Tuesday, April 5, 2011

Adding Loads of Users to a Linux System

While I'm a bit of a Linux fanboy, I do find a lot of the community to be irritating at best - unhelpful at worst.

For example, I was running Ubuntu and found an issue with my video card where if I was running a 3d desktop, it would crash if I tried to use a second monitor. The issue was to do with the combined desktop size - so if one monitor is at 1024x600 and the other  monitor supports 1920x1200, then the combined desktop size is 2944x1200 (if the monitors are side by side). The issue occurred when the combined width was more than 2048.

So I wrote a script that limited the output on the second monitor to within those limits. The problem was that I couldn't for the life of me figure out how to replace Ubuntu's way of switching displays. When I asked around I got the usual "Why would you want to do that?" soon followed up by "It's a hardware fault". Like I said. Unhelpful. I know it's a fault - that's why I'm trying to fix it.

That was the final straw and I ended up moving away from Ubuntu on my personal computer as a result.

So where is this all leading? There are other bits and pieces in Linux that, although they may be risky and oft times ill advised, they do save A LOT of time. So I've decided to start documenting these bits and pieces.

Hopefully this will help other people out there - and if it doesn't I'll have some notes that will hopefully save me time.

So to add a user non-interactively...

Why is this useful? If you had a list of users you wanted to add to a system, or in my case, needed to write a wrapper around adding a user (in order to make it child friendly for people who shouldn't have to worry about the fact that they're running something other than Windows or OS X), then this comes in really handy.

adduser -p "$( mkpasswd -m SHA-512 $PASSWD )" $USERNAME -G group1,group2

So adduser obviously adds a user. The -p lets you specify a password. Mkpassword creates a hash of the password (basically a one-way algorithm to create a "signature" of the password which is why you normally have to reset a password rather than finding out what the password is).

So to add multiple users, you'd probably put things into a loop - something along the lines of:

#!/bin/bash
GROUPS=disk,wheel,usb
exec 4< /path/to/file
while read <&4 ; do
  adduser -p "$( mkpasswd -m SHA-512 $( echo $REPLY | cut -f 2 -d " " ))" $( echo $REPLY -f 1 -d " " ) -G $GROUPS
done

Where the file is a "username password" pair. I haven't actually tested this script so it might not work but it's got the guts at the very least.

2 comments:

  1. You're missing a cut in the command, change:
    adduser -p "$( mkpasswd -m SHA-512 $( echo $REPLY | cut -f 2 -d " " ))" $( echo $REPLY -f 1 -d " " )

    To:
    adduser -p "$( mkpasswd -m SHA-512 $( echo $REPLY | cut -f 2 -d " " ))" $( echo $REPLY |cut -f 1 -d " " )

    Otherwise it looks like it should work, I partially tested it (didn't actually run adduser) and found the system I was testing on didn't have mkpasswd installed. Otherwise the information echoed out correctly.
    I'm curious as to why you're using exec with a file redirector to read the file over something like cat. Eg you could:
    cat /path/to/file | while read line; do echo $line; done

    Admittedly cat | while read does have its' own problems. I had some grief with it a while back the details of which escape me now (something about that method creating another process or instance). It would be nice to know that exec is a valid alternative and why it works. The man page on exec isn't very forthcoming on how it actually parses a file into output.

    Ian

    ReplyDelete
  2. Whoa! Someoene's keeping track.

    It's the solution I found on the net when desperately looking for a solution to reading a line. So I don't understand it terribly well. I do like the cat approach. That's something I understand though I'm going to have to get a bit more clued up on file descriptors.

    A friend is currently doing an assignment to do this same sort of thing. I might publish my version of a solution on here after the due date for the assignment has been and gone.

    ReplyDelete