LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-11-2010, 11:37 AM   #1
nova_9*
LQ Newbie
 
Registered: Oct 2009
Posts: 7

Rep: Reputation: 0
Useradd Shell Script


Hello,

I'm somewhat new to shell scripting and could use some assistance. I'm trying to write a script that will point to a text file with a list of 10 usernames and add the first 5 users to the system with shell "/bin/bash" and the second 5 users to the system without the ability to log in.
The OS is Red Hat Enterprise 5.4

This is what I have so far:
#!/bin/bash
##############ADD NEW USER##############
NEW_USERS="/root/userlist.txt"
HOME_BASE="/home/"
#
cat ${NEW_USERS} | \
while read USER PASSWORD GROUP
do
useradd -g ${GROUP} -p ${PASSWORD} -m -d ${HOME_BASE}${USER} ${USER}
done

It will add user, but they are unable to login and the /etc/shadow password field is not encrypted. If I change their passwords via the GUI, they can login and the password will then be encrypted.
An example from the text file the script looks to is:
#USER PASSWORD GROUP
user1 password1 users
Any help would be greatly appreciated.

Thank you

Last edited by nova_9*; 02-11-2010 at 11:51 AM.
 
Old 02-11-2010, 11:50 AM   #2
mishkind
LQ Newbie
 
Registered: Nov 2007
Posts: 10

Rep: Reputation: 0
Hi,

Check the man page for useradd to see if you can create a user with disabled password. if that does not help, you can create the users with something like "/dev/null" in the shell field. You also create your own script that will print some message to the user and then log him out. In this case,make sure to trap the signals to that process (so that the user wont be able to ctrl-c etc.).
 
Old 02-11-2010, 03:26 PM   #3
rnturn
Senior Member
 
Registered: Jan 2003
Location: Illinois (Chicago area)
Distribution: Red Hat (8.0, RHEL5,6), CentOS, SuSE (10.x, 11.x, 12.2, 13.2), Solaris (8-10), Tru64, MacOS, Raspian
Posts: 1,108

Rep: Reputation: 64
Quote:
Originally Posted by mishkind View Post
You also create your own script that will print some message to the user and then log him out. In this case,make sure to trap the signals to that process (so that the user wont be able to ctrl-c etc.).
Be sure and add your script to /etc/shells. If it's listed there, I believe you can use it as part of the useradd command. If it's not there, you'll likely get an error about an invalid shell. (Not sure if this is true on Linux but I had something similar happen on a commercial UNIX system until I edited /etc/shells.)

I've used these sort of "shells" for accounts that I wanted to have, say, FTP access but no interactive use. (I included logging the iteractive attempts and the hostnames or IP addresses they came from so one could see who was trying to abuse the account.)

--
Rick
 
Old 02-11-2010, 03:48 PM   #4
cantab
Member
 
Registered: Oct 2009
Location: England
Distribution: *buntu, Vector
Posts: 499

Rep: Reputation: 102Reputation: 102
I think RHEL has "/sbin/nologin" or something similar, that will produce a message and spit the user back out again.
 
Old 02-11-2010, 06:01 PM   #5
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,240

Rep: Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324Reputation: 2324
Use /sbin/nologin; don't mess with /etc/shells.
 
Old 02-16-2010, 03:11 PM   #6
nova_9*
LQ Newbie
 
Registered: Oct 2009
Posts: 7

Original Poster
Rep: Reputation: 0
Thank you to all who replied. Adding the /sbin/nologin to the script worked to prevent those users from logging on (presented with a pop-up indicating so). Seems like those who I didn't use /sbin/nologin with, were also unable to login until I changed their password after running the script. I also noticed when creating users this way, the password doesn't appear to be encrypted in the /etc/shadow file. There might be another switch I'm missing.

Thanks
 
Old 02-16-2010, 03:22 PM   #7
worm5252
Member
 
Registered: Oct 2004
Location: Atlanta
Distribution: CentOS, RHEL, HP-UX, OS X
Posts: 567

Rep: Reputation: 57
try using --password instead of -p
 
Old 02-16-2010, 04:11 PM   #8
nova_9*
LQ Newbie
 
Registered: Oct 2009
Posts: 7

Original Poster
Rep: Reputation: 0
I tried using --password and it produced the same result.
 
Old 02-16-2010, 04:28 PM   #9
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 11,516

Rep: Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501Reputation: 1501
Hi,

You can use the command
Code:
newusers
that does exactly what you want to do.

Regards
 
Old 02-16-2010, 05:11 PM   #10
forrestt
Senior Member
 
Registered: Mar 2004
Location: Cary, NC, USA
Distribution: Fedora, Kubuntu, RedHat, CentOS, SuSe
Posts: 1,288

Rep: Reputation: 99
From "man useradd":

Code:
-p, --password PASSWORD
           The encrypted password, as returned by crypt(3). The default is to disable the password.
What you are doing is storing the password as the hash value of the password which will never match any password. Useradd wants the password as it would appear if it were already encrypted. Try this instead:

Code:
#!/bin/bash
##############ADD NEW USER##############
NEW_USERS="/root/userlist.txt"
HOME_BASE="/home/"

cat ${NEW_USERS} | \
while read USER PASSWORD GROUP ; do
        useradd -g ${GROUP} -p LOCK -m -d ${HOME_BASE}${USER} ${USER}
        echo ${PASSWORD} | passwd --stdin ${USER}
done
HTH

Forrest
 
Old 02-19-2010, 05:02 PM   #11
nova_9*
LQ Newbie
 
Registered: Oct 2009
Posts: 7

Original Poster
Rep: Reputation: 0
I'll give it a try.

Thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
useradd in a script john83reuben Linux - Newbie 8 05-28-2008 07:48 PM
Script for useradd mossy464 Programming 3 04-16-2008 03:32 PM
useradd script newuser455 Programming 4 01-28-2005 12:48 AM
Useradd Script jcornel7 Linux - Newbie 2 02-17-2003 10:48 AM


All times are GMT -5. The time now is 09:57 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration