Scribd
Upload
7 views7 pages

Project-4 User Management in Linux

The document describes a comprehensive shell script for user management in Ubuntu, allowing administrators to create, delete, list, lock, and unlock users with various security checks. Key features include preventing duplicate accounts, confirming deletions, securely setting passwords, and adding users to groups. It also outlines real-world scenarios for user lifecycle management in an organization, emphasizing security and compliance.

Uploaded by

ASHOK
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views7 pages

Project-4 User Management in Linux

The document describes a comprehensive shell script for user management in Ubuntu, allowing administrators to create, delete, list, lock, and unlock users with various security checks. Key features include preventing duplicate accounts, confirming deletions, securely setting passwords, and adding users to groups. It also outlines real-world scenarios for user lifecycle management in an organization, emphasizing security and compliance.

Uploaded by

ASHOK
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Project-4 | User Management In Linux

Enrolment Link: https://www.devopsshack.com/courses/Batch-9--Zero-To-


Hero--DevSecOps--Cloud-DevOps-67bdb260b8143724f042a2f0
Comprehensive shell script for user management in Ubuntu. It allows you to create, delete,
list, and manage users with proper checks.
The script ensures:
 Users cannot create duplicate accounts.
 Deleting users confirms the action.
 Passwords are set securely.
 Users can be added to specific groups.
 It includes a help menu.
Features:
 Create users with a home directory and password.
 Delete users after confirmation.
 List all users.
 Lock/unlock users.
 Add users to groups.

Shell Script: user_management.sh


#!/bin/bash

# Script Name: user_management.sh


# Description: Manage users in Ubuntu (Create, Delete, List, Lock, Unlock)
# Usage: Run the script and choose the operation.
# Author: SHACKVERSE PRIVATE LIMITED

# Function to check if script is run as root


check_root() {
if [[ "$EUID" -ne 0 ]]; then
echo "Error: This script must be run as root." >&2
exit 1
fi
}

# Function to create a new user


create_user() {
read -p "Enter username to create: " username
if id "$username" &>/dev/null; then
echo "User '$username' already exists."
return
fi

read -s -p "Enter password for $username: " password


echo
useradd -m -s /bin/bash "$username"
echo "$username:$password" | chpasswd
echo "User '$username' created successfully."

read -p "Add user to a group? (y/n): " add_group


if [[ "$add_group" == "y" ]]; then
read -p "Enter group name: " groupname
if grep -q "^$groupname:" /etc/group; then
usermod -aG "$groupname" "$username"
echo "User '$username' added to group '$groupname'."
else
echo "Group '$groupname' does not exist."
fi
fi
}

# Function to delete a user


delete_user() {
read -p "Enter username to delete: " username
if ! id "$username" &>/dev/null; then
echo "User '$username' does not exist."
return
fi

read -p "Are you sure you want to delete user '$username'? (y/n): " confirm
if [[ "$confirm" == "y" ]]; then
userdel -r "$username"
echo "User '$username' deleted successfully."
else
echo "User deletion aborted."
fi
}

# Function to list all users


list_users() {
echo "Listing all system users:"
awk -F':' '{ print $1 }' /etc/passwd
}

# Function to lock a user


lock_user() {
read -p "Enter username to lock: " username
if id "$username" &>/dev/null; then
passwd -l "$username"
echo "User '$username' has been locked."
else
echo "User '$username' does not exist."
fi
}

# Function to unlock a user


unlock_user() {
read -p "Enter username to unlock: " username
if id "$username" &>/dev/null; then
passwd -u "$username"
echo "User '$username' has been unlocked."
else
echo "User '$username' does not exist."
fi
}

# Function to show menu


show_menu() {
echo "--------------------------------------"
echo " Ubuntu User Management Script "
echo "--------------------------------------"
echo "1) Create a new user"
echo "2) Delete a user"
echo "3) List all users"
echo "4) Lock a user"
echo "5) Unlock a user"
echo "6) Exit"
echo "--------------------------------------"
}

# Main script execution


check_root

while true; do
show_menu
read -p "Choose an option: " choice

case $choice in
1) create_user ;;
2) delete_user ;;
3) list_users ;;
4) lock_user ;;
5) unlock_user ;;
6) echo "Exiting..."; exit 0 ;;
*) echo "Invalid option. Please select a valid choice." ;;
esac
done

How to Use the Script


1. Make the script executable:
chmod +x user_management.sh
2. Run the script as root:
sudo ./user_management.sh
3. Follow the on-screen prompts to create, delete, list, lock, or unlock users.

Security & Best Practices


 The script ensures only root users can manage accounts.
 Passwords are set securely.
 Users are prompted before deletion to avoid accidental removals.
 Users can be added to groups during creation.

Real-World Scenario: User Management in an Organization Using This Script


In an organization, managing users efficiently is crucial for security, compliance, and
operational continuity. This script can be used by system administrators and DevOps
engineers to create, delete, manage, and control access to user accounts in a structured
and secure manner.

📌 Scenario: User Lifecycle Management in a Company


1️. New Employee Joins the Company
Example: A new DevOps Engineer named John Doe joins the company, and HR informs IT
that he needs access.
🔹 IT Admin uses the script to create a user:
sudo ./user_management.sh
 Selects option 1 (Create a new user).
 Enters the username: johndoe
 Sets a password.
 Adds John to the devops group.
🔹 Outcome:
 John now has a home directory /home/johndoe.
 He is added to the devops group, so he has appropriate permissions.
 He can now log in and start working.

2️. Temporary User Access for Contractors


Example: A contractor (Alice) joins the team for 2 months to work on a security audit.
🔹 IT Admin creates a temporary user:
 Runs the script and creates alice_temp.
 Adds Alice to the security group.
 Uses chage to set an expiration date for the user:

sudo chage -E 2025-05-01 alice_temp


 This ensures her access is automatically revoked after 2 months.
🔹 Outcome:
 Alice can work without the risk of forgetting to remove her account later.
 IT can audit and control temporary access effectively.

3️. Employee Leaves the Company (User Deletion)


Example: John Doe resigns from the company.
🔹 IT Admin uses the script to delete John’s account:
sudo ./user_management.sh
 Selects option 2 (Delete a user).
 Confirms deletion.
🔹 Outcome:
 John’s user account is completely removed, along with his home directory.
 Prevents ex-employees from accessing company resources.
4️. Security Measures: Locking and Unlocking Accounts
Example 1: Mark from Finance is on a 2-month leave.
 Instead of deleting his account, IT locks it:

sudo ./user_management.sh
o Selects option 4 (Lock a user).
o Enters mark.
🔹 Outcome: Mark's account is locked until he returns.
Example 2: When Mark returns, IT unlocks his account:
sudo ./user_management.sh
 Selects option 5 (Unlock a user).
🔹 Outcome: Mark can log in again without recreating his account.

5️. Security & Compliance: Listing Users


To audit user accounts and find unauthorized users:
sudo ./user_management.sh
 Selects option 3 (List all users).
 Admin can check for orphaned accounts (users who no longer work in the company).
🔹 Outcome: Ensures only valid employees have access to the system.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy