I need help with users ASAP

drhart4000 · 08-15-2006, 12:19 PM

Hey guys first time on the forums. first a little overview of my setup.
1 Slackware Server, 1 windows 2000 Server (for certain applications that run off windows, and about 250 some odd computers maybe less.
I have the Slackware setup to run as a "Primary samba server" and all works fine. Heres the user file system:

Home dir: /home/group/user
Shares:
/shares/share1
/shares/share2
/shares/share3
and so on

"i also have shares that only a certain group of users can access."

here are my groups:
Admin
Teachers
NHS2011 <--- the 20xx is the graduation year for the students
NHS2012 <-----|
NHS2013 <-------|

I have a script that alows me to brezz through and add all the users.

Now is it possible that i can have a script that asks for the group name and it will manualy find all users in that group and delete them and the delete the group

for example the following commands:

userdel -r user1
userdel -r user2
userdel -r user3
groupdel group_of_users1
rm /home/group_of_users1

i can do it manualy but it takes a very long time... at the end of the school year we have to delete 100 - 150 names... and as you can see this would take a long long time.

so i came up with the idea to just open an xwindo sesion and open /homes/group *delete it
/etc/passwd *delete entrys for the users in the group
/etc/samba/smbpasswd *delete entrys for the users in the group

but, this is still a long drown out process as far as scrolling though the passwd and smbpasswd lists.

Im sure there is an esier way to do this thanks for any help.

centauricw · 08-15-2006, 10:29 PM

Yes, there is. You can create a shell script which would iterate through the users of a particular group and delete all users from both Linux and Samba, and then delete the group. Forgive me for not posting any examples, but I don't have anything like that in my repository (and while most of my scripts are Open Source, I do get paid for creating custom work). Basically, you would read the /etc/group file, grepping it for the group you wanted to delete, then for each user in the group, run userdel -r and smbpasswd -x, then do groupdel for the group.

A good place to start with Bash scripts is "Learning the Bash Shell" from Oreilly.

drhart4000 · 08-16-2006, 05:54 PM

Quote:

Originally Posted by centauricw

Yes, there is. You can create a shell script which would iterate through the users of a particular group and delete all users from both Linux and Samba, and then delete the group. Forgive me for not posting any examples, but I don't have anything like that in my repository (and while most of my scripts are Open Source, I do get paid for creating custom work). Basically, you would read the /etc/group file, grepping it for the group you wanted to delete, then for each user in the group, run userdel -r and smbpasswd -x, then do groupdel for the group.

A good place to start with Bash scripts is "Learning the Bash Shell" from Oreilly.

Thanks I will look in to what you mentioned, thats a big help
although it will be hard for me to find time to learn bash, i know a little, enough to write the "newuser" script I mentioned earlier. But, im not sure how much i would need to learn and how long it would take me to write that script.

So, if any one had a script that they would be willing to part with i'd be very greatfull.

Thanks,

ntubski · 08-16-2006, 09:17 PM

Oooh, programming exercise, fun

Code:

#! /bin/bash

#require 1st argument to be a group name
if [ -z "$1" ]; then
  echo "Usage: $(basename $0) group"
  exit;
fi

GROUP="$1"


for user in $(grep $GROUP /etc/group | cut --fields=4 --delimiter=':' | tr ',' ' ');
do
   echo "not actually removing user $user from samba database"; #replace with smbpasswd -x $user
   echo "not actually deleting user $user" #replace with deluser -r $user
done

echo "not actually deleting group $GROUP" #replace with groupdel $GROUP
echo "not actually rm'ing /home/$GROUP"   #replace with rm "/home/$GROUP"

centauricw · 08-16-2006, 10:42 PM

OK, I took pity on you :-) This script should do what you want, except it will not delete users if it's their primary group (in which case, they don't appear in /etc/group as members of the group). Run with care.

Code:

#!/bin/bash
#
# delgroupmembers
# Shell script to delete all users in a specific group and delete the group.
#
# Written by Charles Rutledge
# Copyright (c) 2006 Centauri Computer Works, Inc.
#
# This program is released under the terms of the GNU General Public License,
# Version 2 (or at your option, any later version) as published by the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110.
# A copy of this license is available at http://www.gnu.org/copyleft/gpl.html.
#
# THIS PROGRAM IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
# EXPRESSED OR IMPLIED.  YOU ASSUME ALL RISKS FOR USE OF THIS PROGRAM.

# Be sure this program is run as root.
if [ $UID -ne 0 ]; then
    echo "`basename $0` can only be run as root"
    exit 1
fi

# We are expecting one argument.
if [ -z $1 ]; then
    echo "USAGE: `basename $0` <group>"
    exit 1
fi

# Be sure this is a valid group.
if [ `grep -c ^$1: /etc/group` -eq 0 ]; then
    echo "ERROR: Group $1 not found in /etc/group"
    exit 1
fi

# Delete all users belonging to this group, then delete the group.
USERLIST=`grep ^$1: /etc/group | cut -f4 -d: | sed 's/,/ /g'`
if [ -z $USERLIST ]; then
    echo "ERROR: There were no users found for group $1"
    exit 1
fi
for user in $USERLIST ; do
    /usr/sbin/userdel -r $user
    /usr/bin/smbpasswd -x $user
done
/usr/sbin/groupdel $1

ntubski: I would change the grep to user ^ before $1 to match at the beginning of the line and : after $1 to match the first separator. Otherwise, you can match group names that are partial or match users (i.e. user matches users).

drhart4000 · 08-26-2006, 04:06 PM

Thanks, i really appreciate it.
I'll try it first thing Monday morning!

drhart4000 · 08-28-2006, 06:52 PM

hey i run the script heres what i get

root@server:~# groupdelete nhs2010
ERROR: There were no users found for group nhs2010
root@server:~#

heres how i modified the script:

Code:

#!/bin/bash
#
# delgroupmembers
# Shell script to delete all users in a specific group and delete the group.
#
# Written by Charles Rutledge
# Copyright (c) 2006 Centauri Computer Works, Inc.
#
# This program is released under the terms of the GNU General Public License,
# Version 2 (or at your option, any later version) as published by the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110.
# A copy of this license is available at http://www.gnu.org/copyleft/gpl.html.
#
# THIS PROGRAM IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
# EXPRESSED OR IMPLIED.  YOU ASSUME ALL RISKS FOR USE OF THIS PROGRAM.

# Be sure this program is run as root.
if [ $UID -ne 0 ]; then
    echo "`basename $0` can only be run as root"
    exit 1
fi

# We are expecting one argument.
if [ -z $1 ]; then
    echo "USAGE: `basename $0` <group>"
    exit 1
fi

# Be sure this is a valid group.
if [ `grep -c ^$1: /etc/group` -eq 0 ]; then
    echo "ERROR: Group $1 not found in /etc/group"
    exit 1
fi

# Delete all users belonging to this group, then delete the group.
USERLIST=`grep ^$1: /etc/group | cut -f4 -d: | sed 's/,/ /g'`
if [ -z $USERLIST ]; then
    echo "ERROR: There were no users found for group $1"
    exit 1
fi
for user in $USERLIST ; do
   userdel -r $user
   rm /home/$1/$user
   smbpasswd -x $user
groupdel $1
done

thanks,

ntubski · 08-29-2006, 10:56 AM

Possibly it should be NHS2010 not nhs2010

drhart4000 · 08-31-2006, 06:19 PM

no, becouse if that was so it wouldn't find the user group so there for it would show the error message:
"ERROR: Group NHS2010 not found in /etc/group"

i made sure the group name was in lower case i checked the group and directorys it's nhs----*

thanks though,

any one have some ideas?

ntubski · 09-01-2006, 11:16 AM

Ah, you're right about that, I just assumed it was uppercase because that's what you had in your first post.

Try running grep nhs2010 /etc/group, if it comes up with something add the cut:

Code:

grep nhs2010 /etc/group | cut -f4 -d:

drhart4000 · 09-01-2006, 05:34 PM

The script allready contains "cut"

Code:

# Delete all users belonging to this group, then delete the group.
USERLIST=`grep ^$1: /etc/group | cut -f4 -d: | sed 's/,/ /g'`
if [ -z $USERLIST ]; then
    echo "ERROR: There were no users found for group $1"
    exit 1

-- thats what the codes is suposto be right?

NOTE: Since its the weekend and a holiday on Monday i cant get to the server untill Tuesday.

Is it possible that the command checking if the grep command worked corectly have the wrong santax?
If so what is the right santex?

Code:

if [ -z $USERLIST ]; then
    echo "ERROR: There were no users found for group $1"
    exit 1

drhart4000 · 09-01-2006, 05:50 PM

OH hey wait a minute i just red this

Quote:

Originally Posted by centauricw

OK, I took pity on you :-) This script should do what you want, except it will not delete users if it's their primary group (in which case, they don't appear in /etc/group as members of the group). Run with care.

Err, im stuppid. Ok, thats the problem the user accounts will NOT show up in the nhs2010 group because thats the primary group.

Is there still a way you can do this by using the nhs2010 group name?

ntubski · 09-01-2006, 09:31 PM

Quote:

Originally Posted by drhart4000

The script allready contains "cut"

Code:

# Delete all users belonging to this group, then delete the group.
USERLIST=`grep ^$1: /etc/group | cut -f4 -d: | sed 's/,/ /g'`
if [ -z $USERLIST ]; then
    echo "ERROR: There were no users found for group $1"
    exit 1

-- thats what the codes is suposto be right?

What I meant is that you should run

Code:

 grep nhs2010 /etc/group

from the command line, see what comes out, and if there is output from that run

Code:

 grep nhs2010 /etc/group | cut -f4 -d:

Running grep on /etc/group would have shown you the empty line, revealing the problem to you.

Quote:

Originally Posted by drhart4000

Ok, thats the problem the user accounts will NOT show up in the nhs2010 group because thats the primary group.
...
Is there still a way you can do this by using the nhs2010 group name?

I think this will work:

Code:

#!/bin/bash
#
# delgroupmembers
# Shell script to delete all users in a specific group and delete the group.
#
# Written by Charles Rutledge
# Copyright (c) 2006 Centauri Computer Works, Inc.
#
# This program is released under the terms of the GNU General Public License,
# Version 2 (or at your option, any later version) as published by the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110.
# A copy of this license is available at http://www.gnu.org/copyleft/gpl.html.
#
# THIS PROGRAM IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER
# EXPRESSED OR IMPLIED.  YOU ASSUME ALL RISKS FOR USE OF THIS PROGRAM.

# Be sure this program is run as root.
if [ $UID -ne 0 ]; then
    echo "`basename $0` can only be run as root"
    exit 1
fi

# We are expecting one argument.
if [ -z $1 ]; then
    echo "USAGE: `basename $0` <group>"
    exit 1
fi

# Be sure this is a valid group.
if [ `grep -c ^$1: /etc/group` -eq 0 ]; then
    echo "ERROR: Group $1 not found in /etc/group"
    exit 1
fi


# Find out the group number for given group
GROUPNUM=$(grep ^$1 /etc/group | cut -f3 -d:)

# Make sure we found a number
if [ $( echo $GROUPNUM | egrep -c ^[[:digit:]]+$ ) -eq 0 ]; then
	echo "ERROR: Couldn't find group number for group $1"
	exit 1
fi

# Find all users with this primary group according to /etc/passwd
USERLIST=$(egrep "^(.*):x:[[:digit:]]+:$GROUPNUM:.*:/home/$1/\1:.*$" /etc/passwd | cut -f1 -d:)

# Then delete the users and group
if [ -z $USERLIST ]; then
    echo "ERROR: There were no users found for group $1"
    exit 1
fi
for user in $USERLIST ; do
   userdel -r $user
   rm -r /home/$1/$user
   smbpasswd -x $user
done

groupdel $1

drhart4000 · 09-02-2006, 10:36 AM

tanks, ill try it when i get a chance. Looks good, great job

centauricw · 09-05-2006, 01:08 PM

ntubski: My original code did not take into account if the group was the user's primary group, in which case they wouldn't be listed as users in the group file. Thanks for the mod to handle this.