 2>&1; then
    if sudo useradd -m -s /bin/bash -g "$username" "$username"; then
        echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' created." >> "$LOGFILE"

        # Generate a random password for the user
        password=$(generate_password)
        echo "$username:$password" | sudo chpasswd
        echo "$username:$password" | sudo tee -a "$PASSWORD_FILE" > /dev/null

        # Set ownership and permissions for the user's home directory
        sudo chown "$username":"$username" "/home/$username"
        sudo chmod 700 "/home/$username"

        echo "$(date '+%Y-%m-%d %H:%M:%S') - Password for '$username' set and stored securely." >> "$LOGFILE"
    else
        echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating user '$username'." >> "$LOGFILE"
        continue
    fi
else
    echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' already exists." >> "$LOGFILE"
fi

# Add user to additional groups
IFS=',' read -ra group_array <<< "$groups"
for group in "${group_array[@]}"; do
    group=$(echo "$group" | xargs)
    if ! getent group "$group" > /dev/null 2>&1; then
        if sudo groupadd "$group"; then
            echo "$(date '+%Y-%m-%d %H:%M:%S') - Group '$group' created." >> "$LOGFILE"
        else
            echo "$(date '+%Y-%m-%d %H:%M:%S') - Error creating group '$group'." >> "$LOGFILE"
            continue
        fi
    fi
    if sudo usermod -aG "$group" "$username"; then
        echo "$(date '+%Y-%m-%d %H:%M:%S') - User '$username' added to group '$group'." >> "$LOGFILE"
    else
        echo "$(date '+%Y-%m-%d %H:%M:%S') - Error adding user '$username' to group '$group'." >> "$LOGFILE"
    fi
done

done < "$1"

Initializing Variables
We define the log file path (LOGFILE) and the secure passwords file path (PASSWORD_FILE). These files will store logs and securely store passwords, respectively.
Generating Random Passwords
We create a function called generate_password() that uses openssl to generate a random 12-character password. This function will be used later to set passwords for users.
Checking Dependencies
We check if openssl is installed. If not, we exit the script with an error message.
Reading Input File
We read the input file line by line, splitting each line into username and groups. We remove any leading or trailing whitespace.
Creating Personal Groups
For each user, we create a personal group with the same name as the username (if it doesn’t exist). We log the action in the LOGFILE.
Creating Users
If the user doesn’t exist, we create the user, set a random password, and securely store it. We also set ownership and permissions for the user’s home directory.
Adding Users to Additional Groups
We read the comma-separated groups and add the user to each group (if the group doesn’t exist). We log these actions as well.
Conclusion
The script ensures that all requirements are met, including logging and secure password storage.

Technical Article
I’ve written a detailed technical article explaining the script step by step. You can find it on the HNG website: Creating Users and Groups with Bash Script. https://hng.tech/premium ,https://hng.tech/hire.