Script Entry to block 9 characters userid

manalisharmabe · October 17, 2013, 5:53am

Hi Guys,
I have one script which is used to add new user in the system.
This is how we add new user in system:-

 sudo /opt/local/bin/new-user 114 ranivarm "Rani Varma(Libo Technical User)" INC00001111

Where
114:-is the site id
ranivarm:- is userid
"Rani Varma(Libo Technical User)" :- comment
INC00001111:- ticket number
The script is little big, so here is part of that script:-

case $steps2skip in
(help)  die "$advanced";;
(password)      steps2skip=124;;
(enable)        steps2skip=123;;
([1-4]*)        ;;
esac
username=${1:?username required: $usage} shift
ticket=$3
descr="$*"

#
# assertions
#
grep -c ${group}  /etc/group >/dev/null ||
        warn "Warning: group $group is not in /etc/group"
grep -c $shell /etc/shells >/dev/null ||
        warn "Warning: shell $shell is not in /etc/shells"
 
warn "Checking accountname ${username:?}"
if [[ $steps2skip = *1* ]]; then
        /bin/logins -xol $username ||
                die "account $username does not exist!"
        /bin/getent passwd ${username} ||
                die "account $username does not exist!"
        eval home=~${username}
else    : step 1: creating /etc/passwd entry
        /bin/getent passwd ${username} &&
                die "account $username already exists!"
        /bin/logins -xol $username

Could you please tell me what entry should I enter and where should I insert it?
Thanks

CarloM · October 17, 2013, 5:54am

Telling us what you mean by 'block' and which 9 characters would be a start...

manalisharmabe · October 17, 2013, 6:25am

I mean

sudo /opt/local/bin/new-user 114 ranivarm "Rani Varma(Libo Technical User)" INC00001111

should work

and this

sudo /opt/local/bin/new-user 114 ranivarma "Rani Varma(Libo Technical User)" INC00001111

should through error message as can not create userid as it has 9 characters ranivarma.

block means should throw an error message and userid should not be created.

Thanks

CarloM · October 17, 2013, 6:31am

You can check the length of a string using ${#VAR}

e.g.

[ ${#username} -le 8 ] || die "Some error"

manalisharmabe · October 17, 2013, 7:43am

Yes, thanks but where to insert this code as my script looks too complicated for me to understand.

sea · October 17, 2013, 7:45am

If this looks too complicated to you, i wonder how you could achieve this line in the first place..

username=${1:?username required: $usage} shift

But anyway...
Its just below that...

manalisharmabe · October 17, 2013, 11:50am

This script is created by someone in 2005, I am not that good in scripting, I understand only small-medium scripts.
let me try your lines.

Thanks a lot!

Edit:- You have almost helped me, but I am getting below syntax error:-

-bash-3.2$ /usr/local/bin/sudo /opt/local/bin/new-user 199  testuser1 "test user (Script testing User)" INC000017310
/opt/local/bin/new-user[124]: test: ] missing
username should not more than 8 characters
-bash-3.2$

here is what script has:-

80  while getopts b:f:g:s:u:X: c; do
    81  case $c in
    82  (b)     basedir=${OPTARG}       # directory
    83          case $basedir in        # or numeric site code
    84          ( +([0-9]) )
    85                  basedir=$( print /users/*/$basedir )
    86                  [[ -d $basedir ]] || die "no such directory: $basedir"
    87          esac
    88          # kept -b option for backwards compatibility
    89          ;;
    90  (f)     for profile in ${OPTARG} ${OPTARG}/.profile; do
    91                  # we accept either a directory with a .profile, or a full path to the file
    92                  [[ -f $profile ]] && break
    93          done || die ".profile expected: $usage"
    94          ;;
    95  (g)     group=${OPTARG:?$usage};;
    96  (s)     shell=${OPTARG};;
    97  (X)     steps2skip=${OPTARG} ;;
    98  esac
    99  done
   100  shift $((OPTIND - 1 ))
   101
   102  #
   103  # Replaces -b option: "-b" is actually redundant, as long as
   104  # arg1 is either nnn or /path/name.
   105  #
   106  # numeric $1 == basedir
   107  if [[ $1 = @([0-9][0-9][0-9]|/*) ]]; then
   108          basedir=$1 shift
   109          case $basedir in        # or numeric site code
   110          ( +([0-9]) )
   111                  basedir=$( print /users/*/$basedir )
   112                  [[ -d $basedir ]] || die "no such directory: $basedir"
   113          esac
   114  fi
   115
   116  case $steps2skip in
   117  (help)  die "$advanced";;
   118  (password)      steps2skip=124;;
   119  (enable)        steps2skip=123;;
   120  ([1-4]*)        ;;
   121  esac
   122
   123  username=${1:?username required: $usage} shift
   124  [ ${#username} -le 8] || die "username should not more than 8 characters"
   125  ticket=$3
   126  descr="$*"
   127
   128
   129  #
   130  # assertions
   131  #
   132
   133  grep -c ${group}  /etc/group >/dev/null ||
   134          warn "Warning: group $group is not in /etc/group"
   135
   136  grep -c $shell /etc/shells >/dev/null ||
   137          warn "Warning: shell $shell is not in /etc/shells"
   138
   139
   140
   141  warn "Checking accountname ${username:?}"
   142
   143  if [[ $steps2skip = *1* ]]; then
   144
   145          /bin/logins -xol $username ||
   146                  die "account $username does not exist!"
   147          /bin/getent passwd ${username} ||
   148                  die "account $username does not exist!"
   149
   150          eval home=~${username}
   151
   152  else    : step 1: creating /etc/passwd entry
   153
   154          /bin/getent passwd ${username} &&

It is showing sysntax error, I tried to put two [[ and ]] but got same error. the line 124 needs some entry I guess.
Please advise.

CarloM · October 17, 2013, 11:57am

Note that there's a typo in my original suggestion.

sea · October 17, 2013, 12:14pm

You mean the sql die ?
Yeah, might be better to use:

[ ! ${#username} -le 8 ] && echo "$username's ID is too long" && exit 1

CarloM · October 17, 2013, 12:18pm

No - the test was missing a mandatory space.

die is already used in line 2 of the OP's script, so I assumed it was either available as a local function/command, or he has other problems :).

manalisharmabe · October 17, 2013, 1:41pm

Superdb!!! This worked! Thanks a lot !!

-bash-3.2$ /usr/local/bin/sudo /opt/local/bin/new-user 199  testuser1 "test user (Script testing User)" INC00017310
testuser1's ID is too long;should not more than 8 characters
-bash-3.2$

---------- Post updated at 11:11 PM ---------- Previous update was at 11:01 PM ----------

I have one more query, which I need to understand,
we have one condition for RFUsers means userid starting with "rf" should have password se to NO EXPIRY after first password change.

So whenever RF user say for ex. "rfuser45" logins to system with default password and then sets its new own password that userid password is set to NO EXPIRY.

The script is also working fine in that way.

but this is waht we actually use in Solaris os to get it done

passwd -x -1 rfuser45

but I don't understand why in script something like this is written:-

 # rf accounts do not expire password after first change
        if [[ $username = rf* ]]; then
                passwd -x 0 "$username"
        fi

        warn    "Step 3 completed"

fi

set +x

what does this mean?

passwd -x 0 "$username"

Thanks.

greet_sed · October 17, 2013, 1:51pm

man says:

-x, --maxdays MAX_DAYS
           Set the maximum number of days a password remains valid. After
           MAX_DAYS, the password is required to be changed.