Automating User Creation in Linux with a Bash Script

Managing users on a Linux system is a crucial administrative task. If you're frequently adding users, automating the process with a Bash script can save time and reduce errors. In this blog, we'll walk through a powerful script that creates a user, assigns a password, and forces them to change it upon first login. Let's dive in!

Why Automate User Creation?

Creating users manually using useradd and passwd works fine, but it can be tedious when handling multiple accounts. Automation ensures consistency and efficiency, reducing the risk of misconfigurations.

The Bash Script

Below is the script that automates user creation:

#!/bin/bash

# Ensure the script is run as root
if [[ "${UID}" -ne 0 ]];  # UID=0 -> root user
 then        
    echo "Please run with sudo or root."
    exit 1
fi

# Require at least a username argument
if [[ "${#}" -lt 1 ]];
 then
    echo "Usage: ${0} USER_NAME (Mandatory) [COMMENT]..."
    exit 1
fi

# Store username and optional comment
USER_NAME="${1}"
shift
COMMENT="${@}"  

# Generate a random password
PASSWORD=$(date +%s%N)

# Create the user
useradd -c "${COMMENT}" -m "$USER_NAME"
if [[ $? -ne 0 ]];             # If the previous command fails then only execute this
then       
    echo "The account could not be created"
    exit 1
fi

# Set the password for the user
echo "${USER_NAME}:${PASSWORD}" | chpasswd
if [[ $? -ne 0 ]];              # If the previous command fails then only execute this
then  
    echo "Password could not be set"
    exit 1
fi

# Force password change on first login
passwd -e "$USER_NAME"    # The user will be required to change their password upon first login.

# Display credentials
echo
echo "Username: $USER_NAME"
echo
echo "Password: $PASSWORD"
echo
echo "$(hostname)"

Breaking Down the Key Sections

1. Ensuring the Script Runs as Root

if [[ "${UID}" -ne 0 ]];  # user must have right permission or he must be root user to execute the script.
then
    echo "Please run with sudo or root."  
    exit 1
fi

Since only root can create users, this check ensures the script isn't run by an unprivileged user.

2. Generating a Secure Password

PASSWORD=$(date +%s%N) # Generates the complex password. date -> in sec + in nano ssec

This command creates a password using the current system timestamp (seconds + nanoseconds). Since timestamps are always unique, this ensures randomness.

3. Setting the User’s Password

echo "${USER_NAME}:${PASSWORD}" | chpasswd    # chpasswd -> to set the password non-interactively.

Instead of using passwd, which requires manual input, we use chpasswd to set the password non-interactively. The echo command formats it as username:password before passing it to chpasswd.

Running the Script

To use this script:

1. Save it as create_user.sh.

2. Give it execute permissions: chmod +x create_user.sh

3. Run it with root privileges:

    sudo ./create_user.sh newuser "New User Account"
   

The output will show the username and generated password. The user will be required to change their password upon first login.

omkar@Om-ThinkPad-T490:~/projects$ sudo ./create_user.sh newuser1 "New User Account" 
passwd: password expiry information changed.
Username: newuser1

Password: 1739345135373630874

Hostname: Om-ThinkPad-T490

omkar@Om-ThinkPad-T490:~/projects$ su - newuser1
Password: 1739345135373630874
You are required to change your password immediately (administrator enforced).
Changing password for newuser1.
Current password:xxxxxxxxxxxxxxxxxxx

Conclusion

This Bash script provides an efficient way to automate user creation in Linux. By using chpasswd for password assignment and enforcing password updates, it ensures security while streamlining administration. Automating repetitive tasks like this can significantly improve system management and reduce human errors.

Have any questions or suggestions? Let me know in the comments!