With the influx of new developers, automating the creation and management of user accounts can save significant time and reduce errors. In this article, we will walk through a Bash script designed to automate this process, ensuring that new users and their respective groups are created seamlessly.
The Script
Here’s a detailed look at the Bash script designed to manage user accounts:
!/bin/bash
Log file and secure passwords file
LOGFILE=”/var/log/user_management.log”
PASSWORD_FILE=”/var/secure/user_passwords.txt”
Ensure the secure passwords file exists and set the correct permissions
sudo mkdir -p /var/secure
sudo touch $PASSWORD_FILE
sudo chmod 600 $PASSWORD_FILE
Function to generate a random password
generate_password() {
openssl rand -base64 12
}
Check if openssl is installed
if ! command -v openssl &> /dev/null; then
echo “openssl is required but not installed. Please install it and try again.” >&2
exit 1
fi
Read the input file line by line
while IFS=’;’ read -r username groups; do
# Remove any leading or trailing whitespace
username=$(echo “$username” | xargs)
groups=$(echo “$groups” | xargs)
if ! getent group “$username” > /dev/null 2>&1; then
if sudo groupadd “$username”; then
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Group ‘$username’ created.” >> “$LOGFILE”
else
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Error creating group ‘$username’.” >> “$LOGFILE”
continue
fi
else
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Group ‘$username’ already exists.” >> “$LOGFILE”
fi
# Create the user if it does not exist
if ! id -u “$username” > /dev/null 2>&1; then
if sudo useradd -m -s /bin/bash -g “$username” “$username”; then
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – User ‘$username’ created.” >> “$LOGFILE”
# Generate a random password for the user
password=$(generate_password)
echo “$username:$password” | sudo chpasswd
echo “$username:$password” | sudo tee -a “$PASSWORD_FILE” > /dev/null
# Set ownership and permissions for the user’s home directory
sudo chown “$username”:”$username” “/home/$username”
sudo chmod 700 “/home/$username”
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Password for ‘$username’ set and stored securely.” >> “$LOGFILE”
else
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Error creating user ‘$username’.” >> “$LOGFILE”
continue
fi
else
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – User ‘$username’ already exists.” >> “$LOGFILE”
fi
# Add user to additional groups
IFS=’,’ read -ra group_array <<< “$groups”
for group in “${group_array[@]}”; do
group=$(echo “$group” | xargs)
if ! getent group “$group” > /dev/null 2>&1; then
if sudo groupadd “$group”; then
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Group ‘$group’ created.” >> “$LOGFILE”
else
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Error creating group ‘$group’.” >> “$LOGFILE”
continue
fi
fi
if sudo usermod -aG “$group” “$username”; then
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – User ‘$username’ added to group ‘$group’.” >> “$LOGFILE”
else
echo “$(date ‘+%Y-%m-%d %H:%M:%S’) – Error adding user ‘$username’ to group ‘$group’.” >> “$LOGFILE”
fi
done
done < “$1”
KEY FEATURES
Logging: All actions, including successes and errors, are logged to /var/log/user_management.log.
Password Security: Generated passwords are stored securely in /var/secure/user_passwords.txt with appropriate permissions.
User and Group Creation: Ensures users and their personal groups are created, even if the group name is not provided in the input.
Error Handling: Checks for existing users and groups to avoid conflicts.
Running the Script
To run this script, follow these steps:
Make the Script Executable:
chmod +x create_users.sh
Run the Script with Sudo:
sudo ./create_users.sh user_list.txt
Reading the Input File: The script reads each line from the input file, which contains usernames and groups separated by a semicolon. Multiple groups are separated by commas.
Example Input File:
light; sudo,dev,www-data
idimma; sudo
mayowa; dev,www-data
Conclusion
Automating user management with a Bash script can streamline the onboarding process for new developers, ensuring consistency and security. This script provides a robust solution for creating user accounts and managing their group memberships efficiently. For more insights and resources on improving your SysOps skills, explore the HNG Internship and discover how to hire talented developers from the HNG platform.
For more articles and resources, visit HNGtech/interrnship.
