Hi -
Orignally I had inquired about a good way to add users for some folks who
aren't managers, but seem to (according to my bosses) need that ability. My
orignal post follows this.
I had six replies and that more or less indicated there is no care-free
painless way until Solaris 2.1 hits our shop for this to happen - at which
point I can let people use the clicky-tool to add users.
I got some suggestions for tring "MCP" which looked promising until I got to
the part in the README file telling me there isn't any gaurentee the YP code
will work. This put "mcp" in the same catagory as "nu" for us - looks good,
but isn't proven to work in NIS yet.
Others mentioned the "adduser" script from the "Unix System Administration
Handbook" (Nemeth/Snyder/Seebass) - it isn't as friendly as the others, and
isn't NIS aware either.
I had one script mailed to me (and is tagged on at just before my orignal
posting,) which looked very good, requires the user to enter the passwd file
info manually - while I like it, I don't trust the people who would be using
this script to be editing the password file directly.
Unfortuntally, it appears we will has to wrestle with this and combine
everything in to get what we want.
Thanks to those who responded:
Mateen Fikree <mfikree@sunspot.acs.syr.edu>
don@mars.dgrc.doc.ca (Donald McLachlan)
Jeffrey Marans <jeff@erie.irc.nrc.ca>
zinnato@NADC.NADC.NAVY.MIL
Perry_Hutchison.Portland@xerox.com
andrico@parcplace.com (Liesl Andrico)
----- Begin Included Message -----
>From zinnato@NADC.NADC.NAVY.MIL Mon Apr 5 07:17:25 1993
Date: Mon, 5 Apr 93 10:14:37 EDT
>From: zinnato@NADC.NADC.NAVY.MIL
To: slezakm
Subject: Re: Good way to add users?
Content-Length: 6763
here's the script we use:
#!/bin/sh
#
# Makeuser - Simple procedure for adding a user to the system.
#
# Usage: makeuser user [user] ...
#
SKELETON_DIR=/usr1/.skeleton
INITIAL_MAIL_FILE=$SKELETON_DIR/mail_message
NEWS_DIR=/var/news/.news_times
NEWS_ACCT=lnews
NETWORK_PASSWORD_FILE=/etc/passwd.yp
LOCAL_PASSWORD_FILE=/etc/passwd
TEMP_FILE=/tmp/makeuser.$$
ABORT_MSG="Adduser aborted."
PATH=/usr/local/etc:/etc/:/bin:/usr/bin:/usr/ucb ; export PATH
trap "rm -f $TEMP_FILE ; exit 1" 1 2 3
#
# Functions
#
edit_pw_file()
# Usage: edit_pw_file editor file
{
$1 $2
echo ''
echo -n "Okay to continue creation of account? (y, n) [n] "
read answer
case "$answer" in
[Yy]|[Yy][Ee][Ss])
return 0
;;
*)
return 1
;;
esac
}
#
# Main Routine
#
case "$#" in
0)
cat <<END_USAGE
Usage: $0 user [user] ...
Where user is a valid user name which has been added to either the
password file (/etc/passwd) or the yellow pages password database for
this domain.
END_USAGE
exit 1
;;
esac
cat <<END_MESSAGE
Adding new user(s) to the system. Hit the INTERRUPT key at any point
to abort this procedure.
END_MESSAGE
for user in $*
do
# Determine whether user is in one of the password files.
if pw_entry="`grep \^$user $LOCAL_PASSWORD_FILE 2>/dev/null"
then
# User is in the local password file.
echo "User \"$user\" is in the local password file."
elif pw_entry="`grep \^$user $NETWORK_PASSWORD_FILE 2>/dev/null`"
then
# User is in the network password file.
echo "User \"$user\" is in the network password file."
else
# Must add user to password file.
echo "Adding \"$user\" to password database."
added=FALSE
while [ "$added" = "FALSE" ]
do
echo -n "Will this user be a network user (N) or a local user (L)? [N]
"
read user_type
: ${user_type:=N}
case "$user_type" in
[Nn])
cat <<END_MESSAGE
Invoking vi on the network password file. Please add the entry for $user.
This procedure will resume when you exit vi.
END_MESSAGE
echo -n "Press RETURN to continue. "
read junk
password_file=$NETWORK_PASSWORD_FILE
edit_pw_file vi $password_file
if [ $? != 0 ]
then
echo "$ABORT_MSG"
exit 1
fi
echo "Updating the yellow pages databases..."
(cd /var/yp ; make passwd)
echo "Done updating yellow pages database."
added=TRUE
;;
[Ll])
cat <<END_MESSAGE
Invoking vi on the local password file. Please add the entry for $user.
This procedure will resume when you exit vi.
END_MESSAGE
echo -n "Press RETURN to continue. "
read junk
password_file=$LOCAL_PASSWORD_FILE
edit_pw_file vipw $password_file
if [ $? != 0 ]
then
echo "$ABORT_MSG"
exit 1
fi
added=TRUE
;;
*)
echo "Bad choice. Try again."
;;
esac
done
# Make sure the user was added to the file. (The person running
# the script may have decided not to add the entry after all.)
if pw_entry="`grep \^$user $password_file`"
then
# Okay.
:
else
echo "User \"$user\" is not in password file \"$password_file\""
echo "$ABORT_MSG"
exit 1
fi
fi
# Decode password entry. The awk script, below, decodes the passwd
# entry (stored in the pw_entry variable) into variable assignments,
# writing them to a file. This program then reads in that file.
echo $pw_entry |\
awk -F: '
{
printf "pw_user_id=%d\n", $3
printf "pw_group_id=%d\n", $4
printf "pw_home=%s\n", $6
printf "pw_shell=%s\n", $7
}
' >$TEMP_FILE
if [ $? != 0 ]
then
exit 1
else
. $TEMP_FILE
rm -f $TEMP_FILE
#
# First ensure that the home directory exists.
#
if [ ! -d "$pw_home" ]
then
echo -n "Making directory $pw_home..."
mkdir $pw_home
if [ $? != 0 ]
then
echo ''
echo "Can't make $pw_home."
exit 1
else
echo "done"
fi
else
#
# Home directory is already there. In case this is an "old"
# user, stop right here.
#
echo "Directory $pw_home already exists."
echo "$ABORT_MSG"
exit 1
fi
# Next, copy the relevent file from the skeleton directory to
# the user's home directory.
echo -n "Copying files from $SKELETON_DIR to $pw_home..."
cp $SKELETON_DIR/.[a-z]* $pw_home
if [ $? != 0 ]
then
echo ""
echo "Unable to copy files."
exit 1
else
echo "done"
fi
# Change the owner and group id information on all the files
# in the home directory.
echo -n "Changing permissions of $pw_home to 755 ..."
/bin/chmod -R 755 $pw_home
cd $pw_home
/bin/chmod 644 $pw_home/.[a-z]*
if [ $? != 0 ]
then
echo ""
echo "Unable to change permissions."
exit 1
else
echo "done"
fi
echo -n "Changing ownership of all files in $pw_home to $user..."
/etc/chown -R $user $pw_home
if [ $? != 0 ]
then
echo ""
echo "Unable to change ownership."
exit 1
else
echo "done"
fi
echo -n "Changing group id of all files in $pw_home to $pw_group_id..."
chgrp -R $pw_group_id $pw_home
if [ $? != 0 ]
then
echo ""
echo "Unable to change group id."
exit 1
else
echo "done"
fi
# Finally, send mail to the user.
echo -n "Sending initial mail message..."
touch /var/spool/mail/$user
chmod 600 /var/spool/mail/$user
/usr/ucb/mail -s "Welcome" $user <$INITIAL_MAIL_FILE
if [ $? != 0 ]
then
echo ""
echo "Unable to send mail."
exit 1
else
echo "done"
fi
fi
if [ -d "$NEWS_DIR" ]
then
echo -n "Touching news time file..."
touch $NEWS_DIR/$user
if [ $? != 0 ]
then
echo ""
echo "Unable to touch file."
exit 1
else
echo "done"
fi
chown $NEWS_ACCT.users $NEWS_DIR/$user
chmod 600 $NEWS_DIR/$user
fi
done
exit 0
----- End Included Message -----
Orignal Post
> From sun-managers-relay@ra.mcs.anl.gov Sun Apr 4 13:43:22 1993
> Sender: sun-managers-relay@ra.mcs.anl.gov
> Date: Thu, 1 Apr 93 23:23:33 PST
> From: Mark R. Slezak <slezakm>
> Reply-To: Mark R. Slezak <slezakm>
> Followup-To: junk
> To: sun-managers@eecs.nwu.edu
> Subject: Good way to add users?
> Content-Length: 1008
>
> Hi -
>
> I have a need to allow a few select people to add users in to my system,
and
> was wondering what folks are using out there as a semi-friendly way to do
it.
>
> My intutition was to grab a copy of nu (by Brian Reid, Erik Hedberg, Jeff
> Mogul, and Fred Yankowski of Stanford University - via the header of the
code)
> as it is easy to let figure out for the person adding the user. The problem I
> found is this program isn't NIS aware (the most current version I could find
> is time-stampped 1988).
>
> I know NeXT has modified the program to work with NetInfo for NeXTSTEP, but
> I'm not bright enought to see an easy way to make it NIS intellegent, and I
> can't seem to get mail through to the authors at Stanford. What are other
> people using for adding users?
>
> Thanks in advance!
>
> Mark. (206) 526-4131
> +------------------------------------------------------------------------+
> Mark R. Slezak slezakm@afsc.noaa.gov
>
Mark. (206) 526-4131
+------------------------------------------------------------------------+
Mark R. Slezak slezakm@afsc.noaa.gov
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:07:42 CDT