MLUG: Mizzou Linux Users GroupHome | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact
MLUG: Re: [MLUG] Simple command to add a user to a group?
Re: [MLUG] Simple command to add a user to a group?
Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
On Sun, 15 Jan 2006, Adam Procter wrote:

Mark Rages wrote: 
Here's a message I wrote to a specialty mailing list.

Does anyone in MLUG know a simple way to add a user to a group, while leaving the user in the groups he already belongs to?

I don't think adduser/addgroup are completely standard, but Debian at least allows "adduser adam lusers".


On Red Hat there are groupadd and useradd commands, and also groupmod, groupdel, usermod, userdel, and userhelper (all in /usr/sbin). I use useradd to add users. This is from the man page for usermod:

 -g initial_group
     The group name or number of the user's new initial login  group.
     The  group  name  must  exist.   A group number must refer to an
     already existing group.  The default group number is 1.

 -G group,[...]
     A list of supplementary groups which the user is also  a  member
     of.   Each  group is separated from the next by a comma, with no
     intervening whitespace.  The groups  are  subject  to  the  same
     restrictions as the group given with the -g option.  If the user
     is currently a member of a group which is not listed,  the  user
     will be removed from the group

One of the tricky issues with useradd (and probably the others) is in dealing with passwords from the command line. According to the useradd man page:

 -p passwd
     The encrypted password, as returned by crypt(3).  The default is
     to disable the account.

Which means that "passwd" must be the *encrypted* password which will be placed in the /etc/shadow file. To make the encrypted password from the ordinary unencrypted password, you can do this:

perl -le 'print crypt("password", "salt");'

...where 'password' is the unencrypted password and 'salt' is the salt string (only the first two characters are used) for the crypt command. The first two characters of the output are the salt (any two characters). You could use it this way in a script:

set passwd=`perl -le 'print crypt("password", "salt");'`
useradd [....] -p $passwd

By the way, if you have root permissions on a UNIX/Linux machine, you can check that this works by reading /etc/shadow, entering your password and the first two characters of your encrypted password as your salt. This is your salt:

egrep '^username:' /etc/shadow | gawk -F':' '{print $2}' | cut -c -2

...where 'username' is your user name. I tried it and it worked perfectly.

I prefer to make a little script that will generate the accounts with the desired passwords, then I can delete the script when done and the passwords are not stored in the history file. This is very handy when I have to add accounts for students. I'll start with a file with names and student IDs and such and I'll use gawk to process that file into a simple script containing one useradd line per student. I run the script and the accounts are created.

Mike

_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members

Questions? Comments? Feel free to contact MLUG.
DMCA and other copyright information.