While most Unixes (all the ones i know of offhand) include useradd, when adding multiple users it becomes very nice (nay, necessary!) to have something a little more robust. However, such a topic is far too broad to include all the details here. A good place to start is Perl for System Administration. It covers pretty much everything you'll need to think about carefully when designing adduser,deleteuser, et al scripts.

Hope This Helps,
jynx

I have two opening remarks to make:

1. Very carefully! ;-)
2. You haven't really given enough information for an intelligent answer.

One of the variables involved here is weather or not you are running in a shadow'ed environment or not. This will slightly change the methodology. The basic steps of adding an account to a Unix (or Linux) box are as follows:

• Collecting the user information
  • User Account Name
  • User's personal name
  • Their password or generating a default password
  • Decide where their home directory is going to live.
  • Decide what shell they are going to use. (/bin/false?)
• Generate a crypted version their password
• Decide what numerical userid/groupid(s) they are being assigned
• write their /etc/password entry and optionally their /etc/shadow entry.
• create their home directory
• set the home directory's permissions and ownership
• copy any /etc/skel files or other standardized configuration files to the home directory and set their permissions and ownerships.
• drink a beer

Now that I have given you a short course on how to generate a unix account, you should be able to use the above guide to write your script. Really... it isn't all that hard...

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Peter L. Berghold --- Peter@Berghold.Net
"Those who fail to learn from history are condemned to repeat it."

Some comments:
• Users personal name is optional; it's a comment field.
• Default password????
• if they still use crypt, they should be sho^H^H^H locked up...
• ++ on the drink beer
My opinion at adding users: use useradd/adduser since it can automatically do most tasks (like autoguessing UID to use, creating homedir with /etc/skel, add *optional* personal name, encode the password correctly {even if it is crypt'ed}, set the correct permissions, etc). Don't roll your own !

If you're not used to doing stuff like that (let me repeat *if you're not used to doing stuff like that*) don't do it on a live box...

my $0.02

Greetz
Beatnik
... Quidquid perl dictum sit, altum viditur.

There are a few good reasons I can think of for writing your own script for generating accounts on a Unix box.

• In one environment where I did create a custom script for doing this I had a requirement that clericals were going to be adding in new accounts.

  To accomplish this I created a CGI that asked a few questions and used business rules to create the account.

• As in above if there are policies that you want to enforce that an adduser command has not been set up to deal with. For instance, spreading user accounts across multiple servers, putting users home directories across multiple mount points based on initials, etc. etc.
• In one case I administred a system where the adduser command was capricious, cantankerous, and downright unreliable.

---

Peter L. Berghold	Schooner Technology Consulting, Inc.
Peter@Berghold.Net	www.berghold.net

You missed some things:

     What is your site's policy on how to create user account names?
     Is there a server that has user uid/gid information already that 
+you can query?
        (Is it secure enough to do so?)
     After writing their passwd/shadow, do you need to push yp?
     Do you have to set quotas after creating accounts?
     Do your skel files look like <local.*> or just <.*>?
     Do you want to be nice and touch /etc/mail/<username> (and set ow
+ner/perms)?
     What kind of beer was that?  :-)
[download]

Really, if you're going to think of everything, don't forget the details. One of the problems with creating a script to add users is that you have to have site policy down cold so that you don't violate anything. It would be bad to be seen as having favorites because you created someone's account differently. Management doesn't take kindly to such things usually.

My original post here didn't state what was involved because i'm of the general disposition that anyone who has to ask what is involved shouldn't be writing the scripts. This is not meant as offense, it's just that they won't have as much understanding for what needs to happen and what policies to uphold (and which to bend). It doesn't seem all that hard, but if you want to be truly lazy, automate as much as possible...

Hope This Helps,
jynx

• Create the user home directory: Copy /etc/skel to /home/username
• Add the user entry to /etc/passwd and /etc/passwd- (if using shadow passwords)
• Dito for the users group: /etc/group and /etc/group-

There already is a quite useful little widget called "adduser" that probably comes with most unix systems

useradd is, I believe, more common than adduser (on my machine, adduser is symlinked to useradd).

There is another reason I forgot about for creating a custom login creation script. In one environment I was in user accounts, host namespace, and other goodies were kept in a RDBMS. Several times a day the user namespace would be rebuilt using a query to determine new accounts and build them and then rebuild the /etc/password file, /etc/shadow file, NIS, or NIS+ whichever poison was being used in a particular "zone". The passwords were stored in the RDMS already encrypted and users changed their password by interacting with a client app instead of the usual "passwd" command.

---

Peter L. Berghold	Schooner Technology Consulting, Inc.
Peter@Berghold.Net	www.berghold.net