Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: FreeBSD new user login script
Top Forums Shell Programming and Scripting FreeBSD new user login script Post 302570594 by Corona688 on Thursday 3rd of November 2011 06:22:06 PM
Old 11-03-2011
I'm hoping you mean 'hacker' in the good sense. I know, I know -- corruption of a perfectly good term, but that's something beyond our control.

If you don't have sudo installed, install it, you'll need it.

What shells do you have available?

The process I'd envision is
1) User logs into the 'new' account. Instead of running a shell, their account is configured(via usermod) to run a shell script as its login shell like this:

Code:
while [ -z "$NEWUSER" ]
do
        printf "New username: " >&2
        read NEWUSER || exit 1
        if ! echo "$NEWUSER" | grep "^[a-z_][a-z0-9_-]*$" > /dev/null
        then
                echo "Usernames must be a-z_-" >&2
                NEWUSER=""
                continue
        fi

        if grep "^${NEWUSER}:" /etc/passwd > /dev/null
        then
                echo "${NEWUSER} already exists" >&2
                NEWUSER=""
                continue
        fi
done

exec sudo /usr/local/sbin/newuser.sh "$NEWUSER"

And the contents of /usr/local/sbin/newuser.sh:

Code:
#!/bin/sh

useradd "$1"

passwd "$1" || userdel "$1"

and you'd need this line in sudoers:

Code:
new ALL=NOPASSWD:  /usr/local/sbin/newuser.sh

which should permit the new user to run /usr/local/sbin/newuser.sh as root but nothing else.

This code may not be perfect or complete.
Last edited by Corona688; 11-03-2011 at 07:29 PM..
This User Gave Thanks to Corona688 For This Post:
deshi
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

user login script question

hi all, what file(s) needs to be changed and in what way in order to do the following: when user A logs onto freebsd 4.8 automaticaly he needs to start up a script a made that executes: sets ltp0 in polling mode, executes tn5250 keyboard mapping starts tn5250 with the correct parameters. ... (2 Replies)
Discussion started by: termiEEE
2 Replies

2. UNIX for Dummies Questions & Answers

freebsd auto login user at boot / i'm stuck

I run freebsd 4.8 and try to find the way or 'a' way to log in a certain user i created automaticaly at pc boot. I have searched the net, the manuals, but found nothing... could anyone please get me going by showing me an example or what file(s) i need to take a look at. i am not working... (6 Replies)
Discussion started by: termiEEE
6 Replies

3. Shell Programming and Scripting

User Login Monitor Script

I need some help writing a script that I can run as a cron job. I want this script to be able find all the users that have logged on to this machine since the last time the script was run (plan to run daily at 11:30pm, so everyone who logged on that day) and email me who logged on, and when. ... (2 Replies)
Discussion started by: Drewser
2 Replies

4. Shell Programming and Scripting

SSH login with user name and script.

I want to login to server using ssh or telnet and execute one command then exit to the shell Please let me know how to write script for this? (1 Reply)
Discussion started by: svenkatareddy
1 Replies

5. Shell Programming and Scripting

Running script from other user rather than login user

Hi, My requirement is that i am login from ROOT in a script but when any command is coming which is logging to sqlplus then i have to run it with normal user as only normal user have permission to connect to sqlplus . i tried making a script like this : #! /bin/ksh su -... (3 Replies)
Discussion started by: rawatds
3 Replies

6. Shell Programming and Scripting

Run script at first login user (only)

Hi all, I would need a script to run only at the first login of a newly created user. And at the first time only. I did some googlework but unfortunatly... I made up it possibly had something to do with the bashrc file. This script is some kind of info for the user ; with the possiblity to... (1 Reply)
Discussion started by: laurens
1 Replies

7. UNIX for Dummies Questions & Answers

User login monitoring script.

Hi guys, I'm need to write a script that runs an infinite loop to check users that login/out of a server. I'm just not sure about the syntax with while loops and whether or not you can include a nested if-statement? Cheers Spaulds (2 Replies)
Discussion started by: Spaulds
2 Replies

8. Emergency UNIX and Linux Support

Limiting a user to a script upon login, nothing else.

Hi there, I have a Debian 5.0 server that my company uses for deployment testing. This server needs to be accessed by NOC people that have no NIX knowledge whatsoever. I am creating a bash script for a menu-based command interface for the commands they need to run on their testing routines,... (21 Replies)
Discussion started by: ppucci
21 Replies

9. Shell Programming and Scripting

How to Login as another user through Shell script from current user[Not Root]

Hi Every body, I would need a shell script program to login as different user and perform some copy commands in the script. example: Supppose ora_toms is the active user ora_toms should be able to run a script where user: ftptomsp pass: XXX should login through and run the commands ... (9 Replies)
Discussion started by: ujjwal27
9 Replies

10. Shell Programming and Scripting

Login into another user from user inside script

now i have logged in username : ramesh in unix Now i have to created script file to login into another user and have run a command inside that user and after executing the command i have to exit from that user. Inside script, i have to login into su - ram along with password : haihow and have to... (4 Replies)
Discussion started by: rammm
4 Replies

LEARN ABOUT SUSE

login

LOGIN(1)						   Linux Administrator's Manual 						  LOGIN(1)

NAME

       login - Begin session on the system

SYNOPSIS

       login [ -p ] [ -h host ] [ -H ] [ -f username | username ]

DESCRIPTION

       login is used when signing onto a system.  If no argument is given, login prompts for the username.

       The  user is then prompted for a password, where approprate.  Echoing is disabled to prevent revealing the password. Only a small number of
       password failures are permitted before login exits and the communications link is severed.

       If password aging has been enabled for the account, the user may be prompted for a new password before proceeding. He  will  be	forced	to
       provide his old password and the new password before continuing. Please refer to passwd(1) for more information.

       The  user and group ID will be set according to their values in the file. There is one exception if the user ID is zero: in this case, only
       the primary group ID of the account is set. This should prevent that the system adminitrator cannot login in case of network problems.  The
       value  for  $HOME, $SHELL, $PATH, $LOGNAME, and $MAIL are set according to the appropriate fields in the password entry.  $PATH defaults to
       /usr/local/bin:/bin:/usr/bin:.  for normal users, and to /sbin:/bin:/usr/sbin:/usr/bin for root if not other configured.   The  environment
       variable  $TERM	will  be preserved, if it exists (other environment variables are preserved if the -p option is given) or be initialize to
       the terminal type on your tty line, as specified in /etc/ttytype.

       Then the user's shell is started. If no shell is specified for the user in /etc/passwd, then /bin/sh is used.  If  there  is  no  directory
       specified in /etc/passwd, then / is used (the home directory is checked for the .hushlogin file described above).

       login reads the /etc/login.defs(5) configuration file. Please refer to this documenation for options which could be set.

OPTIONS

       -p     Used by getty(8) to tell login not to destroy the environment

       -f     Used  to	skip  a  second  login authentication. This option is deprecated and should not be used. It does specifically not work for
	      root. Using this option also means, that not all PAM functions are called.

       -h     Used by other servers (i.e., telnetd(8)) to pass the name of the remote host to login so that it may be placed  in  utmp	and  wtmp.
	      Only the superuser may use this option.

       -H     Used by other servers (i.e., telnetd(8)) to tell login that printing the hostname should be suppressed in the login: prompt.

FILES

       /var/run/utmp - list of current login sessins
       /var/log/wtmp - list of previous login sessions
       /etc/passwd - user account information
       /etc/shadow - encrypted passwords and age information
       /etc/motd - system message file
       /etc/login.defs - configuration file

SEE ALSO

       init(8), getty(8), mail(1), passwd(1), passwd(5), environ(7), shutdown(8), login.defs(5)

BUGS

       A  recursive  login,  as  used  to be possible in the good old days, no longer works; for most purposes su(1) is a satisfactory substitute.
       Indeed, for security reasons, login does a vhangup() system call to remove any possible listening processes on the tty. This  is  to  avoid
       password  sniffing.  If	one  uses the command "login", then the surrounding shell gets killed by vhangup() because it's no longer the true
       owner of the tty.  This can be avoided by using "exec login" in a top-level shell or xterm.

AUTHOR

       Derived from BSD login 5.40 (5/9/89) by Michael Glad (glad@daimi.dk) for HP-UX
       Ported to Linux 0.12: Peter Orbaek (poe@daimi.aau.dk)
       Added new features: Thorsten Kukuk (kukuk@suse.de)

PAM Login 3.32							    2. May 2007 							  LOGIN(1)
All times are GMT -4. The time now is 03:20 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy