เทคนิคการเพิ่ม user ในระบบ linux คราวละมากๆ
บันทึกนี้ปรับปรุงล่าสุดเมื่อวันที่ 10-07-2561
ดูแลโดย WIBOON
- ทดสอบกับ linux ubuntu server 14.04, 18.04
- เป็นวิธีการเพิ่ม user ในระบบ linux คราวละมากๆ ด้วย shell script สำหรับ 1สร้างไฟล์รายชื่อ 2เพิ่ม user และ 3ลบ user
- ต้องมีการติดตั้งโปรแกรมชื่อ apg เพื่อทำชุดตัวอักษรแบบ random และโปรแกรม mkpasswd เพื่อสร้างรหัสผ่านอัตโนมัติในขณะเพิ่ม user (/etc/shadow) โดยที่ใน script จะมีการตรวจสอบให้ว่ามีโปรแกรมที่จำเป็นอยู่หรือไม่
วิธีนำไปใช้
ดาวน์โหลด shell script มาติดตั้ง
wget ftp.psu.ac.th/pub/psu-installer/bulkuseradd/makeusername.sh
wget ftp.psu.ac.th/pub/psu-installer/bulkuseradd/bulkuseradd.sh
wget ftp.psu.ac.th/pub/psu-installer/bulkuseradd/bulkuserdel.sh
สร้างไฟล์รายชื่อ
รัน bash makeusername.sh
จะมีคำแนะนำว่าต้องใส่ option ใดบ้าง
bash makeusername.sh name min max
เช่น
bash makeusername.sh student 1 3
จะได้ output คือ
student1
student2
student3
Do you wish to save to file? y
Enter filename: student-group1.txt
เพิ่ม user มากๆ จากไฟล์รายชื่อที่สร้างไว้
รัน sudo bash bulkuseradd.sh
จะมีคำแนะนำว่าต้องใส่ option ใดบ้าง
bash bulkuseradd.sh path/to/filename
เช่น
bash bulkuseradd.sh student-group1.txt
จะได้ output คือ
... Processing adding user student1
... Processing adding user student2
... Processing adding user student3
Finished, the original filename student-group1.txt replaced with student-group1.txt_yyyymmddhhmm.csv consists of lines with username:password format.
ตรวจสอบ
tail -3 /etc/passwd
จะได้ output คือ
student1:x:1007:1007::/home/student1:/bin/bash
student2:x:1008:1008::/home/student2:/bin/bash
student3:x:1009:1009::/home/student3:/bin/bash
และ
sudo tail -3 student-group1.txt_yyyymmddhhmm.csv
โดยที่ yyyy คือปีค.ศ. mm คือ เดือน dd คือวันที่ hh คือ ชม. mm คือ นาที ที่รัน script เพื่อเพิ่ม user
จะได้ output คือ
student1:4v9xys6zsh
student2:t3cn2n6aey
student3:7ac8yc54vx
ลบ user มากๆ
ให้สร้างไฟล์รายชื่อใหม่ด้วยคำสั่ง bash makeusername.sh student 1 3 ด้วยนะ เช่น ตั้งชื่อไฟล์ no-student-group1.txt
รัน sudo bash bulkuserdel.sh
จะมีคำแนะนำว่าต้องใส่ option ใดบ้าง
sudo bash bulkuserdel.sh path/to/filename
เช่น
sudo bash bulkuserdel.sh no-student-group1.txt
จะได้ output คือ
...Processing deleting user student1
userdel: student1 mail spool (/var/mail/student1) not found
...Processing deleting user student2
userdel: student2 mail spool (/var/mail/student2) not found
...Processing deleting user student3
userdel: student3 mail spool (/var/mail/student3) not found
Finished, the original filename no-student-group1.txt replaced with no-student-group1.txt_yyyymmddhhmm_del.csv consists of lines with username:status format.
ตรวจสอบ
sudo tail -3 no-student-group1.txt_yyyymmddhhrr_del.csv
จะได้ output ดังนี้
student1:deleted
student2:deleted
student3:deleted
[file: makeusername.sh]
#!/bin/bash
#updates WIBOON 2556-04-17
exitusage()
{
echo "usage: sh $0 name min max"
exit
}
checkinput()
{
echo $1 | grep -Eq '^(\+|-)?[0-9]+$'
return $?
}
if [ "$1" = "--help" ] ; then
exitusage
fi
if [ -z "$1" ] ; then
echo "need name"
exitusage
else
NAME=$1
fi
if [ -z "$2" ] ; then
echo "need min"
exitusage
else
checkinput $2 || exitusage && COUNT=$2
fi
if [ -z "$3" ] ; then
echo "need max"
exitusage
else
checkinput $3 || exitusage && MAX=$3
fi
PFILE=/tmp/$1.$$
while [ ${COUNT} -le ${MAX} ]
do
#STRPADD=`printf "%02d" ${COUNT}`
#echo "${NAME}${STRPADD}"
echo "${NAME}${COUNT}"
echo "${NAME}${COUNT}" >> ${PFILE}
COUNT=$(( ${COUNT} + 1 ))
done
while true; do
read -p "Do you wish to save to file? " yn
case $yn in
[Yy]* ) CONFIRM_SAVE="yes"; break;;
[Nn]* ) CONFIRM_SAVE="no"; break;;
* ) echo "Please answer y or n.";;
esac
done
if [ "${CONFIRM_SAVE}" = "no" ]; then
exit
fi
read -p "Enter filename: " filename
if [ -f $filename ] ; then
echo "$filename does exist"
else
cat ${PFILE} > $filename
rm ${PFILE}
fi
[file: bulkuseradd.sh]
#!/bin/bash
#updates by WIBOON 2558-01-29, 2561-07-10
#Add multiple users with bulk import
#You can import multiple users into the file server from a single file source. The file must be a text file and adhere to the required format.
#For example
#Filename: usergroup1
#user1
#user2
#user3
#
#When finished, the original filename will be replace with a filename_timestamp.csv consists of lines with username:password format.
exitusage()
{
echo "usage: sudo sh $0 path/to/filename"
echo "path/to/filename is a file consists of one username per line i.e."
echo "user1"
echo "user2"
exit
}
if [ -z "$(which apg)" ] ; then
echo "need program apg, try: sudo apt-get install apg"
exit
fi
if [ -z "$(which mkpasswd)" ] ; then
echo "need program mkpasswd, try: sudo apt-get install whois"
exit
fi
if [ -z "$(id -nG|grep -w "root")" ] ; then
echo "need root, or try: sudo sh $0"
exit
fi
if [ "$1" = "--help" ] ; then
exitusage
fi
if [ -z "$1" ] ; then
echo "need filename"
exitusage
fi
TODAY=$(date "+%Y%m%d%H%M")
IN_FILENAME=$1
HOME_DIR="/home"
OUT_FILENAME=${IN_FILENAME}_${TODAY}.csv
if [ ! -f ${IN_FILENAME} ] ; then
echo "File not found"
exit
fi
sudo touch ${OUT_FILENAME}
for USERDETAILS in $(cat ${IN_FILENAME})
do
MYUSER="$(echo ${USERDETAILS})"
PASSWD="$(apg -n 1 -a 1 -M nL -m 10 -x 10 -E ijl0oqg)"
echo "...Processing adding user ${MYUSER}"
if [ ! -z "$(getent passwd ${MYUSER})" ]; then
echo "username exist"
sudo echo "${MYUSER}:invalid" >> ${OUT_FILENAME}
else
sudo useradd -m -b ${HOME_DIR} -s /bin/bash ${MYUSER} -p `mkpasswd ${PASSWD}`
sudo echo "${MYUSER}:${PASSWD}" >> ${OUT_FILENAME}
fi
sleep 1
done
isnologin=false
if [ -f /sbin/nologin ] ; then
isnologin=true
NOLOGIN=/sbin/nologin
else
if [ -f /usr/sbin/nologin ] ; then
isnologin=true
NOLOGIN=/usr/sbin/nologin
else
if [ -f /bin/false ] ; then
isnologin=true
NOLOGIN=/bin/false
fi
fi
fi
if [ "${isnologin}" = "true" ]; then
while true; do
echo " "
echo "Do you want these users can remote access with ssh to server?"
echo "Answer y = have username and password and can remote access with ssh to server"
echo -n "Answer n = have username and password only"
read -p " {y/n)" yn
case $yn in
[Yy]* ) CONFIRM_ANS="yes"; break;;
[Nn]* ) CONFIRM_ANS="no"; break;;
* ) echo "Please answer y or n.";;
esac
done
if [ "${CONFIRM_ANS}" = "no" ]; then
echo "Modify user shell from /bin/bash to ${NOLOGIN}"
for USERDETAILS in $(cat ${OUT_FILENAME})
do
MYUSER="$(echo ${USERDETAILS}|cut -d':' -f1)"
if [ ! -z "$(getent passwd ${MYUSER})" ]; then
echo "modifying username ${MYUSER}"
sudo usermod -s ${NOLOGIN} ${MYUSER}
fi
sleep 1
done
fi
fi
sudo chmod go-rwx ${OUT_FILENAME}
sudo rm -f ${IN_FILENAME}
echo " "
echo "Finished, the original filename ${IN_FILENAME} replaced with ${OUT_FILENAME} consists of lines with username:password format."
#END
[file: bulkuserdel.sh]
#!/bin/bash
#updates by WIBOON 2558-01-29
#Delete multiple users
#You can delete multiple users from PSU-netdrive file server from a single file source. The file must be a text file and adhere to the required format.
#For example
#Filename: usergroup1
#user1
#user2
#user3
#
#When finished, the original filename will be replace with a filename_timestamp.csv consists of lines with username:status format.
exitusage()
{
echo "usage: sudo sh $0 path/to/filename"
echo "path/to/filename is a file consists of one username per line i.e."
echo "user1"
echo "user2"
exit
}
if [ -z "$(id -nG|grep -w "root")" ] ; then
echo "need root, or try: sudo sh $0"
exit
fi
if [ "$1" = "--help" ] ; then
exitusage
fi
if [ -z "$1" ] ; then
echo "need filename"
exitusage
fi
TODAY=$(date "+%Y%m%d%H%M")
IN_FILENAME=$1
HOME_DIR="/home"
OUT_FILENAME=${IN_FILENAME}_${TODAY}_del.csv
if [ ! -f ${IN_FILENAME} ] ; then
echo "File not found"
exit
fi
sudo touch ${OUT_FILENAME}
for USERDETAILS in $(cat ${IN_FILENAME})
do
MYUSER=$(echo ${USERDETAILS})
echo "...Processing deleting user ${MYUSER}"
if [ ! -z "$(getent passwd ${MYUSER})" ] ; then
sudo userdel -r ${MYUSER}
sudo echo "${MYUSER}:deleted" >> ${OUT_FILENAME}
else
sudo echo "${MYUSER}:invalid" >> ${OUT_FILENAME}
fi
done
sudo chmod go-rwx ${OUT_FILENAME}
sudo rm -f ${IN_FILENAME}
echo "Finished, the original filename ${IN_FILENAME} replaced with ${OUT_FILENAME} consists of lines with username:status format."
#END
