seattlejim
asked on
automate additions of users and passwords with shell script?
Hi there.
I'm currently writing a shell script that takes a csv file of userids, passwords, domain names, etc and automatically adds the user to the system, updates apache's httpd.conf with the new virtual domain info, sets up qmail, proftp, extra.
Anyways, I have run into a problem with the password though.
I was thinking I could just use the following:
useradd "userid" -p "password"
However, doing it this way just adds the password in clear text to the /etc/shadow file which I'm not keen to.
I then realized that I could expect to input the password with the passwd command, but since I don't know that syntax and I would like to keep things as simple as possible, I was wondering if anyone knew of a way to hash the passwd from the commandline in one shot.
Thanks.
I'm currently writing a shell script that takes a csv file of userids, passwords, domain names, etc and automatically adds the user to the system, updates apache's httpd.conf with the new virtual domain info, sets up qmail, proftp, extra.
Anyways, I have run into a problem with the password though.
I was thinking I could just use the following:
useradd "userid" -p "password"
However, doing it this way just adds the password in clear text to the /etc/shadow file which I'm not keen to.
I then realized that I could expect to input the password with the passwd command, but since I don't know that syntax and I would like to keep things as simple as possible, I was wondering if anyone knew of a way to hash the passwd from the commandline in one shot.
Thanks.
ASKER
okay that's where I'm confused. from what I understand I would need to write an expect sript and have the shell script send the info to it and have it run from there. Is it possible to use expect from within the shell script?
ok, what you need to do is to write an expect script to call your useradd script, or use your script to call an expect script to change the user passwd.
Here's an example expect script for change the user passwd.
(assume that expect is installed in /usr/local/bin)
#!/usr/local/bin/expect -f
# script chpass
# useage: chpass username password
set username [lindex $argv 0]
set pwd [lindex $argv 0]
spawn /usr/bin/passwd $username
expect "New password: "
send "$pwd\n"
expect "Re-enter new password: "
send "$pwd\n"
expect eof
#=========================
Note: you need to modify the expect strings as exactly show, in your system. just manually run :
passwd username
to verify it.
I hope this infor can help.
Cheers!
Here's an example expect script for change the user passwd.
(assume that expect is installed in /usr/local/bin)
#!/usr/local/bin/expect -f
# script chpass
# useage: chpass username password
set username [lindex $argv 0]
set pwd [lindex $argv 0]
spawn /usr/bin/passwd $username
expect "New password: "
send "$pwd\n"
expect "Re-enter new password: "
send "$pwd\n"
expect eof
#=========================
Note: you need to modify the expect strings as exactly show, in your system. just manually run :
passwd username
to verify it.
I hope this infor can help.
Cheers!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for the help. Before checking back here I came up with almost the same thing. Here's mine.
#!/use/bin/expect --
set user [lindex $argv 0]
set passwd [lindex $argv 1]
spawn sh
expect -ex "#" { send "passwd $user\n" }
expect -ex "password: " { send "$passwd\r" }
expect -ex "new password: " { send "$passwd\r" }
exit
#########
I like yours better though. I didn't realize that I could spawn to a program but now thinking about it why not. AGAIN THANKS FOR THE DIRECTION. I need it . I should get that script finished tonight when I go home.
Oh, my co-worker yesterday to use \r instead of \n with passwords and the like. Does it really matter?
#!/use/bin/expect --
set user [lindex $argv 0]
set passwd [lindex $argv 1]
spawn sh
expect -ex "#" { send "passwd $user\n" }
expect -ex "password: " { send "$passwd\r" }
expect -ex "new password: " { send "$passwd\r" }
exit
#########
I like yours better though. I didn't realize that I could spawn to a program but now thinking about it why not. AGAIN THANKS FOR THE DIRECTION. I need it . I should get that script finished tonight when I go home.
Oh, my co-worker yesterday to use \r instead of \n with passwords and the like. Does it really matter?
ASKER
i needed it, I meant to type. again thanks.
ASKER
coworker said
You need to have "expect" + TCL/TK install on your system.
information about expect (including script example can be found):
http://expect.nist.gov/
Hope the infor can help.