Script to add user with password and access to wheel
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Script to add user with password and access to wheel
Good morning,
I am somewhat new to Linux. The root account at my job has been in use on about 16 servers by 6 users. I have been tasks to create the accounts on the 16 servers for the 6 users with sudo access. I know how to create a user, assign a password and add the account to the wheel group so they have SUDO access via CLI but to do this for 6 users on 16 users will be time consuming. I was wondering if there was a batch script I could run that I can configure the user info for the account, password and wheel access that I could run on the server to save time. If so, would someone be able to provide the batch info for that?
Good morning,
I am somewhat new to Linux. The root account at my job has been in use on about 16 servers by 6 users. I have been tasks to create the accounts on the 16 servers for the 6 users with sudo access. I know how to create a user, assign a password and add the account to the wheel group so they have SUDO access via CLI but to do this for 6 users on 16 users will be time consuming. I was wondering if there was a batch script I could run that I can configure the user info for the account, password and wheel access that I could run on the server to save time. If so, would someone be able to provide the batch info for that?
Read the "Question Guidelines" link in my posting signature, as well as the LQ Rules.
We are happy to help you if you're stuck, but we will NOT write your scripts for you. If you post what you've written/done/tried so far, we can gladly assist. But this is YOUR job...what efforts have you put forth? Reference any of the thousands of easily-found bash scripting tutorials, which will show you how to write a script that reads a list of user names, and executes commands for each one. That would set up the six users according to what you want, and should then be a matter of copying that script to the servers and executing it.
Read the "Question Guidelines" link in my posting signature, as well as the LQ Rules.
We are happy to help you if you're stuck, but we will NOT write your scripts for you. If you post what you've written/done/tried so far, we can gladly assist. But this is YOUR job...what efforts have you put forth? Reference any of the thousands of easily-found bash scripting tutorials, which will show you how to write a script that reads a list of user names, and executes commands for each one. That would set up the six users according to what you want, and should then be a matter of copying that script to the servers and executing it.
Distribution: openSUSE, Raspbian, Slackware. Previous: MacOS, Red Hat, Coherent, Consensys SVR4.2, Tru64, Solaris
Posts: 2,803
Rep:
Quote:
Originally Posted by nluck83
<snip>
I was wondering if there was a batch script I could run that I can configure the user info for the account, password and wheel access that I could run on the server to save time.
You could easily write such a script. I seriously doubt that one will be found that does exactly what you need to do.
I encountered a similar situation years ago. I created a simple data file with records like: "userid : uid : full name : initial-password" (the systems I was working with automatically pre-expired passwords forcing the user to change them---I encourage you to find a way to do this if it's not done by default on your systems) and fed that into a script that added the user (using "useradd") and invoked a commonly used Expect script to set the user's password. If memory serves, it was only a couple dozen lines or so.
Modifying a simple script like that to add those users to the "wheel" group shouldn't be difficult---you'll merely be appending ",userid" to the "wheel" record, right? You might be able to, depending on the contents of the "sudoers" file, just create a new section for the file that enables the new accounts to have the needed sudo access and append it to the file on each system.
While you're automating this, I'd be sure to include automating creating backup copies of any files you going to be modifying before actually making the modifications. I.e. something like "cp /etc/passwd /etc/passwd/pre-sudo-changes". Better to have those in case something goes awry in your script.
Good luck...
Last edited by rnturn; 08-01-2019 at 10:52 AM.
Reason: Fixed typo.
Seriously??? So instead of showing actual effort, you're going to approach your job by just asking folks for handouts?
Good luck, because you'll need it. Even if someone writes your script for you, your *JOB* is knowing how to do such things...what do you plan on actually doing the NEXT TIME you need a script? Ask someone else to write it for you, instead of learning how to do it yourself?? How long do you think you'll be able to get away with that?
You could easily write such a script. I seriously doubt that one will be found that does exactly what you need to do.
I encountered a similar situation years ago. I created a simple data file with records like: "userid : uid : full name : initial-password" (the systems I was working with automatically pre-expired passwords forcing the user to change them---I encourage you to find a way to do this if it's not done by default on your systems) and fed that into a script that added the user (using "useradd") and invoked a commonly used Expect script to set the user's password. If memory serves, it was only a couple dozen lines or so.
Modifying a simple script like that to add those users to the "wheel" group shouldn't be difficult---you'll merely be appending ",userid" to the "wheel" record, right? You might be able to, depending on the contents of the "sudoers" file, just create a new section for the file that enables the new accounts to have the needed sudo access and append it to the file on each system.
While you're automating this, I'd be sure to include automating creating backup copies of any files you going to be modifying before actually making the modifications. I.e. something like "cp /etc/passwd /etc/passwd/pre-sudo-changes". Better to have those in case something goes awry in your script.
Good luck...
Thanks for the info! This is very helpful and puts me in the right direction with this. Appreciate the help.
Thanks for the info! This is very helpful and puts me in the right direction with this. Appreciate the help.
Really? You essentially got told to write your own script...same as you were told initially. And I'm fairly certain that only 6 users on 16 servers would take less than 15 minutes to do by hand, via CLI. Same useradd command, append a second group, and just change the name. Can up-arrow and just remove the user name.
And not to argue with you, rnturn, but I'd not append anything directly to the group file, but use the "usermod" command with the -G flag, to add a new group. Much less room for error.
Distribution: openSUSE, Raspbian, Slackware. Previous: MacOS, Red Hat, Coherent, Consensys SVR4.2, Tru64, Solaris
Posts: 2,803
Rep:
Quote:
Originally Posted by TB0ne
And not to argue with you, rnturn, but I'd not append anything directly to the group file, but use the "usermod" command with the -G flag, to add a new group. Much less room for error.
Yes... much better/safer way to do it. I stand admonished. :^)
Yes... much better/safer way to do it. I stand admonished. :^)
Cheers...
No admonishment meant at all...I've done such appending in the past (and probably will again). Certainly has its time and place, but in this case, the OP wants to create users. A standard useradd statement is all that's needed. They probably won't even have to use the usermod command, since they can create a user, home directory, set the shell, and do group membership all at the same time with just the useradd command.
If a 'regular' user already has keyswaps done, and is in the sudoers file with no password, that's even easier. Script can be run from local workstation to loop through IP addresses and run a command via SSH. But...OP hasn't shown any efforts, so we have no idea what they have or have done.
Do not post any messages that are obscene, vulgar, sexually-orientated, hateful, threatening, hostile or insulting.
Personal attacks on others will not be tolerated.
Do not post if you do not have anything constructive to say in the post.
OP did state in their third post that they felt they felt they got information pointing them in a direction which helped them.
I'm fine with discussion continuing about the technical question and follow on points made by others which fall on topic with this thread question.
Continued comments relating back to the OP's first two posts, and especially where there have been no further posts made by the OP, are unacceptable, and fall along the lines above, or very close.
Please bear in mind that nluck83 may see continued technical discussion points and find them to be of merit, but may also choose to not comment further, especially if they feel their comments may be turned against them.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.