In the last article, we’d seen how to get started with Linux scripts. In that, we created a basic scripting file and showed how to change permissions and add the path variables (or use the existing ones). Now that we know the skeleton of a basic script, it’s time to show how it can actually be useful.
In an earlier article, we’d taken a look at how to expire passwords in Linux. When the user logs in for the first time, we want to force them to change their password. This consists of three steps:
- Create the user;
- Set a default password;
- Expire the password immediately.
The commands for these three actions are as follows:
useradd [username] passwd [username] passwd -e [username]
Running them separately gives us the following output:
To execute these, we need to learn about Linux script parameters.
To string these three commands together, we’re going to create our own script called “adduserexpass”. This command will take in the username as a parameter and execute the above three commands together. When we run our script, we will pass the desired username as a parameter like this:
Scripts can reference parameters by using the following method:
- $0 equals the script name itself;
- $1 refers to the first parameter;
- $2 refers to the second parameter;
- …and so on and so forth.
So in the above example, we refer to [username] using $1. So the three commands within the script simply become:
useradd $1 passwd $1 passwd -e $1
It’s important for us to check the validity of an input before we manipulate it. For example, the script makes no sense unless we actually provide a parameter. So the first thing we’re going to do is to check whether or not a parameter exists. If not, we display an error message and exit the script. Like this:
if [ "$1" == "" ]; then echo "Missing username parameter" exit 1 fi
A few things to note about this conditional statement. First, it’s important to keep whitespaces around the square bracket “[” in the following statement:
if [ "$1" == "" ]
This is because shell scripts are not strictly a programming language by themselves. Without the brackets, the Linux environment treats the entire string as a single command. Second, note that the parameter $1 is surrounded by quotation marks (“”). All of these little things can make debugging very difficult for Linux shell scripts. The best way to code them is to find an existing script that works and make the changes to them.
Also unlike many other programming languages, you don’t need to end every command with a semi-colon “;”. However, if the next piece of the code is on the same line, then the semicolon is necessary to separate the commands from one other like in this extract:
if [ "$1" == "" ]; then
Here, the “then” is on the same line. So we need the semicolon after the closing bracket.
Check if username Already Exists
We also need to make sure that we’re not passing an existing username to the script. Otherwise, we’ll end up resetting the password and expiring it for an existing user! The way to do this is to use the “id -u” command and test the output like this:
if id -u "$1" >/dev/null 2>&1; then echo "User already exists" exit 1 fi
In this conditional statement, I execute the command “id -u $1”. I don’t want the output to be shown in the shell, so I send it to an imaginary black hole /dev/null . However if something was returned, then we echo that the user already exists and exit the script.
Putting it all Together
Taking all the components together, we have the following final script:
#!/bin/sh # This will take the username as a parameter referred to as $0 if [ "$1" == "" ]; then echo "Missing username parameter" exit 1 fi if id -u "$1" >/dev/null 2>&1; then echo "User already exists" exit 1 fi useradd $1 passwd $1 passwd -e $1
This gives us the output when run under the following scenarios:
Username already exists:
User created, password set, and expired all with one command:
And there we have a script that executes three commands all at once with full conditional statements that check for invalid inputs! This technique can be use to automate a whole bunch of tasks in Linux that could normally be pretty time consuming. The flexibility to accept parameters allows us to create new commands that we can then distribute to other people as well.