Creating a bash script that automates making an identity for a new employee as a SysOps engineer.
Habeeb BabasulaimanIntroduction
As a SysOps engineer, managing user accounts efficiently is crucial, especially when onboarding new developers. Automating this process is time-saving and reduce errors. This article explains a bash script, create_user.sh, designed to automate user creation, group assignment, secure password management and create a log file to ease troubleshooting and verification of the efficiency of this script.
This is a task given to DevOps track intern at HNG11.
Script overview
The create_users.sh script reads a text file users.txt passed as an argument containing usernames and group names, creates users and groups, sets up home directories, generates random passwords and save it in a secure location and logs all actions to /var/log/user_management.log. It also stores the generated passwords securely to a location /var/secure/user_passwords.csv.
Script Breakdown
- Check the administrative privilege of the script user
The script start by verifying the script user`s root privileges and notify the script runner that it requires root privilege.
This is so to avoid mistake while operating some command that requires sudo privilege.
if (( "$UID != 0" ))
then
echo "script requires root accessibility"
fi
- Check input file
- Verifies that script user provide additional file name
if [ -z "$1" ]
then
echo "Error: No file was provided"
echo "Usage: $0 <name-of-text-file>"
exit 1
fi
- Setup Log and Secure Password Files
- Ensure the log and secure password files exist and set appropriate permissions
LOGFILE="/var/log/user_management.log"
PASSWORD_FILE="/var/secure/user_passwords.csv"
mkdir -p /var/secure
touch $LOGFILE $PASSWORD_FILE
chmod 600 $PASSWORD_FILE
- Generate Random Passwords
Function that helps generate random password that's meant to be secured
generate_random_password() { local length="${1:-10}" tr -dc 'A-Za-z0-9!?%+=' < /dev/urandom | head -c "$leng>" }
- Process Each Line in the Input File
log_message()
2 {
1 echo "$(date '+%Y-%m-%d %H:%M:%S') - $1" >> $LOGFILE
38 }
1
2 # Function to create a user
3 create_user()
4 {
5 local username=$1
6 local groups=$2
7
8 if getent passwd "$username" > /dev/null; then
9 log_message_"User $username already exists"
10 else
11 useradd -m "$username"
12 log_message "Created user $username"
13 fi
14
15 # Add user to specified groupsgroup
16
17 groups_array="($(echo "$groups" | tr "," "\n"))"
18
19 for group in "${groups_array[@]}"; do
20 if ! getent group "$group" >/dev/null
21 then 22 groupadd "$group"
23 log_message "Created group $group"
24 fi
25 usermod -aG "$group" "$username"
26 log_message "Added user $username to group $group"
27 done
28
29 # Set up home directory permissions
30
31 chmod 700 /home/"$username"
32 chown "$username:$username /home/$username"
33 log_message "Set up home directory for user $username"
34
35 # Generate a random password
36
37 password=$(generate_random_password 12)
38 echo "$username:$password" | chpasswd
39 echo "$username,$password" >> $PASSWORD_FILE
40 log_message "Set password for user $username"
41 }
42
43 # Read the input file and create users
44
45 while IFS=';' read -r username groups; do
46 create_user "$username" "$groups"
47 echo "$username"
48 done < "$1"
49
50 log_message "Welcome! User creation process completed."
Conclusion
- The create_users.sh script automates the process of user creation, group assignment, and secure password management, ensuring efficiency and reducing the potential for errors. This approach is essential for SysOps engineers managing large teams.
For more information about the HNG Internship, visit [HNG Internship]("https://hng.tech/internship) and [HNG Hire](https://hng.tech/hire).
Thanks for reading through please do ensure to leave feedback so as to better serve my reader ๐
<i class="fab fa-whatsapp"></i>: 09018230026
Subscribe to my newsletter
Read articles from Habeeb Babasulaiman directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by