[arch-releng] Add Groups and Users
This code is to try and easily add groups and users during the installation process. It uses the standard commands 'groupadd' and 'useradd'. Comments and suggestions welcome. # # Add Groups and Users # Proof of Concept # # ToDo: # Make into funtions for possible acceptance to core AIF # Add Logging for Report # How to handle root? - separate function? # Make generated passwords stronger? # Create Users should be run after files are in /etc/skel/ # groups >=101 users >=1000 # groups to be created in GID order, :GID Optional # # ADD_GROUPS="Group_Name[:GID] \ 2nd \ 3rd etc" # ADD_USERS="User_Login[:Comment/Full_Name][:Secondary_Groups][:UID:Hashed_Password] \ 2nd \ 3rd etc]" # [] - optional # only use single space between accounts - No Other Spaces!!! #comma separated Secondary Groups # Dummy Data - errors on purpose ADD_GROUPS="staff:102 accounts:104 shop sect27" ADD_USERS="fred:Fred_Nerk:staff,audio:100:cZSBdQp32G6Bw \ mary:Mary_Smith:staff,accounts,audio,optical,scanner \ caesar \ tommy::audio \ AnTon:freak_shoes::104a" # # Create Groups # if [ ! -z "$ADD_GROUPS" ]; then for i in $ADD_GROUPS; do if [[ "${i/*:/}" -ge 101 ]]; then echo "groupadd -g "${i/*:/}" "${i/:*/}"" else echo "groupadd "${i}"" fi done fi # # Create Users # if [ ! -z "$ADD_USERS" ]; then for i in ${ADD_USERS}; do USERLOGIN=$(echo ${i/:*/} | tr "[:upper:]" "[:lower:]") COMMENT=$(echo "${i//_/ }" | awk 'BEGIN { FS = ":" } ; { print $2 }') if [ ! -z "${COMMENT}" ]; then COMMENT=" -c ${COMMENT}" fi USER_GROUPS=$(echo "${i}" | awk 'BEGIN { FS = ":" } ; { print $3 }') if [ ! -z "${USER_GROUPS}" ]; then USER_GROUPS=" -G ${USER_GROUPS}" fi USERID=$(echo "${i}" | awk 'BEGIN { FS = ":" } ; { print $4 }' | sed 's/[A-Za-z]*//g') if [[ ! -z "${USERID}" && "${USERID}" -ge 1000 ]]; then USERID=" -u ${USERID}" else USERID="" fi USERHASH=$(echo "${i}" | awk 'BEGIN { FS = ":" } ; { print $5 }') if [ ! -z "${USERHASH}" ]; then USERHASH=" -p ${USERHASH}" else UPT=$(echo `</dev/urandom tr -dc A-Za-z | head -c8`) SLT=$(echo `</dev/urandom tr -dc A-Za-z0-9 | head -c2`) USERHASH=" -p $(perl -e "print crypt( ${UPT} , ${SLT} )")" ADMINPASS="${ADMINPASS} ${USERLOGIN} ${UPT}" fi # Add the User echo "useradd${COMMENT} -d /home/${USERLOGIN} -g users${USER_GROUPS} -k${USERHASH} -s /bin/bash${USERID} ${USERLOGIN}" # Force User to Change Password on First Login # Enable Timeouts on User Accounts echo "passwd -e -w 7 -x 90 -i 120 ${USERLOGIN}" done fi # LOG # Send Email to Admin echo "${ADMINPASS}"
participants (1)
-
Jud