Creating New Users with perl
Why use a script to create new user accounts? Most sites
rather edit the password file directly to create a new
user, and then
make the home directory manually. However, I often noticed
approach can lead to problems such as not completing
the job, forgetting
critical steps, and creating users different ways. Many
never document how to create a user.
A simple "make user" script can fix all of
I wrote mkuser to prevent mistakes in adding users,
users exactly the same way, and to save time. The script
a primitive form of self-documention, showing a way
to create a user.
Documentation does not need to change because the user
needs to change.
With a simple command interface, operators can answer
and create a user correctly. It's not necessary to change
interface if you make minor changes within the script
to add extra
tasks. mkuser lets you incorporate changes without adding
steps for an operator or redocumenting the process of
creating a user.
Most UNIX systems have system administration tools to
and maintain user accounts and groups -- AIX has smit
SVR4 has sysadm; some SVR4 systems have useradd, usermod,
and userdel; useradd is similar to adduser
on ULTRIX. Other systems, such as Domain/OS, have entirely
ways of adding users. Some SVR4 systems have groupadd,
and groupmod for modifying the /etc/group file. Although
all of these tools provide either a menu or a command-line
none make it particularly easy to automate user and
It's true that useradd can be done in one line. However,
must give it a uid and a gid, which means you have to
write a shell
script wrapper around useradd to find the next available
uid. Large sites will probably have pockets of different
each with their own way of adding a user.
The mkuser Script
I wrote a perl script called mkuser (Listing 1) and
it on a few flavors of UNIX to solve user administration
It's fast and easily portable. There are, of course,
a few site dependencies,
but this script can be used for many different sites
with only minor
I originally developed mkuser on SVR4 NCR 2.02 UNIX
useradd command as the final execution. I later changed
to modify the /etc/passwd and /etc/shadow files directly
because useradd is too OS dependent. I then used the
on AT&T Starservers and on SunOS and ULTRIX. The
input into the script
seems generic enough. I looked back at a shell script
I had written
to add a user to Apollo Domain/OS systems. I found it
was easy to
use mkuser on the Apollo. I did have to make a number
in the final stage of the script, but neither the script
nor the password generator changed.
I've also used mkuser to create users from a cron
shell script. I took tables dumped from an Informix
them through awk, and sent them to mkuser to create
the users. The entire task was completely automated.
Besides being a very easy language to learn, perl bridges
between C and shell programming. It provides the best
of both worlds,
especially for many system administration tasks, and
systems now ship perl as a standard part of UNIX.
To run mkuser, you must port perl to your system. perl
easily available, free, and quickly portable to all
types of UNIX
systems (see Figure 1 for an example session).
mkuser is exactly the type of project that perl was
to handle. If I had used shell, I would have needed
an extra C program
to encrypt the password. That would mean three files:
the C source, and the executable C program. Having everything
file makes maintenance much easier.
Modifying the Script
You can use mkuser with or without command-line arguments.
Of course, you'll need to modify it for your site, but
should be minimal.
A new user's default shell directory on some SVR4 systems
/etc/skel. This directory contains the default dot (.)
as well as other directories that you want included
in a new user's
setup, such as startup scripts in special csh and ksh
directories. mkuser will copy everything in the default
directory tree to the new user's home directory. You
the script to use a default directory for the new users
the $defaultcshdef or the $defaultkshdef to those locations.
I made mkuser shell-dependent since you will want different
dot files depending on the type of shell you plan to
run. You may
wish to add other shell defaults, such as bash or tcsh.
For your default ksh directory, you will probably include
.profile, .Xdefaults, .mwmrc, and possibly
bin, src, and tmp directories. For your default
csh directory, you will probably want .Xdefaults,
.cshrc, .login, .logout, .openwin-init,
.openwin-menu, and possibly bin and tmp directories.
There may be other files and directories you wish to
add as well.
Other script defaults to set include the group default,
the group with the most users, and the default home
most of the users will reside.
Aspects of mkuser
Because many sites use the login as the password and
change their password, I added a password generator
for security reasons.
At most sites, I can crack 50 percent of the passwords
is a password checker that can be used regularly to
notify users when
their passwords were cracked; see Figure 2 for an example
of obtaining and porting crack). The generator makes
words that are not really words. However, users need
to be educated
about what passwords are best (see Figure 3 for two
I used crypt in the script instead of calling passwd.
passwd is tied to the tty. Shelling out to execute
passwd makes the operator type the user's password by
twice. By encrypting the password and just putting it
into the new
user's password field, I have automated the script's
Other tasks that mkuser could automate include adding
user to a phone list and making a mail alias.
Figure 4 lists mkuser's command-line arguments. All
Running mkuser without arguments, as
causes it to ask all questions for creating a new user.
However, you can also give it all the user's information
on the command
# /usr/local/bin/mkuser joe smith jsmith jsmith next workgroup home/bin/csh
This creates a user named "Joe Smith," which
goes in the GECOS field. The user's login name is set
and his home directory will have that same name. This
is because the
logname (third argument) and username (fourth argument)
mkuser sets jsmith's UID to the next available, sets
his group to workgroup, sets his home directory tree
and specifies that the account will run csh at login.
no password argument was given after the login shell
login name, jsmith, becomes the password.
# /usr/local/bin/mkuser tom thibodeaux tthibode tthibodeaux next gen home /bin/ksh
differs from the previous one primarily by using a logname
("tthibode") that doesn't correspond with
("tthibodeaux"). In this case, the home directory
is based on the username argument, will be /home/tthibodeaux.
The other arguments are similar, except that this user
to the gen group and use ksh. Again, the logname becomes
the user's first password.
# /usr/local/bin/mkuser tom thibodeaux tthibode \
tthibodeaux next gen home /bin/ksh o,iltay
adds an explicit password ("o,iltay") to the
arguments shown in the previous example.
Schwartz, Randal L. Learning Perl (aka "The
Llama Book"). Sebastopol, CA: O'Reilly & Associates,
Wall, Larry, and Randal L. Schwartz. Programming
Perl (aka "The Camel Book"). Sebastopol, CA:
Associates, ISBN 0-937175-61-1.
Perl FAQ. ftp://ftp.cis.ufl.edu/pub/perl/doc/FAQ
About the Author
Russ Hill is a University of Florida Gator with a degree
Engineering. He works as a UNIX Analyst in Dallas, TX
His earlier article, "How to Login to Any UNIX
System and Get Your Email,"
appeared in the Sept/Oct 1993 of Sys Admin.