Create new user account and password in shell script
I am trying to create a shell script that will:
check if a specific user already exists
if not, create a specific group and create the user in that group
assign a password to that user, where the password is passed in as a parameter to the script
The problem that I need help with is 3 on Solaris and AIX.
I can do 1 (using the id command) and 2 (using mkgroup or groupadd and useradd commands), but setting the password is where I am having problems. I have got it to work on Linux by redirecting input to the passwd command but I can not find how to get the same functionality to work on AIX and Solaris. This is what I have so far:
Code:
PLATFORM=`uname`
id $NEW_USER_ID > /dev/null 2>&1
if [ "$?" != "0" ]
then
echo "$NEW_USER_ID user does not exist. Attempting to create user and group"
if [ "$PLATFORM" = "AIX" ]
then
mkgroup $NEW_GROUP
else
groupadd $NEW_GROUP
fi
if [ "$?" != "0" ]
then
echo "Failed to create group"
fi
useradd -g $NEW_GROUP -s /usr/bin/ksh $NEW_USER_ID
if [ "$?" != "0" ]
then
echo "Failed to create $NEW_USER_ID user"
fi
if [ "$PLATFORM" = "Linux" ]
then
passwd --stdin $NEW_USER_ID <<EOF
$NEW_PASSWD
$NEW_PASSWD
EOF
if [ "$?" != "0" ]
then
echo "Failed to set $NEW_USER_ID password"
fi
fi
fi
I've searched the forums and found some similar postings but nothing seems to answer exactly what I'm looking for.
Some additional information that might preempt some questions:
the script will only be run by the root user
there is not an issue with storing the password unencrypted in a flat file because it will be entered by the user as a parameter at run-time
the script has to be executable on Linux X86, Linux s390x, Solaris 10, and AIX 6
the script can not use any command, utility, or any other software that is not installed on the OS by default, so an answer along the lines of "download and install this..." is no good to me.
I can not use an answer that involves using perl
I can not use an answer that involves using the expect command
If it can't be done, because of something like OS security restrictions and limitations, then please let me know and I'll stop trying to script it!
Thanks in advance for any help or pointers that anyone can provide.
Hi All,
I'm using solaris 2.8, and I want create a new ftp user account with the following restrictions:
- Have only ftp access, no telnet or rlogin
- Have restricted access to its home directory example /export/home/newuser
- Deny access to any other directory.
Thanks for your help,
... (6 Replies)
My company has about 40 databases with each database in a different logical partition. Presently the SysAdmin person says it is necessary to create a user profile (login and password for each instance of databases on each LPAR.
1. Is it necessary that the user must be created in each LPAR?
2.... (1 Reply)
hello friends,
one user is created named "user1"
I login as "user1" . Now when i do "su -" to be root user I have to give password for root .
Is there any way through which we can skip giving the password to root.
i.e.
user1@work:~$ su -
Password: xxxxxx
work:~$
I don't want that... (1 Reply)
Hi All,
I have one requirment..
I need to change my id to some sudo account in a server.. Actually our username/passwd will be stored in one gip file like below...
$cat .a.gz #It's hidden file
username
passwd
$
So I tried the below script to pass the password when i sudo to... (7 Replies)
hi guys
I have Centos 5.4
The idea is lock the user account for 3 minutes after he has entered his password incorrectly 3 times.
I've modified /etc/pam.d/system-auth
auth required pam_tally.so onerr=fail per_user deny=3
account required pam_tally.so resetbesides... (3 Replies)
Hi Folks,
I had a request to create the user request. Between, I just write a script a create, Update Geos, and update the password. My script as below:
The error message, what I am getting is all the users are updated with the same Goes value..
#!/bin/bash
for i in `cat users.txt`;do... (2 Replies)
I want to create a shell script to gather user account information and displays the result to administrator.
I have created a script but its showing all the information when i search for username like:
amit@mx:~$ ./uinfo.sh amit
Username : amit
User Info ... (2 Replies)
Discussion started by: amit1986
2 Replies
LEARN ABOUT CENTOS
groupmod
GROUPMOD(8) System Management Commands GROUPMOD(8)NAME
groupmod - modify a group definition on the system
SYNOPSIS
groupmod [options] GROUP
DESCRIPTION
The groupmod command modifies the definition of the specified GROUP by modifying the appropriate entry in the group database.
OPTIONS
The options which apply to the groupmod command are:
-g, --gid GID
The group ID of the given GROUP will be changed to GID.
The value of GID must be a non-negative decimal integer. This value must be unique, unless the -o option is used.
Users who use the group as primary group will be updated to keep the group as their primary group.
Any files that have the old group ID and must continue to belong to GROUP, must have their group ID changed manually.
No checks will be performed with regard to the GID_MIN, GID_MAX, SYS_GID_MIN, or SYS_GID_MAX from /etc/login.defs.
-h, --help
Display help message and exit.
-n, --new-name NEW_GROUP
The name of the group will be changed from GROUP to NEW_GROUP name.
-o, --non-unique
When used with the -g option, allow to change the group GID to a non-unique value.
-p, --password PASSWORD
The encrypted password, as returned by crypt(3).
Note: This option is not recommended because the password (or encrypted password) will be visible by users listing the processes.
You should make sure the password respects the system's password policy.
-R, --root CHROOT_DIR
Apply changes in the CHROOT_DIR directory and use the configuration files from the CHROOT_DIR directory.
CONFIGURATION
The following configuration variables in /etc/login.defs change the behavior of this tool:
MAX_MEMBERS_PER_GROUP (number)
Maximum members per group entry. When the maximum is reached, a new group entry (line) is started in /etc/group (with the same name,
same password, and same GID).
The default value is 0, meaning that there are no limits in the number of members in a group.
This feature (split group) permits to limit the length of lines in the group file. This is useful to make sure that lines for NIS
groups are not larger than 1024 characters.
If you need to enforce such limit, you can use 25.
Note: split groups may not be supported by all tools (even in the Shadow toolsuite). You should not use this variable unless you really
need it.
FILES
/etc/group
Group account information.
/etc/gshadow
Secure group account information.
/etc/login.defs
Shadow password suite configuration.
/etc/passwd
User account information.
EXIT VALUES
The groupmod command exits with the following values:
0
success
2
invalid command syntax
3
invalid argument to option
4
specified group doesn't exist
6
specified group doesn't exist
9
group name already in use
10
can't update group file
SEE ALSO chfn(1), chsh(1), passwd(1), gpasswd(8), groupadd(8), groupdel(8), login.defs(5), useradd(8), userdel(8), usermod(8).
shadow-utils 4.1.5.1 05/25/2012 GROUPMOD(8)