Create new user account and password in shell script
I am trying to create a shell script that will:
check if a specific user already exists
if not, create a specific group and create the user in that group
assign a password to that user, where the password is passed in as a parameter to the script
The problem that I need help with is 3 on Solaris and AIX.
I can do 1 (using the id command) and 2 (using mkgroup or groupadd and useradd commands), but setting the password is where I am having problems. I have got it to work on Linux by redirecting input to the passwd command but I can not find how to get the same functionality to work on AIX and Solaris. This is what I have so far:
I've searched the forums and found some similar postings but nothing seems to answer exactly what I'm looking for.
Some additional information that might preempt some questions:
the script will only be run by the root user
there is not an issue with storing the password unencrypted in a flat file because it will be entered by the user as a parameter at run-time
the script has to be executable on Linux X86, Linux s390x, Solaris 10, and AIX 6
the script can not use any command, utility, or any other software that is not installed on the OS by default, so an answer along the lines of "download and install this..." is no good to me.
I can not use an answer that involves using perl
I can not use an answer that involves using the expect command
If it can't be done, because of something like OS security restrictions and limitations, then please let me know and I'll stop trying to script it!
Thanks in advance for any help or pointers that anyone can provide.
Hi All,
I'm using solaris 2.8, and I want create a new ftp user account with the following restrictions:
- Have only ftp access, no telnet or rlogin
- Have restricted access to its home directory example /export/home/newuser
- Deny access to any other directory.
Thanks for your help,
... (6 Replies)
My company has about 40 databases with each database in a different logical partition. Presently the SysAdmin person says it is necessary to create a user profile (login and password for each instance of databases on each LPAR.
1. Is it necessary that the user must be created in each LPAR?
2.... (1 Reply)
hello friends,
one user is created named "user1"
I login as "user1" . Now when i do "su -" to be root user I have to give password for root .
Is there any way through which we can skip giving the password to root.
i.e.
user1@work:~$ su -
Password: xxxxxx
work:~$
I don't want that... (1 Reply)
Hi All,
I have one requirment..
I need to change my id to some sudo account in a server.. Actually our username/passwd will be stored in one gip file like below...
$cat .a.gz #It's hidden file
username
passwd
$
So I tried the below script to pass the password when i sudo to... (7 Replies)
hi guys
I have Centos 5.4
The idea is lock the user account for 3 minutes after he has entered his password incorrectly 3 times.
I've modified /etc/pam.d/system-auth
auth required pam_tally.so onerr=fail per_user deny=3
account required pam_tally.so resetbesides... (3 Replies)
Hi Folks,
I had a request to create the user request. Between, I just write a script a create, Update Geos, and update the password. My script as below:
The error message, what I am getting is all the users are updated with the same Goes value..
#!/bin/bash
for i in `cat users.txt`;do... (2 Replies)
I want to create a shell script to gather user account information and displays the result to administrator.
I have created a script but its showing all the information when i search for username like:
amit@mx:~$ ./uinfo.sh amit
Username : amit
User Info ... (2 Replies)
Discussion started by: amit1986
2 Replies
LEARN ABOUT REDHAT
passwd
PASSWD(5) File formats PASSWD(5)NAME
passwd - password file
DESCRIPTION
Passwd is a text file, that contains a list of the system's accounts, giving for each account some useful information like user ID, group
ID, home directory, shell, etc. Often, it also contains the encrypted passwords for each account. It should have general read permission
(many utilities, like ls(1) use it to map user IDs to user names), but write access only for the superuser.
In the good old days there was no great problem with this general read permission. Everybody could read the encrypted passwords, but the
hardware was too slow to crack a well-chosen password, and moreover, the basic assumption used to be that of a friendly user-community.
These days many people run some version of the shadow password suite, where /etc/passwd has *'s instead of encrypted passwords, and the
encrypted passwords are in /etc/shadow which is readable by the superuser only.
Regardless of whether shadow passwords are used, many sysadmins use a star in the encrypted password field to make sure that this user can
not authenticate him- or herself using a password. (But see the Notes below.)
If you create a new login, first put a star in the password field, then use passwd(1) to set it.
There is one entry per line, and each line has the format:
account:password:UID:GID:GECOS:directory:shell
The field descriptions are:
account the name of the user on the system. It should not contain capital letters.
password the encrypted user password or a star.
UID the numerical user ID.
GID the numerical primary group ID for this user.
GECOS This field is optional and only used for informational purposes. Usually, it contains the full user name. GECOS means
General Electric Comprehensive Operating System, which has been renamed to GCOS when GE's large systems division was sold
to Honeywell. Dennis Ritchie has reported: "Sometimes we sent printer output or batch jobs to the GCOS machine. The gcos
field in the password file was a place to stash the information for the $IDENTcard. Not elegant."
directory the user's $HOME directory.
shell the program to run at login (if empty, use /bin/sh). If set to a non-existing executable, the user will be unable to
login through login(1).
NOTE
If you want to create user groups, their GIDs must be equal and there must be an entry in /etc/group, or no group will exist.
If the encrypted password is set to a star, the user will be unable to login using login(1), but may still login using rlogin(1), run
existing processes and initiate new ones through rsh(1), cron(1), at(1), or mail filters, etc. Trying to lock an account by simply chang-
ing the shell field yields the same result and additionally allows the use of su(1).
FILES
/etc/passwd
SEE ALSO passwd(1), login(1), su(1), group(5), shadow(5)
1998-01-05 PASSWD(5)