I was asked in an exam to create a bash script that, putting a text file and a group name as parameters, would create users with the data contained in the text file.
Example of entry of the students.txt file:
juanmanuel;delrio;delafuente;77776666T
ander;errasti;basterretxea;77778888X
Two users will be created with the following information:
- juanmanuel and key: 77776666T
- ander and key: 77778888X
The following parameters will be passed to the script:
./altaalumnos.sh alumnos.txt curso2
where high-students.sh is the name of the script, students.txt is the file that contains the data separated by ";" and course2 is the name of the group to which the students will belong
Ok, I attach the code:
#!/bin/bash
if [ -z $1 ];then
echo "No ha ingresado ningun archivo de texto"
elif [ -f $1 ];then
group=$(cat /etc/group | grep "$2")
if [ "$group" ];then
lineas=$(wc -l $1 | cut -d\ -f1) #numero de lineas que tiene alumnos.txt
for (( i = 1; i <= $lineas; i++ )); do
sudo useradd -g $2 $(cat $1 | head -n $i | tail -1 | cut -d\; -f1) -p $(cat $1 | head -n $i | tail -1 | cut -d\; -f4)
done
echo "Usuarios creados con exito."
else
echo "El grupo $2 no existe."
echo "Creando el grupo $2 ..."
sudo groupadd "$2"
echo "Grupo $2 creado."
echo "Creando usuarios..."
lineas=$(wc -l $1 | cut -d\ -f1) #numero de lineas que tiene alumnos.txt
for (( i = 1; i <= $lineas; i++ )); do
sudo useradd -g $2 $(cat $1 | head -n $i | tail -1 | cut -d\; -f1) -p $(cat $1 | head -n $i | tail -1 | cut -d\; -f4)
done
fi
else
echo "No existe el archivo de texto $1 ."
fi
After executing the code with the command:
chmod +x altaalumnos.sh
./altaalumnos.sh alumnos.txt curso2
I make:
cat /etc/passwd
and I see that the users juanmanuel and ander have been created and both belong to the same group. Everything is fine there, the problem is that when I want to change the user to know if the password is the one in the .txt I do the command:
su juanmanuel
I put the password 77776666T but it tells me authentication failure and with ander the same. I have tried to put other data in the .txt like: daniel;garcia;perez;1234 and it keeps giving me the same error.
This answer is a continuation of what @r4ziel commented in his.
The reason is that the password you type '77776666T' would have to be the one encrypted by some encryption algorithm.
A tool that can be useful to us is
mkpasswd
.Let's put the case that we want the password to be '77776666T', then let's operate:
And that would be all. The user would have to be added with the password "77776666T".
The encryption algorithm that we ask the program to implement
mkpasswd
is SHA-256 , in addition to that, with the parameter-S
we add a salt to increase the security of our password.Something that could interest us would be to review the string compared to what was stored in the information of said user, that is, the encrypted string would have to be like this:
And that information should be a piece of what the output of the file shows us
/etc/shadow
Namely:
Which reinforces our knowledge that the password that was entered in the
-p
using parameteruseradd
was stored in plain text in the/etc/passwd
.This is knowing that
shadow(5)
the second field of the file is set to be the encrypted password.It is a very common mistake, to set the password you must encrypt it when you do useradd, then I leave you a piece of the manual.
Cheers!