Advanced Linux Shell Scripting for DevOps Engineers with User Management

Advanced Linux Shell Scripting for DevOps Engineers with User Management

#90DaysofDevOps Challenge - Day 5

Francisco Souza's photo
Francisco Souza
·

6 min read

Table of contents

No heading

No headings in the article.

In this article of #Day5 on the #90daysofdevops challenge proposed by Shubham Londhe, we will briefly discuss some Advanced Linux Shell Scripting topics with basic examples.

Example 1 - Using either loops or commands with start and end variables using arguments.

Writing a bash script createDirectories.sh, when this script will be executed with three given arguments (one is the directory name and the second is the start number of directories and the third is the end number of directories ) it will create a specified number of directories with a dynamic name.

#!/bin/bash
# Define the correct number of directories to be created
 if [ $# -ne 3 ]; then
   echo "Usage: $0 <directory name> <start number> <end number>"
   exit 1
 fi
# Define the arguments to variables
 dir_name=$1
 start_num=$2
 end_num=$3
 # Loop to create directories with dynamic names
 for (( i=$start_num; i<=$end_num; i++ ))
 do
   mkdir -p "${dir_name}_${i}"
 done
 echo "Directories created successfully!"

▶Example 2 - Create a script to backup specific files or directories

Backups are an important part of the DevOps Engineer's daily activities.

#!/bin/bash
# Create backups directory if it doesn't exist
mkdir -p ~/devops-zero-hero/backups
# Create backup archive
tar -czvf ~/devops-zero-hero/backups/backup_$(date +%Y-%m-%d).tar.gz .
# Print success message
echo "Backup completed successfully!"

The use of ~/ before a directory is the user's $Home directory.

We in this example used the tar -czvf command to compress the file in tar format.

Here we have different flavours of how to compress or decompress files in Linux, below you have a quick description of them.

. To compress

. To decompress

. Advanced usage

▶Example 3 - The usage of cron and crontab to automate the tasks.

Linux provides the cron system, a time-based job scheduler, for automating processes. The crontab is essentially a list where users add their own automated tasks and jobs, and it has a number of options that can simplify things even further.

crontab is a command obtained after installation of the cronie package. Compared with this anacron it is more suitable for servers that work 7 * 24 hours a day. Common options crontab are:

-e # edit crontab scheduled tasks
the -l # View crontab task
-r # delete all the current user's crontab tasks

# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0-59)
# | .------------- hour (0-23)
# | | .---------- day of month (1-31)
# | | | .------- month (1-12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0-6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed

The script needs to have to execute permission (chmod +x) before cronie can run it.

# Edit this file to introduce tasks to be run by cron.
#
# Each task to run has to be defined through a single line
# indicating with different fields when the task will be run
# and what command to run for the task
#
# To define the time you can provide concrete values for
# minute (m), hour (h), day of month (dom), month (mon),
# and day of week (dow) or use '*' in these fields (for 'any').
#
# Notice that tasks will be started based on the cron's system
# daemon's notion of time and timezones.
#
# Output of the crontab jobs (including errors) is sent through
# email to the user the crontab file belongs to (unless redirected).

# For more information see the manual pages of crontab(5) and cron(8)
#
# m h  dom mon dow   command

#  Crontab backup tests
45 23 * * * /home/user/devops-zero-hero/backup-script.sh

▶Example 4 - User Management

User management can be done in three ways on a Linux system. Graphical tools are easy and suitable for new users, as it makes sure you will not run into any trouble. Command line tools include commands like useradd, userdel, passwd, etc. These are mostly used by server administrators.

The local user database in Linux is /etc/passwd directory.

It has seven columns separated by a colon. Starting from the left columns denote username, an x, user id, primary group id, a description, name of the home directory and a login shell.

user@vm-tests2 devops-zero-hero]$ tail /etc/passwd
sshd:x:74:74:Privilege-separated SSH:/usr/share/empty.sshd:/sbin/nologin
chrony:x:986:981::/var/lib/chrony:/sbin/nologin
dnsmasq:x:985:980:Dnsmasq DHCP and DNS server:/var/lib/dnsmasq:/sbin/nologin
tcpdump:x:72:72::/:/sbin/nologin
systemd-oom:x:978:978:systemd Userspace OOM Killer:/:/usr/sbin/nologin
user:x:1000:1000:user:/home/user:/bin/bash
vboxadd:x:977:1::/var/run/vboxadd:/bin/false
devops:x:1001:1001::/home/devops:/bin/bash
devops1:x:1002:1002::/home/devops1:/bin/bash
devops2:x:1003:1003::/home/devops2:/bin/bash

. Root

The root user is the superuser and has all the powers for creating a user, deleting a user and can even login in with the other user's account. The root user always has userid 0.

[user@vm-tests2 devops-zero-hero]$ head -1 /etc/passwd
root:x:0:0:root:/root:/bin/bash

. Useradd

Using this command you can add a new user.

Syntax: useradd -m -d /home/<userName> -c "<userName>" <userName>

Creating a home directory (-m), setting the name of the home directory (-d), and a description (-c).

[user@vm-tests2 devops-zero-hero]$ sudo useradd -m devops3
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ ls cd /home/
ls: cannot access 'cd': No such file or directory
/home/:
devops  devops1  devops2  devops3  user

File /etc/default/useradd contains some useful default options.

The command useradd -D can be used to display this file.

[user@vm-tests2 devops-zero-hero]$ useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
[user@vm-tests2 devops-zero-hero]$

. Userdel

To delete a user account userdel command is used.

Syntax: userdel -r <userName>

To remove the user and also your home directoryuserdel -rcommand is used.

[user@vm-tests2 devops-zero-hero]$ sudo userdel -r devops3
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ ls cd /home/
ls: cannot access 'cd': No such file or directory
/home/:
devops  devops1  devops2  user

. Usermod

The command usermod is used to modify the properties of an existing user.

Syntax: usermod -c <'newName'> <oldName> 

[user@vm-tests2 devops-zero-hero]$ tail -1 /etc/passwd
devops2:x:1003:1003::/home/devops2:/bin/bash
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ sudo usermod -c 'dev-engineer' devops2
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ tail -1 /etc/passwd
devops2:x:1003:1003:dev-engineer:/home/devops2:/bin/bash
[user@vm-tests2 devops-zero-hero]$

. Groupadd

In Linux, groups are used to organize and administer user accounts. The primary purpose of groups is to define a set of privileges such as reading, writing, or executing permission for a given resource that can be shared among the users within the group.

To create a new group type groupadd followed by the new group name.

Syntax: groupadd <group_name>

The command adds an entry for the new group to the /etc/group and /etc/gshadow files.

For example, to create a new group named cloud and tech you would run:

[user@vm-tests2 devops-zero-hero]$ sudo groupadd cloud
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ sudo groupadd tech
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ getent group | grep tech
tech:x:1005:
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ getent group | grep cloud
cloud:x:1004:
[user@vm-tests2 devops-zero-hero]$

Also, you can add a group to the user. For example, if we are including devops1 in the tech group and devops2 in the cloud group, we will need to use the -aG flag as a simple -G flag which will remove the user from the previously added groups.

Syntax: sudo usermod -aG <group_name> <username>

We used other useful commands to list a specific group using the getentand grep .

[user@vm-tests2 devops-zero-hero]$ getent group | grep tech
tech:x:1005:
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ getent group | grep cloud
cloud:x:1004:
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ sudo usermod -aG cloud devops2
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ sudo usermod -aG tech devops1
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ id devops1
uid=1002(devops1) gid=1002(devops1) groups=1002(devops1),0(root),1005(tech)
[user@vm-tests2 devops-zero-hero]$ 
[user@vm-tests2 devops-zero-hero]$ id devops2
uid=1003(devops2) gid=1003(devops2) groups=1003(devops2),1000(user),1004(cloud)
[user@vm-tests2 devops-zero-hero]$

This was a nutshell Linux Shell Scripting and User Management.

The same commands apply to any Linux distribution, including Ubuntu, CentOS, RHEL, Debian, and Linux Mint.

DevopsCloudCloud ComputingLinuxlinux for beginners