Difference between revisions of "Linux Januar 2012/Add users"

From Teknologisk videncenter
Jump to: navigation, search
m
m
 
(4 intermediate revisions by the same user not shown)
Line 18: Line 18:
 
</source>
 
</source>
 
==File: /etc/sudoers==
 
==File: /etc/sudoers==
Add the following line to '''/etc/sudoers''' using visudo
+
Add the following line to '''/etc/sudoers''' using visudo.
 
<source lang=bash>
 
<source lang=bash>
ny ALL = NOPASSWD: /usr/sbin/adduser [a-zA-Z0-9]*
+
ny ALL = NOPASSWD: /usr/sbin/adduser --gecos [a-zA-Z0-9]* [a-zA-Z0-9]*
 
</source>
 
</source>
 +
;Remark:This line should be commented out when the students have added them selves.
 +
 
==File: /home/ny/bin/nybruger==
 
==File: /home/ny/bin/nybruger==
 
Create the '''/home/ny/bin''' directory and add the file '''/home/ny/bin/nybruger''' with the following content. (Remember to change mode to executable)
 
Create the '''/home/ny/bin''' directory and add the file '''/home/ny/bin/nybruger''' with the following content. (Remember to change mode to executable)
Line 30: Line 32:
 
echo -e "                        ============="
 
echo -e "                        ============="
 
echo -e "\n\n\nIndtast dit ønskede bruger login. Et ord indeholdene bogstaver eller/og tal."
 
echo -e "\n\n\nIndtast dit ønskede bruger login. Et ord indeholdene bogstaver eller/og tal."
echo -en "\nBruger login: "
+
LOOP=1
read LOGIN
+
while test $LOOP -eq 1
 +
do
 +
  echo -en "\nBruger login: "
 +
  read LOGIN
 +
  if echo -n $LOGIN | grep -E "^[0-9A-Za-z]*$"  >/dev/null  2>&1
 +
  then
 +
    if grep $LOGIN /etc/passwd  >/dev/null  2>&1
 +
    then
 +
    echo -e "Det valgte bruger login er allerede i brug!!!"
 +
    else
 +
    LOOP=0
 +
    fi
 +
  else
 +
    echo -e "login navnet skal være ET ord bestående af bogstaver a-z, A-Z eller tal 0-9"
 +
  fi
 +
done
 +
 
 
sudo /usr/sbin/adduser $LOGIN
 
sudo /usr/sbin/adduser $LOGIN
 
if grep $LOGIN /etc/passwd
 
if grep $LOGIN /etc/passwd
 
then
 
then
 
   COUNT=5
 
   COUNT=5
   while test "$COUNT" -gt 0
+
   while test $COUNT -gt 0
 
   do
 
   do
 
     echo -en "\r Bruger $LOGIN oprettet. Sessionen afsluttes om $COUNT sekunder"
 
     echo -en "\r Bruger $LOGIN oprettet. Sessionen afsluttes om $COUNT sekunder"
     let COUNT=COUNT-1
+
     $((COUNT-=1)) 2> /dev/null
 
     sleep 1
 
     sleep 1
 
   done
 
   done
 
else
 
else
 
COUNT=5
 
COUNT=5
   while test "$COUNT" -gt 0
+
   while test $COUNT -gt 0
 
   do
 
   do
 
     echo -en "\r FEJL: Bruger $LOGIN er IKKE oprettet. Sessionen afsluttes om $COUNT sekunder"
 
     echo -en "\r FEJL: Bruger $LOGIN er IKKE oprettet. Sessionen afsluttes om $COUNT sekunder"
     let COUNT=COUNT-1
+
     $((COUNT-=1)) 2> /dev/null
 
     sleep 1
 
     sleep 1
 
   done
 
   done
Line 53: Line 71:
 
exit
 
exit
 
</source>
 
</source>
 +
 +
=Security=
 +
Change all files to root ownership so the students cant change the script catching other students passwords etc.
 +
<source lang=bash>
 +
chown root:root /home/ny
 +
chown root:root /home/ny/.profile
 +
chown root:root /home/ny/bin
 +
chown root:root /home/ny/bin/nybruger
 +
</source>
 +
 
[[Category:Linux]]
 
[[Category:Linux]]

Latest revision as of 09:46, 12 September 2018

Purpose

When adding students on a Linux/UNIX box its desirable to let the students choice their own login names.

How to add student logins

Make a username and password public to the students. When the students login they are prompted for desired loginname/password

Adding the create-students account

Add user ny with password ny or whatever username/password you prefer to make public to the students. remember to change all references in the following to the username you choice.

File: /home/ny/.profile

Add the following line to the start of /home/ny/.profile

trap '' 1 2 3 15

Add the following two lines to the end of /home/ny/.profile

/home/ny/bin/nybruger
exit

File: /etc/sudoers

Add the following line to /etc/sudoers using visudo.

ny ALL = NOPASSWD: /usr/sbin/adduser --gecos [a-zA-Z0-9]* [a-zA-Z0-9]*
Remark
This line should be commented out when the students have added them selves.

File: /home/ny/bin/nybruger

Create the /home/ny/bin directory and add the file /home/ny/bin/nybruger with the following content. (Remember to change mode to executable)

#!/bin/bash
tput clear
echo -e "                        Tilføj bruger"
echo -e "                        ============="
echo -e "\n\n\nIndtast dit ønskede bruger login. Et ord indeholdene bogstaver eller/og tal."
LOOP=1
while test $LOOP -eq 1
do
  echo -en "\nBruger login: "
  read LOGIN
  if echo -n $LOGIN | grep -E "^[0-9A-Za-z]*$"  >/dev/null  2>&1
  then
    if grep $LOGIN /etc/passwd  >/dev/null  2>&1
    then
     echo -e "Det valgte bruger login er allerede i brug!!!"
    else
     LOOP=0
    fi
  else
    echo -e "login navnet skal være ET ord bestående af bogstaver a-z, A-Z eller tal 0-9"
  fi
done

sudo /usr/sbin/adduser $LOGIN
if grep $LOGIN /etc/passwd
then
  COUNT=5
  while test $COUNT -gt 0
  do
    echo -en "\r Bruger $LOGIN oprettet. Sessionen afsluttes om $COUNT sekunder"
    $((COUNT-=1)) 2> /dev/null
    sleep 1
  done
else
COUNT=5
  while test $COUNT -gt 0
  do
    echo -en "\r FEJL: Bruger $LOGIN er IKKE oprettet. Sessionen afsluttes om $COUNT sekunder"
    $((COUNT-=1)) 2> /dev/null
    sleep 1
  done
fi
exit

Security

Change all files to root ownership so the students cant change the script catching other students passwords etc.

chown root:root /home/ny
chown root:root /home/ny/.profile
chown root:root /home/ny/bin
chown root:root /home/ny/bin/nybruger