shell相关:指令篇 基础篇 脚本欣赏 编程实例 shell问问 shell视频教程 技巧篇 水平测试 E文资料 vi编辑器 高级Bash脚本编程指南
其他:mysql perl c语言
If you're responsible for managing a network of Unix or Linux systems, you've already experienced the frustration caused by subtle incompatibilities among the different operating systems in your dominion. Some of the most basic administration tasks prove to be the most incompatible across different flavors of Unix, and chief among these tasks is user account management. Rather than have a single command-line interface that is 100 percent consistent across all Unix flavors, each vendor has developed its own graphical interface for working with the peculiarities and quirks of its own Unix.
The Simple Network Management Protocol (SNMP) was, ostensibly, supposed to help normalize this sort of thing, but managing user accounts is just as difficult now as it was a decade ago, particularly in a heterogeneous computing environment. As a result, a very helpful set of scripts for a system administrator includes a version of adduser, deleteuser, and suspenduser that can be customized for your specific needs and then easily ported to all your Unix systems.
On a Unix system, an account is created by adding a unique entry to the /etc/passwd file, an entry consisting of a one-to eight-character account name, a unique user ID, a group ID, a home directory, and a login shell for that user. Modern Unix systems store the encrypted password value in /etc/shadow, so an entry must be added to that file too, and finally the account needs to be listed in the /etc/group file, with the user either as his or her own group (a more recent strategy implemented in this script) or as part of an existing group.
The Code
#!/bin/sh
# adduser - Adds a new user to the system, including building their
# home directory, copying in default config data, etc.
# For a standard Unix/Linux system, not Mac OS X.
pwfile="/etc/passwd" shadowfile="/etc/shadow"
gfile="/etc/group"
hdir="/home"
if [ "$(whoami)" != "root" ] ; then
echo "Error: You must be root to run this command." >&2
exit 1
fi
echo "Add new user account to $(hostname)"
echo -n "login: " ; read login
# Adjust '5000' to match the top end of your user account namespace
# because some system accounts have uid's like 65535 and similar.
uid="$(awk -F: '{ if (big < $3 && $3 < 5000) big=$3 } END { print big + 1 }'
$pwfile)"
homedir=$hdir/$login
# We are giving each user their own group, so gid=uid
gid=$uid
echo -n "full name: " ; read fullname
echo -n "shell: " ; read shell
echo "Setting up account $login for $fullname..."
echo ${login}:x:${uid}:${gid}:${fullname}:${homedir}:$shell >> $pwfile
echo ${login}:*:11647:0:99999:7::: >> $shadowfile
echo "${login}:x:${gid}:$login" >> $gfile
mkdir $homedir
cp -R /etc/skel/.[a-zA-Z]* $homedir
chmod 755 $homedir
find $homedir -print | xargs chown ${login}:${login}
# Setting an initial password
passwd $login
exit 0
How It Works
The coolest single line in this script contains the snippet
awk -F: '{ if (big < $3 && $3 < 5000) big=$3 } END { print big + 1 }' $pwfile
This scans through the /etc/passwd file, ascertaining the largest user ID currently in use that's less than the highest allowable user account value (adjust this for your configuration preferences) and then adding 1 to it for the new account user ID. This saves the admin from having to remember what the next available ID is, and it also offers a high degree of consistency in account information as the user community evolves and changes.
Once the account is created, the new home directory is created and the contents of the /etc/skel directory are copied to the home directory. By convention, the /etc/skel directory is where a master .cshrc, .login, .bashrc, and .profile are kept, and on sites where there's a web server offering ~account service, a directory like /etc/skel/public_html would also be copied across to the new home directory, alleviating many "Where do I create my new website?" questions.
Running the Script
This script must be run by root and has no starting arguments.
The Results
Because my system already has an account named tintin, it's helpful to ensure that snowy has his own account too:
$ sudo adduser
Add new user account to aurora
login: snowy
full name: Snowy the Dog
shell: /bin/bash
Setting up account snowy for Snowy the Dog...
Changing password for user snowy.
New password: