Beefy Boxes and Bandwidth Generously Provided by pair Networks
The stupid question is the question not asked

How do I add a new Unix user?

by Anonymous Monk
on May 23, 2001 at 23:10 UTC ( #82680=perlquestion: print w/replies, xml ) Need Help??

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

How can I write a perl script to add a new unix user, that means give an account for a new user.



Edit: chipmunk 2001-05-23

Replies are listed 'Best First'.
Re: How do I add a new Unix user?
by jynx (Priest) on May 24, 2001 at 00:32 UTC

    It might be worth noting,

    While most Unixes (all the ones i know of offhand) include useradd, when adding multiple users it becomes very nice (nay, necessary!) to have something a little more robust. However, such a topic is far too broad to include all the details here. A good place to start is Perl for System Administration. It covers pretty much everything you'll need to think about carefully when designing adduser,deleteuser, et al scripts.

    Hope This Helps,

Re: How do I add a new Unix user?
by jink (Scribe) on May 31, 2001 at 00:21 UTC
    The adduser that comes with FreeBSD (4.3 ao) _is_ perl. Very, very ugly perl, but perl nonetheless. I think it's OK to distribute it, as long as you keep the copyright notice in there, etc. So I put it here for you guys 'n' girls to download.


    All Camels are equal, but some Camels are more equal than others.
Re: How do I add a new Unix user?
by blue_cowdawg (Monsignor) on May 24, 2001 at 00:57 UTC

    I have two opening remarks to make:

    1. Very carefully! ;-)
    2. You haven't really given enough information for an intelligent answer.

    One of the variables involved here is weather or not you are running in a shadow'ed environment or not. This will slightly change the methodology. The basic steps of adding an account to a Unix (or Linux) box are as follows:

    • Collecting the user information
      • User Account Name
      • User's personal name
      • Their password or generating a default password
      • Decide where their home directory is going to live.
      • Decide what shell they are going to use. (/bin/false?)
    • Generate a crypted version their password
    • Decide what numerical userid/groupid(s) they are being assigned
    • write their /etc/password entry and optionally their /etc/shadow entry.
    • create their home directory
    • set the home directory's permissions and ownership
    • copy any /etc/skel files or other standardized configuration files to the home directory and set their permissions and ownerships.
    • drink a beer

    Now that I have given you a short course on how to generate a unix account, you should be able to use the above guide to write your script. Really... it isn't all that hard...

    Peter L. Berghold --- Peter@Berghold.Net
    "Those who fail to learn from history are condemned to repeat it."
      Some comments:
      • Users personal name is optional; it's a comment field.
      • Default password????
      • if they still use crypt, they should be sho^H^H^H locked up...
      • ++ on the drink beer
      My opinion at adding users: use useradd/adduser since it can automatically do most tasks (like autoguessing UID to use, creating homedir with /etc/skel, add *optional* personal name, encode the password correctly {even if it is crypt'ed}, set the correct permissions, etc). Don't roll your own !

      If you're not used to doing stuff like that (let me repeat *if you're not used to doing stuff like that*) don't do it on a live box...

      my $0.02

      ... Quidquid perl dictum sit, altum viditur.

        There are a few good reasons I can think of for writing your own script for generating accounts on a Unix box.

        • In one environment where I did create a custom script for doing this I had a requirement that clericals were going to be adding in new accounts.

          To accomplish this I created a CGI that asked a few questions and used business rules to create the account.

        • As in above if there are policies that you want to enforce that an adduser command has not been set up to deal with. For instance, spreading user accounts across multiple servers, putting users home directories across multiple mount points based on initials, etc. etc.
        • In one case I administred a system where the adduser command was capricious, cantankerous, and downright unreliable.

        Peter L. BergholdSchooner Technology Consulting, Inc.

      You missed some things:
      What is your site's policy on how to create user account names? Is there a server that has user uid/gid information already that +you can query? (Is it secure enough to do so?) After writing their passwd/shadow, do you need to push yp? Do you have to set quotas after creating accounts? Do your skel files look like <local.*> or just <.*>? Do you want to be nice and touch /etc/mail/<username> (and set ow +ner/perms)? What kind of beer was that? :-)
      Really, if you're going to think of everything, don't forget the details. One of the problems with creating a script to add users is that you have to have site policy down cold so that you don't violate anything. It would be bad to be seen as having favorites because you created someone's account differently. Management doesn't take kindly to such things usually.

      My original post here didn't state what was involved because i'm of the general disposition that anyone who has to ask what is involved shouldn't be writing the scripts. This is not meant as offense, it's just that they won't have as much understanding for what needs to happen and what policies to uphold (and which to bend). It doesn't seem all that hard, but if you want to be truly lazy, automate as much as possible...

      Hope This Helps,

Re: script
by odie (Sexton) on May 23, 2001 at 23:15 UTC
    While quite possible, the question remains, why? There already is a quite useful little widget called "adduser" that probably comes with most unix systems. It's quite effective.
    If you want to do it manually, I THINK this would suffice:
    • Create the user home directory: Copy /etc/skel to /home/username
    • Add the user entry to /etc/passwd and /etc/passwd- (if using shadow passwords)
    • Dito for the users group: /etc/group and /etc/group-
    I think that would be enough. Then again, I am not quite sure.


    I am a manual signature virus. Copy me please!
      There already is a quite useful little widget called "adduser" that probably comes with most unix systems

      useradd is, I believe, more common than adduser (on my machine, adduser is symlinked to useradd).
Re: How do I add a new Unix user?
by perigeeV (Hermit) on May 24, 2001 at 01:24 UTC
    The above answers are are good. I've commonly had to add custom features to account creation, but I usually build it as a wrapper around useradd/adduser. Mainly customizations center around site-specific elements, such as unique mail handling/configuration, quotas, sudo capabilities, and group management.

      There is another reason I forgot about for creating a custom login creation script. In one environment I was in user accounts, host namespace, and other goodies were kept in a RDBMS. Several times a day the user namespace would be rebuilt using a query to determine new accounts and build them and then rebuild the /etc/password file, /etc/shadow file, NIS, or NIS+ whichever poison was being used in a particular "zone". The passwords were stored in the RDMS already encrypted and users changed their password by interacting with a client app instead of the usual "passwd" command.

      Peter L. BergholdSchooner Technology Consulting, Inc.

Log In?

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://82680]
Approved by root
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (4)
As of 2021-09-27 19:48 GMT
Find Nodes?
    Voting Booth?

    No recent polls found