How to Automate User Management Using Bash Scripts
Welcome, tech enthusiasts! Today, we're diving into a SysOps adventure with a heartwarming twist. We're going to create a bash script that not only gets the job done but also adds a sprinkle of humor and love to your day. 🌟
The Task
Imagine your company has just hired a bunch of new developers. As the go-to SysOps engineer, your mission (should you choose to accept it) is to write a bash script called create_
users.sh
. This script will read a text file containing the usernames and group names of these new hires, create users and groups as specified, set up home directories with the right permissions, generate random passwords, and log all actions. Plus, you'll need to store the generated passwords securely. Sounds like a lot? Don't worry, I've got you covered!
The Script
Let's break down the script step by step, with a touch of humor and affection.
#!/bin/bash
# Check if the input file is provided
if [ -z "$1" ]; then
echo "Usage: $0 <name-of-text-file>"
exit 1
fi
input_file="$1"
log_file="/var/log/user_management.log"
password_file="/var/secure/user_passwords.csv"
# Ensure log and password directories exist and are secure
mkdir -p /var/log /var/secure
touch "$log_file" "$password_file"
chmod 600 "$password_file"
# Function to generate random password
generate_password() {
tr -dc 'A-Za-z0-9' </dev/urandom | head -c 12
}
# Read input file line by line
while IFS=';' read -r username groups || [ -n "$username" ]; do
username=$(echo "$username" | xargs)
groups=$(echo "$groups" | xargs)
# Create personal group if it doesn't exist
if ! getent group "$username" >/dev/null; then
groupadd "$username"
echo "$(date): Group $username created" >> "$log_file"
else
echo "$(date): Group $username already exists" >> "$log_file"
fi
# Create user if it doesn't exist
if ! id "$username" >/dev/null 2>&1; then
useradd -m -g "$username" "$username"
echo "$(date): User $username created" >> "$log_file"
else
echo "$(date): User $username already exists" >> "$log_file"
fi
# Add user to additional groups
IFS=',' read -ra group_array <<< "$groups"
for group in "${group_array[@]}"; do
group=$(echo "$group" | xargs)
if ! getent group "$group" >/dev/null; then
groupadd "$group"
echo "$(date): Group $group created" >> "$log_file"
fi
usermod -aG "$group" "$username"
echo "$(date): User $username added to the group $group" >> "$log_file"
done
# Generate and store password
password=$(generate_password)
echo "$username,$password" >> "$password_file"
echo "$(date): Password for user $username generated and stored in" >> "$log_file"
done < "$input_file"
echo "User creation process completed successfully. Kindly Check $log_file for details."
Breaking It Down
Step 1: Check for Input File
First, we check if the user has provided an input file. If not, we gently remind them to do so and exit gracefully. Nobody likes a grumpy script!
if [ -z "$1" ]; then
echo "Usage: $0 <name-of-text-file>"
exit 1
fi
Step 2: Setup Logging and Secure Directory
We create the necessary directories and files, ensuring the password file is secure. Because security is not just a feature; it's a love language.
mkdir -p /var/log /var/secure
touch "$log_file" "$password_file"
chmod 600 "$password_file"
Step 3: Generate Random Passwords
Our script includes a function to generate random passwords. A little bit of randomness keeps life exciting, doesn't it?
generate_password() {
tr -dc 'A-Za-z0-9' </dev/urandom | head -c 12
}
Step 4: Process Each User
We read the input file line by line, create personal groups, users, and assign them to additional groups. Each action is logged, because transparency builds trust.
while IFS=';' read -r username groups || [ -n "$username" ]; do
username=$(echo "$username" | xargs)
groups=$(echo "$groups" | xargs)
...
Step 5: Create Users and Groups
If the group or user doesn't exist, we create them and log the action. If they already exist, we log that too—because everyone's contribution is valued.
if ! getent group "$username" >/dev/null; then
groupadd "$username"
echo "$(date): Group $username created" >> "$log_file"
else
echo "$(date): Group $username already exists" >> "$log_file"
fi
...
Step 6: Generate and Store Passwords
We generate a password for each user and store it securely. Because keeping secrets safe is a sign of true friendship.
password=$(generate_password)
echo "$username,$password" >> "$password_file"
echo "$(date): Password for user $username generated and stored" >> "$log_file"
Challenges and Triumphs
Working on this task, I faced a couple of interesting challenges:
Ensuring Secure Storage: Storing passwords securely in
/var/secure
was crucial. The challenge was to make sure the file permissions were correctly set to prevent unauthorized access. This required careful attention to detail and a thorough understanding of Linux file permissions.Handling Existing Users and Groups: Managing scenarios where users or groups already existed was another hurdle. The script had to handle these cases gracefully without breaking the flow. It taught me the importance of robust error handling and logging.
Balancing Simplicity and Functionality: Writing a script that is both simple to understand and rich in functionality is an art. It required striking a balance between keeping the code readable and ensuring it meets all requirements.
Despite these challenges, the journey was immensely rewarding. I honed my skills in bash scripting, file handling, user management, and security practices. Plus, adding a bit of humor and love to the process made it all the more enjoyable!
Conclusion
And there you have it—a bash script that creates users, groups, and does it all with a sprinkle of love and humor.
For more information on how to embark on exciting tech adventures like this one, check out the HNG Internship Program here, or find out how to hire talented developers here. The HNG program is a treasure trove of opportunities, and it's open for all to explore.
Happy scripting! 🌟