Skip to content

Instantly share code, notes, and snippets.

@colearendt

colearendt/README.md

Last active July 29, 2021 09:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save colearendt/f958d57a863810de2a999ea8e59a7146 to your computer and use it in GitHub Desktop.
Save colearendt/f958d57a863810de2a999ea8e59a7146 to your computer and use it in GitHub Desktop.
Download ZIP
Generate a user-generation script
Raw
README.md

Generate User Creation

Sometimes it is nice to have a simple way to "reproduce users" on a system

i.e. my server is connected to LDAP and has users / groups defined. I want to be able to create the same UIDs/GIDs without joining to the LDAP server.

This script is designed to help.

  • Run it on the server where users are defined.
  • It loops through users, code-generating a shell script that can "recreate" those users with proper UID/GID
  • Save the output script and transport it to where you need it (docker containers, etc.)

Disclaimer

Ok. In an ideal world, we probably wouldn't need this. But in all cases ( 😉 ), "ideal world" != "real world"

Example usage:

# make script executable
chmod +x generate_user_creation.sh

# basic usage
# ./generate_user_creation.sh << space delimited usernames >>
./generate_user_creation.sh colearendt other-user

# to see only the script output
./generate_user_creation.sh colearendt other-user 2>/dev/null

# to build the generation script and see logs in the terminal
./generate_user_creation.sh colearendt other-user > my_script.sh

Notes

  • Users who do not exist / have an error will be skipped
  • useradd / groupadd commands for existing users / groups will error, but set -e is not in use, so the output script will continue
  • stdout is for the script, stderr is for logging
  • I have not tested thorougly with invalid user / group names. Add parameters / customize as needed for your own case!
Raw
generate_user_creation.sh
#!/bin/bash
# all stdout is used for creating a script
# all stderr is used for messages / logging
# output script setup
cat <<$HERE$
#!/bin/bash
# script for user creation output
$HERE$
for usr in $@; do
echo "Setting up user: $usr" >&2;
id_output=$(id $usr)
id_code=$?
grplist=$(echo "$id_output" | sed 's/.*groups=//')
grplist_code=$?
if [[ $id_code != 0 ]] || [[ $grplist_code != 0 ]]; then
echo "---> Error code $id_code, $grplist_code finding groups for user: $usr" >&2
continue
# else
# echo "Got error code: $id_code, $grplist_code"
fi
usr_id=$(echo "$id_output" | sed 's/.*uid=//' | sed 's/(.*//')
usr_gid=$(echo "$id_output" | sed 's/.*gid=//' | sed 's/(.*//' | sed 's/ groups=.*//')
# set up user provisioning and group membership
cat <<$HERE$
# ------------------------------
# $usr
# ------------------------------
# (possibly redundant) group creation
$HERE$
usr_grps=''
for grp in $(echo "$grplist" | sed 's/,/ /g'); do
echo "---> Setting up group: $grp" >&2
grpid=$(echo "$grp" | sed 's/(.*//')
echo "---> groupid: $grpid" >&2
grpname=$(echo "$grp" | sed 's/.*(//' | sed 's/)$//')
echo "---> groupname: $grpname" >&2
# make sure these commands are idempotent
cat <<$HERE$
groupadd $grpname -g $grpid
$HERE$
# build up group add command for user membership
usr_grps=${usr_grps},${grpid}
done
usr_grps=$(echo "$usr_grps" | sed 's/^,//')
echo "---> Using user group membership string: $usr_grps" >&2
# set up user provisioning and group membership
cat <<$HERE$
# user creation
useradd -m -u $usr_id -g $usr_gid -G $usr_grps $usr
$HERE$
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment