Difference between revisions of "Linux Januar 2012/Add users"

From Teknologisk videncenter
Jump to: navigation, search
m
m
 
(3 intermediate revisions by the same user not shown)
Line 18: Line 18:
 
</source>
 
</source>
 
==File: /etc/sudoers==
 
==File: /etc/sudoers==
Add the following line to '''/etc/sudoers''' using visudo
+
Add the following line to '''/etc/sudoers''' using visudo.
 
<source lang=bash>
 
<source lang=bash>
ny ALL = NOPASSWD: /usr/sbin/adduser [a-zA-Z0-9]*
+
ny ALL = NOPASSWD: /usr/sbin/adduser --gecos [a-zA-Z0-9]* [a-zA-Z0-9]*
 
</source>
 
</source>
 +
;Remark:This line should be commented out when the students have added them selves.
 +
 
==File: /home/ny/bin/nybruger==
 
==File: /home/ny/bin/nybruger==
 
Create the '''/home/ny/bin''' directory and add the file '''/home/ny/bin/nybruger''' with the following content. (Remember to change mode to executable)
 
Create the '''/home/ny/bin''' directory and add the file '''/home/ny/bin/nybruger''' with the following content. (Remember to change mode to executable)
Line 30: Line 32:
 
echo -e "                        ============="
 
echo -e "                        ============="
 
echo -e "\n\n\nIndtast dit ønskede bruger login. Et ord indeholdene bogstaver eller/og tal."
 
echo -e "\n\n\nIndtast dit ønskede bruger login. Et ord indeholdene bogstaver eller/og tal."
echo -en "\nBruger login: "
+
LOOP=1
read LOGIN
+
while test $LOOP -eq 1
 +
do
 +
  echo -en "\nBruger login: "
 +
  read LOGIN
 +
  if echo -n $LOGIN | grep -E "^[0-9A-Za-z]*$"  >/dev/null  2>&1
 +
  then
 +
    if grep $LOGIN /etc/passwd  >/dev/null  2>&1
 +
    then
 +
    echo -e "Det valgte bruger login er allerede i brug!!!"
 +
    else
 +
    LOOP=0
 +
    fi
 +
  else
 +
    echo -e "login navnet skal være ET ord bestående af bogstaver a-z, A-Z eller tal 0-9"
 +
  fi
 +
done
 +
 
 
sudo /usr/sbin/adduser $LOGIN
 
sudo /usr/sbin/adduser $LOGIN
 
if grep $LOGIN /etc/passwd
 
if grep $LOGIN /etc/passwd
 
then
 
then
 
   COUNT=5
 
   COUNT=5
   while test "$COUNT" -gt 0
+
   while test $COUNT -gt 0
 
   do
 
   do
 
     echo -en "\r Bruger $LOGIN oprettet. Sessionen afsluttes om $COUNT sekunder"
 
     echo -en "\r Bruger $LOGIN oprettet. Sessionen afsluttes om $COUNT sekunder"
     let COUNT=COUNT-1
+
     $((COUNT-=1)) 2> /dev/null
 
     sleep 1
 
     sleep 1
 
   done
 
   done
 
else
 
else
 
COUNT=5
 
COUNT=5
   while test "$COUNT" -gt 0
+
   while test $COUNT -gt 0
 
   do
 
   do
 
     echo -en "\r FEJL: Bruger $LOGIN er IKKE oprettet. Sessionen afsluttes om $COUNT sekunder"
 
     echo -en "\r FEJL: Bruger $LOGIN er IKKE oprettet. Sessionen afsluttes om $COUNT sekunder"
     let COUNT=COUNT-1
+
     $((COUNT-=1)) 2> /dev/null
 
     sleep 1
 
     sleep 1
 
   done
 
   done
Line 53: Line 71:
 
exit
 
exit
 
</source>
 
</source>
 +
 
=Security=
 
=Security=
 
Change all files to root ownership so the students cant change the script catching other students passwords etc.
 
Change all files to root ownership so the students cant change the script catching other students passwords etc.
Line 58: Line 77:
 
chown root:root /home/ny
 
chown root:root /home/ny
 
chown root:root /home/ny/.profile
 
chown root:root /home/ny/.profile
 +
chown root:root /home/ny/bin
 
chown root:root /home/ny/bin/nybruger
 
chown root:root /home/ny/bin/nybruger
 
</source>
 
</source>
  
 
[[Category:Linux]]
 
[[Category:Linux]]

Latest revision as of 09:46, 12 September 2018

Purpose

When adding students on a Linux/UNIX box its desirable to let the students choice their own login names.

How to add student logins

Make a username and password public to the students. When the students login they are prompted for desired loginname/password

Adding the create-students account

Add user ny with password ny or whatever username/password you prefer to make public to the students. remember to change all references in the following to the username you choice.

File: /home/ny/.profile

Add the following line to the start of /home/ny/.profile

trap '' 1 2 3 15

Add the following two lines to the end of /home/ny/.profile

/home/ny/bin/nybruger
exit

File: /etc/sudoers

Add the following line to /etc/sudoers using visudo.

ny ALL = NOPASSWD: /usr/sbin/adduser --gecos [a-zA-Z0-9]* [a-zA-Z0-9]*
Remark
This line should be commented out when the students have added them selves.

File: /home/ny/bin/nybruger

Create the /home/ny/bin directory and add the file /home/ny/bin/nybruger with the following content. (Remember to change mode to executable)

#!/bin/bash
tput clear
echo -e "                        Tilføj bruger"
echo -e "                        ============="
echo -e "\n\n\nIndtast dit ønskede bruger login. Et ord indeholdene bogstaver eller/og tal."
LOOP=1
while test $LOOP -eq 1
do
  echo -en "\nBruger login: "
  read LOGIN
  if echo -n $LOGIN | grep -E "^[0-9A-Za-z]*$"  >/dev/null  2>&1
  then
    if grep $LOGIN /etc/passwd  >/dev/null  2>&1
    then
     echo -e "Det valgte bruger login er allerede i brug!!!"
    else
     LOOP=0
    fi
  else
    echo -e "login navnet skal være ET ord bestående af bogstaver a-z, A-Z eller tal 0-9"
  fi
done

sudo /usr/sbin/adduser $LOGIN
if grep $LOGIN /etc/passwd
then
  COUNT=5
  while test $COUNT -gt 0
  do
    echo -en "\r Bruger $LOGIN oprettet. Sessionen afsluttes om $COUNT sekunder"
    $((COUNT-=1)) 2> /dev/null
    sleep 1
  done
else
COUNT=5
  while test $COUNT -gt 0
  do
    echo -en "\r FEJL: Bruger $LOGIN er IKKE oprettet. Sessionen afsluttes om $COUNT sekunder"
    $((COUNT-=1)) 2> /dev/null
    sleep 1
  done
fi
exit

Security

Change all files to root ownership so the students cant change the script catching other students passwords etc.

chown root:root /home/ny
chown root:root /home/ny/.profile
chown root:root /home/ny/bin
chown root:root /home/ny/bin/nybruger