Hey DevOps enthusiasts!
If you're anything like me, you've probably found yourself stuck in the repetitive cycle of managing user accounts and groups, especially when onboarding new employees. It's one of those essential tasks that, while critical, can eat up a lot of your valuable time. But what if I told you there's a way to automate this process, ensuring consistency, efficiency, and security?
Today, I'm excited to walk you through a nifty Bash script that takes the hassle out of user management. This script reads a text file containing usernames and groups, creates users, assigns them to groups, generates random passwords, logs all actions, and ensures that all passwords are stored securely. By the end of this tutorial, you'll have a powerful tool in your arsenal that will make user management a breeze.
I will use the bash script I completed as part of the requirements for stage1 of the HNG Internship
You can access the bash script here
Script Overview
The script create_users.sh performs the following tasks:
- Reads Input File: It reads a text file containing usernames and groups.
- Creates Users and Groups: It creates users and their primary groups, as well as additional groups if specified.
- Generates Passwords: It generates random passwords for the users.
- Logs Actions: It logs all actions to /var/log/user_management.log.
- Stores Passwords Securely: It stores the generated passwords in /var/secure/user_passwords.csv with appropriate permissions.
Key Components of the Script
- Logging: The function log_message writes messages to both the console and a log file, ensuring that actions are documented.
- Root Privileges Check: The script ensures it is run as root to perform user and group management tasks.
- Directory and File Permissions: The script ensures that the /var/secure directory and the password file have the correct permissions to prevent unauthorized access.
- User and Group Management: The script handles the creation of users and groups, adding users to their respective groups, and generating random passwords using openssl.
- Error Handling: The script includes error handling for scenarios like existing users and groups, ensuring robust execution.
Example Input File
user1;group1,group2
user2;group3
user3;
Save the code above in a plaintext file e.g. test_input.txt
Next,
Run the Script:
sudo ./create_users.sh test_input.txt
Security Considerations
- Password Storage: Passwords are stored in /var/secure/user_passwords.csv with permissions set to ensure only the owner can read the file.
- Logging: Logs are stored in /var/log/user_management.log for audit purposes.
Parting Shot
Automating user and group management with a Bash script is a game-changer for simplifying the onboarding process and ensuring consistency. This approach is not only efficient but also enhances security by ensuring proper permissions and logging. By following the principles outlined in this script, you can tailor it to meet your specific requirements.
As I continue in the journey of honing my DevOps skills, I highly recommend that you check out the HNG Internship program. It's an excellent platform for budding engineers to learn, grow, and connect with industry professionals. Dive into the details of the HNG Internship to learn more about the opportunities they offer, or explore how they can help you hire top talent for your next big project.
Happy scripting, and keep pushing the boundaries of what's possible in DevOps!
Top comments (0)