Loading....
Bash Shell Window

Once in a while, you may need to create local users in bulk on a standalone Linux machine. A typical scenario we often face is creating an SFTP server for external users to upload files. Of course, you can solve this with central authentication like LDAP and Active Directory, but this is a more elaborate process and may not fit everyone’s need. In this post, we will create a simple Bash script that will allow us to create local Linux users in bulk.

Script Inputs

We will have the credentials stored in a CSV file with a name credentials.csv. The format of the CSV file is quite simple:

user1,password1
user2,password2
user3,password3
...

Each line in the file represents the credentials of a new user. We will separate the username and the password with a comma. Keep in mind that in this case, you cannot have a comma in the password because this will break the script.

Reading User Credentials from a CSV

The process we will use to read the credentials from the CSV file will include two steps.

Read the Lines from the CSV File Into an Array

To read the credentials into an array, we can use the read shell command. Before we read the lines from the file though, we need to set the internal field separator (IFS) to the new line character (\n). Here is how to read the CSV lines into an array:

ORIGINAL_IFS=$IFS
IFS=$'\n' 
read -d '' -ra credentials < credentials.csv
IFS=$ORIGINAL_IFS

The -d option for the read command is important. If you don’t include it, only the first line of the file will be read. The -r option makes sure that bachslashis not considered an escape char while the -a instructs the command to use indexed array with the specified name. For more details of the read command, see https://ss64.com/bash/read.html. Line 01 and line 04 above preserve the original field separator.

Split Every Line Into Username and Password Variables

The second step is to split every line with credentials into two variables: iuser and ipasswd. For this, we first will need to set the internal field separator to comma (,). Then, we can use read again to split the credentials in separate variables. Here is how this is done for a single array entry:

ORIGINAL_IFS=$IFS
IFS=","
read iuser ipasswd <<< "${lines[0]}"
IFS=$ORIGINAL_IFS

Of course, we need to iterate over all elements of the array using a loop. We will come to that later.

Creating Users and Setting Passwords

We will use the built-in command for creating users. In the case of Ubuntu, we can use useradd. Normally useradd prompts you for the password using the interactive prompt. To avoid the interactive prompt, we will echo the password and pipe the input to the passwd command. Here is how to do that:

useradd -m $iuser
echo "$ipasswd"$'\n'"$ipasswd" | passwd $iuser

The -m option for the useradd command above instructs the command to create a home directory for the user.

Putting It All Together

As mentioned above, we need to iterate over all credentials to create the users. Here is how to do that:

for credential in "${credentials[@]}"
do
   read iuser ipasswd <<< "$credential"
   # create the user
done

And here is the complete script that creates the users:

#!/bin/bash

# Preserve the original field separator
ORIGINAL_IFS=$IFS

# Change the field separator to the new line character
IFS=$'\n'

# Read the lines with crednetials from the CSV file
read -d '' -ra credentials < ./credentials.csv

# Change the file separtor to a comma
IFS=','

# Iterate over the credentials
for credential in "${credentials[@]}"
do
   # Split the credentials into two separate variables
   read iuser ipasswd <<< "$credential"

   # Create the user
   useradd -m $iuser

   # Set the password
   echo "$ipasswd"$'\n'"$ipasswd" | passwd $iuser
done

# Return the original field separator
IFS=$ORIGINAL_IFS

The above script shows you the necessary steps to read credentials from a CSV file and create users on Linux. Keep in mind that the script it not very advanced and you can add a lot of improvements to it.  Few things that you can add are error handling, help how to run the script as well as a way to run the script remotely. We will explain some of those in one of our future posts.

 

, , ,

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back To Top
%d bloggers like this: