How to automate adduser on FreeBSD? Post: 302505378

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

question related to command "adduser"

Hello.. I dont know if i can ask this question in this session..if wrong please correct me.. This is my question.. When iam creating a user with command " adduser xxx" Where are the changes happening.. I know in /etc/passwd , /etc/shadow... in /home Is there any i missed.. please...

2. Programming

adduser

Hi, Let me know any urls where i can get the source code for "adduser" program.. Please help.. esham

3. Programming

Application crashes in FreeBSD 7.1 while working ok in FreeBSD 6.3

Hello there, My mulithreaded application (which is too large to represent the source code here) is crashing after installing FreeBSD 7.1-RELEASE/amd64. It worked properly on others machines (Dual Cores with 4GB of RAM - FreeBSD 6.2-RELEASE/i386). The current machine has 2x Core 2 Duo...

4. Shell Programming and Scripting

shell script for nessus-adduser

I took a stab at writing a script to automate the interactive process of adding users to Nessus - I have zero previous coding experience. So far, it doesn't get me anywhere. I took small sections of code from posts I found on this site and others:...

5. Shell Programming and Scripting

exec a build command (adduser) in a script

Hi, With a awk script i create a "adduser line" $ cat /tmp/tmp.ldif | awk -f ldif2adduser.awk adduser --uid 1002 --gid 1000 --gecos "ROUSSIN Guy" --home /homeL/guy --shell /bin/bash --disabled-password guy If i cut and paste this line, all is fine. But in a shell script i get errors : ...

6. SuSE

automate ispell

Hello!! Is posible to automate ispell?? I have a lot of misspelled text and I want to launch a script that runs ispell choosing for example the first option, all that automatically. Is possible?? Thanks :)

7. Red Hat

Adduser -> Access denied

hi, I have a problem with any user i created on a linux server RH. With the user root i did: adduser toto passwd toto (to give it a password - message : "all authentication tokens updated successfully") I can do a "su - toto", but when I try to connect it directly by ssh i have the message...

8. Solaris

Solaris 10 adduser

Brain teaser, I was given the task below. I believe the consultant runs software on his laptop that probes our QA tier web servers for xxx The two web servers are xxx I attempt useradd command on XXX which seems to work, but when I attempt to assign a pwd, the OS denies it and says user...

9. UNIX for Dummies Questions & Answers

Adduser or useradd

I am just wondering why there are two similar commands for creating a user. Could you please point me when I should choose adduser and when useradd? This puzzles me a little. Thanks, Panos

10. UNIX for Advanced & Expert Users

Adduser

hi, when i want to "adduser newuser" i receved this warning : event type "audit_buf" is a fixed event and may not be manipulated help me please

LEARN ABOUT DEBIAN

gpgwrap

gpgwrap(1)						      General Commands Manual							gpgwrap(1)

NAME

       gpgwrap - a small wrapper for gpg

SYNOPSIS

       gpgwrap -V

       gpgwrap -P [-v] [-i] [-a] [-p <file>]

       gpgwrap -F [-v] [-i] [-a] [-c] [-p <file>] [-o <name>] [--] <file> [<file> ... ]

       gpgwrap [-v] [-i] [-a] [-p <file>] [-o <name>] [--] gpg [gpg options]

DESCRIPTION

       The  GNU Privacy Guard (gpg) supplies the option --passphrase-fd. This instructs gpg to read the passphrase from the given file descriptor.
       Usually this file descriptor is opened before gpg is executed via execvp(3). Exactly that is what gpgwrap is doing. The passphrase  may	be
       passed to gpgwrap in 4 ways:

	      * as file path, whereat the passphrase is stored as plain text in the file

	      * it is piped from another program to the stdin of gpgwrap

	      * through the GPGWRAP_PASSPHRASE environment variable

	      * gpgwrap prompts for it

       With  no precautions the first point undermines the secure infrastructure gpg provides. But in pure batch oriented environments this may be
       what you want. Otherwise if you are willing to enter passphrases once and don't want them to be stored as plain text in a file gpg-agent is
       what  you  are  looking	for. Another security objection could be the use of the environment variable GPGWRAP_PASSPHRASE which contains the
       passphrase and may be read by other processes of the same user.

OPTIONS

       -V, --version
	       Print out version and exit.

       -P, --print
	       Get the passphrase and print it mangled to stdout.

       -F, --file
	       Read gpg commands from the given files. If <file> is - it is read from stdin. Exactly one command per line is expected.	The  given
	       line is handled in the following way:

	       * In  the  first  place the passphrase is mangled. This means that unusual characters are replaced by their backslash escaped octal
		 numbers.

	       * Secondly the mangled passphrase is stored in the environment variable GPGWRAP_PASSPHRASE.

	       * "exec gpgwrap -- " is prepended to each line, before the result is passed as argument to "sh -c".

       -h, --help
	       Print out usage information.

       -v, --verbose
	       Increase verbosity level.

       -i, --interactive
	       Always prompt for passphrase (ignores -p and the environment variable).

       -a, --ask-twice
	       Ask twice if prompting for a passphrase.

       -c, --check-exit-code
	       While reading gpg commands from a file, gpgwrap ignores per default the exit code of its child processes. This option  enables  the
	       check  of  the exit code. If a child terminates abnormal or with an exit code not equal 0 gpgwrap stops immediately and does return
	       with this exit code. See also section BUGS.

       -p <file>, --passphrase-file <file>
	       Read passphrase from <file>. If <file> is - it is read from stdin. The passphrase is expected to be in plain text. If  this  option
	       is  not	given  the  passphrase will be taken either from the environment variable GPGWRAP_PASSPHRASE or it will be prompted on the
	       controlling tty if the environment variable is not set.

       -o <name>, --option-name <name>
	       Specify the name of the "--passphrase-fd" option understood by the program to be executed. This is useful if you want to  use  gpg-
	       wrap in combination with other programs than gpg.

LIMITATIONS

       The given passphrase is subject to several limitations depending on the way it was passed to gpgwrap:

	      * There is a size limitation: the passphrase should be not larger than some kilobytes (examine the source code for the exact limit).

	      * gpgwrap allows you to use all characters in a passphrase even 00, but this does not mean that gpg will accept it. gpg may reject
		your passphrase or may only read a part of it, if it contains characters like 12 (in C also known as 
).

	      * If you set the environment variable GPGWRAP_PASSPHRASE you should take special care with the backslash character, because  gpgwrap
		uses backslash to escape octal numbers, (see option -F). Therefore write backslash itself as octal number: 134.

EXAMPLES

       1.
	       gpgwrap -p /path/to/a/secret/file  
	       gpg -c -z 0 --batch --no-tty  
		   --cipher-algo blowfish < infile > outfile

	       Read passphrase from /path/to/a/secret/file and execute gpg to do symmetric encryption of infile and write it to outfile.

       2.
	       gpgwrap -i -a  
	       gpg -c -z 0 --batch --no-tty  
		   --cipher-algo blowfish < infile > outfile

	       Same as above except that gpgwrap prompts twice for the passphrase.

       3.
	       gpgwrap -F -i - <<EOL
	       gpg --decrypt --batch --no-tty < "$HOME/infile1" > "$HOME/outfile1"
	       gpg --decrypt --batch --no-tty < "$HOME/infile2" > "$HOME/outfile2"
	       gpg --decrypt --batch --no-tty < "$HOME/infile3" > "$HOME/outfile3"
	       gpg --decrypt --batch --no-tty < "$HOME/infile4" > "$HOME/outfile4"
	       EOL

	       gpgwrap prompts for the passphrase and executes four instances of gpg to decrypt the given files.

       4.
	       GPGWRAP_PASSPHRASE="mysecretpassphrase"
	       export GPGWRAP_PASSPHRASE
	       gpgwrap -F -c -v /tmp/cmdfile1 - /tmp/cmdfile2 <<EOL
	       gpg --decrypt --batch --no-tty < "$HOME/infile1" > "$HOME/outfile1"
	       gpg --decrypt --batch --no-tty < "$HOME/infile2" > "$HOME/outfile2"
	       gpg --decrypt --batch --no-tty < "$HOME/infile3" > "$HOME/outfile3"
	       gpg --decrypt --batch --no-tty < "$HOME/infile4" > "$HOME/outfile4"
	       EOL

	       Same  as  above	except that gpgwrap gets the passphrase via the environment variable, reads commands additionally from other files
	       and checks the exit code of every gpg instance. This means if one gpg command has a non zero exit code,	no  further  commands  are
	       executed. Furthermore gpgwrap produces verbose output.

       5.
	       GPGWRAP_PASSPHRASE="$(gpgwrap -P -i -a)"
	       export GPGWRAP_PASSPHRASE

	       find . -maxdepth 1 -type f |
	       while read FILE; do
		   FILE2="$FILE.bz2.gpg"
		   bzip2 -c "$FILE" |
		   gpgwrap gpg -c -z 0 --batch --no-tty  
		       --cipher-algo blowfish > "$FILE2" &&
		   touch -r "$FILE" "$FILE2" &&
		   rm -f "$FILE"
	       done

	       Read in passphrase, compress all files in the current directory, encrypt them and keep date from original file.

       6.
	       find . -maxdepth 1 -type f -name '*.bz2.gpg' |
	       awk '{
		   printf("gpg --decrypt --batch --no-tty --quiet ");
		   printf("--no-secmem-warning < %s
", $0);
		   }' |
	       gpgwrap -F -i -c - |
	       bzip2 -d -c - |
	       grep -i 'data'

	       Decrypt	all *.bz2.gpg files in the current directory, decompress them and print out all occurances of data. If you pipe the result
	       to less you get into trouble because gpgwrap and less try to read from the TTY at the same time. In such a case it is better to use
	       the environment variable to give the passphrase (the example above shows how to do this).

       7.
	       GPGWRAP_PASSPHRASE="$(gpgwrap -P -i -a)"
	       export GPGWRAP_PASSPHRASE

	       gpgwrap -P |
	       ssh -C -x -P -l user host "
		   GPGWRAP_PASSPHRASE="$(cat)"
		   ...
		   "

	       Prompt for a passphrase twice and write it to the GPGWRAP_PASSPHRASE environment variable.

       8.
	       echo -n "Passphrase: "
	       stty -echo
	       read GPGWRAP_PASSPHRASE
	       echo
	       stty echo
	       export GPGWRAP_PASSPHRASE

	       Another	way  to  prompt manually for the passphrase. It was needed in combination with older versions of gpgwrap, because they did
	       not upport -P. Be aware that with this method no automatic conversion to backslash escaped octal numbers takes place.

       9.
	       echo "mysecretpassphrase" |
	       gpg --batch --no-tty --passphrase-fd 0  
		   --output outfile --decrypt infile

	       Cheap method to give passphrase to gpg without gpgwrap. Note that you can't use stdin to pass a	file  to  gpg,	because  stdin	is
	       already used for the passphrase.

       10.
	       gpg --batch --no-tty  
		   --passphrase-fd 3 3< /path/to/a/secret/file	
		   < infile > outfile

	       This  is a more advanced method to give the passphrase, it is equivalent to Option -p of gpgwrap. This example should at least work
	       with the bash.

       11.
	       gpg --batch --no-tty --passphrase-fd 3  
		   3< <(echo "mysecretpassphrase")  
		   < infile > outfile

	       Like above, but the passphrase is given directly. This example should at least work with the bash.

BUGS

       In version 0.02 of gpgwrap the exit code of gpg was only returned if gpgwrap read the passphrase from a file. Since version 0.03,  only	-F
       omits exit code checking by default, but it can be enabled with -c.

SEE ALSO

       gpg, gpg-agent

AUTHOR

       Karsten Scheibler

								   gpgwrap 0.04 							gpgwrap(1)