This article details creating a bash script for automating user creation in a Linux machine with an input file containing usernames and group memberships. This script was created for the HNG Internship program and demonstrates practical scripting applications.
What does the script do?
The script accomplishes the following key tasks:
Reads User Data: It parses a user data file (user_data.txt) containing usernames and their corresponding groups (separated by semicolons).
User Creation: It creates user accounts with home directories based on the provided usernames.
Group Management: It allows specifying user groups in the user data file. If groups exist, the script adds users to the respective groups using usermod.
Home Directory Permissions: It sets appropriate permissions for user home directories.
Password Generation: It generates random passwords for each user.
Password Storage: It stores usernames and passwords in a CSV file (user_password.csv).
Logging: It logs actions throughout execution for reference and troubleshooting.
Security Considerations
The provided script demonstrates password storage in a plain text file. In a production environment, implement secure password management practices like password hashing or integration with a directory service. Additionally, the script should be run with least privilege principles in mind.
Prerequisites
Before using this file, ensure you have the following:
Linux System: The script is designed for use on Linux systems with Bash as the default shell.
Bash Shell: Basic understanding of Bash scripting is helpful.
Essential Utilities: The script utilizes utilities like useradd, groupadd, sed, chmod, openssl, chpasswd, and date. Make sure these are available on your system.
Root Privileges: The script requires running with root privileges to create user accounts and modify system directories. You can use sudo to run the script with elevated permissions.
user_data.txt File: This file needs to exist in the same directory as the script and define usernames and groups (one line per user, semicolon separated).
Explanation of the script
Script Setup:
The script starts with a #!/bin/bash line, specifying the interpreter (Bash) to execute the script.
Error Handling and Input Validation:
The script checks if it’s running with root privileges ($EUID -ne 0) using if statements. If not, it displays an error message and exits.
It verifies if the user provides the input file path using if [ -z “$1” ]. If missing, it displays an error message and exits.
User Data Processing:
It assigns the provided file path (first command-line argument) to a variable, input_file.
It opens the user data file and reads each line in a loop.
Each line is expected to be formatted as username;group1,group2,… (username followed by semicolon-separated groups).
User and Group Management:
The script extracts the username and group information from each line.
It uses useradd to create a user account with a home directory based on the username.
If groups are specified, it uses usermod to add the user to the corresponding groups listed in the user data file.
Home Directory Permissions:
The script set appropriate permissions for the user’s home directory using chmod.
Password Generation and Storage:
The script generates random passwords for each user using openssl rand -base64 12.
Script Completion and Logging:
Upon successful user creation, the script logs a completion message (log_message).
It displays a success message indicating the location of the log file (/var/log/user_management.log).
Script Usage
You can clone the script from my github page
Running the script
Clone the script using git clone git@github.com:donfolayan/hng-stage-1-project.git.
Make the script executable using chmod +x create_users.sh.
Run the script with root privileges (using sudo) and provide the user data file path as an argument:
For further exploration of system administration and automation techniques, consider exploring the HNG Internship program (https://hng.tech/hire) or the HNG Premium membership (https://hng.tech/premium) for access to additional resources and professional development opportunities.
