FastHandle - IT Operations Examples

FastHandle is fast operation tools for infrastructure configurations and tests.

User Tools

Site Tools

os:linux:user:index.html



Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
os:linux:user:index.html [2018/01/04 00:44]
kurihara 		os:linux:user:index.html [2018/07/11 00:41]
kurihara
Line 1: Line 1:
 [[:index.html#OS Management|Top#OS Management]] [[:index.html#OS Management|Top#OS Management]]
-====== User Management (user.py)=====+====== Linux User Management with Fabric (user.py)=====
  
 $FHHOME/fabfile/user.py $FHHOME/fabfile/user.py
Line 7: Line 7:
 \\ \\
  
-===== Operation =====+===== Operation with Fabric ===== 
 +==== print list of possible commands ====
  
 <sxh bash toolbar:false gutter:false> <sxh bash toolbar:false gutter:false>
-$ fab  -l |grep user+$ fab -l |grep -F  user. 
 +    user.check_group               user.check_group:group01 
 +    user.check_user                user.check_user:user01 
 +    user.chpasswd_devuser01_pro 
 +    user.chpasswd_devuser01_qa 
 +    user.chpasswd_devuser01_stg 
 +    user.chpasswd_devuser02_pro 
 +    user.chpasswd_devuser02_stg 
 +    user.chpasswd_devuser03_pro 
 +    user.chpasswd_root_pro         PASSWORD is E5*******5 
 +    user.chpasswd_root_qa          PASSWORD is AW*******5 
 +    user.chpasswd_root_stg         PASSWORD is S3*******! 
 +    user.useradd_dev_all 
 +    user.useradd_devuser01 
 +    user.useradd_devuser02 
 +    user.useradd_opeuser01 
 +    user.userdel_devuser01 
 +    user.userdel_devuser02 
 +</sxh>
  
 +==== Example ====
 +
 +<sxh bash toolbar:false gutter:false>
 $ fab  -H $H auth.pro  user.check_user:user01 $ fab  -H $H auth.pro  user.check_user:user01
 +$ echo x.x.x.x | fab  auth.pro  user.check_user:user01
 </sxh> </sxh>
  
  
 +==== Fabric one-line Task Examples====
 <sxh bash toolbar:false gutter:false> <sxh bash toolbar:false gutter:false>
 $ H=test-server-1 $ H=test-server-1
Line 24: Line 48:
 $ fab -H $H auth.pro -- "cat /etc/passwd |grep user01"   # check login shell $ fab -H $H auth.pro -- "cat /etc/passwd |grep user01"   # check login shell
 $ fab -H $H auth.pro -- grep user01 /etc/group $ fab -H $H auth.pro -- grep user01 /etc/group
 +
 +$ fab -H $H auth.pro -- sudo gpasswd -a user1 sudo  # add USER to GROUP
 +$ fab -H $H auth.pro -- sudo gpasswd -r user1 sudo  # remove USER from GROUP
 </sxh> </sxh>
  
 +\\
 +=====TIPS=====
 +====How to Create Hash Password====
 +<sxh python toolbar:false gutter:false>
 +~]# openssl passwd -1 'newpassword'
 +$1$0u444IQv$YSGCzz8mesPzCWwxHCxit.
 +
 +~]# echo 'user01:$1$0u444IQv$YSGCzz8mesPzCWwxHCxit.' | chpasswd -e
 +~]# cat /etc/shadow |grep test1
 +test1:$1$0u444IQv$YSGCzz8mesPzCWwxHCxit.:17526:0:99999:7:::
 +~]# exit
 +
 +~]$ su - user01
 +            <- newpassword
 +</sxh>
  
 \\ \\
Line 32: Line 74:
  
 <sxh python toolbar:false gutter:false> <sxh python toolbar:false gutter:false>
-import sys+import sys, os
 from fabric.api import * from fabric.api import *
 from fabric.contrib import files from fabric.contrib import files
 from fabric.utils import abort from fabric.utils import abort
 +
 +FHHOME=os.environ["FHHOME"]
  
 #==================================================================== #====================================================================
Line 45: Line 89:
 @task  @task 
 def check_user(user): def check_user(user):
-    """fab  auth.pro  check_user:user01"""+    """user.check_user:user01"""
     res = run("id %s" % user, warn_only=True)     res = run("id %s" % user, warn_only=True)
     if res.failed is True:     if res.failed is True:
Line 57: Line 101:
 @task  @task 
 def check_group(group): def check_group(group):
-    """fab  auth.pro  check_group:group01""" +    """user.check_group:group01""" 
-    res = run("grep %s /etc/group" % group, warn_only=True)+    res = run("grep ^%s /etc/group" % group, warn_only=True)
     if res.failed is True:     if res.failed is True:
         puts(red("There isn't %s in %s." % (group, env.host_string)))         puts(red("There isn't %s in %s." % (group, env.host_string)))
Line 65: Line 109:
  
 #==================================================================== #====================================================================
-#user.useradd +# user.useradd 
-#    useradd -u UID -g GROUP -G GROUP1,GROUP2 -s /bin/bash -d HOME_DIR LOGIN+#    useradd -m -u UID -g GROUP -G GROUP1,GROUP2 -s /bin/bash -d HOME_DIR LOGIN 
 +#    -m : create the user's home directory
 #==================================================================== #====================================================================
 #------------------------------------------------ #------------------------------------------------
Line 84: Line 129:
     res = run("id devuser01", warn_only=True)     res = run("id devuser01", warn_only=True)
     if res.failed is True:     if res.failed is True:
-        sudo("useradd -u 1101 -g dev  devuser01")+        sudo("useradd -m -u 1101 -g dev  devuser01")
         return         return
  
Line 91: Line 136:
     res = run("id devuser02", warn_only=True)     res = run("id devuser02", warn_only=True)
     if res.failed is True:     if res.failed is True:
-        sudo("useradd -u 1102 -g dev devuser02")+        sudo("useradd -m -u 1102 -g dev devuser02")
         return         return
  
Line 103: Line 148:
     if res.succeeded is True:     if res.succeeded is True:
         abort("You already have opeuser01.")         abort("You already have opeuser01.")
-    sudo("useradd -u UID -g GROUP opeuser01") +    sudo("useradd -m -u UID -g GROUP opeuser01")
  
  
Line 118: Line 162:
 @task  @task 
 def chpasswd_root_pro(): def chpasswd_root_pro():
-  sudo("echo 'root:PASS' | chpasswd")+    ''' PASSWORD is E5*******5 ''' 
 +    sudo("echo 'root:$1$0u422IQv$YSGCzz8mesPzCaWxHCxit.' | chpasswd -e")
  
 # user.chpasswd_root_stg # user.chpasswd_root_stg
 @task  @task 
 def chpasswd_root_stg(): def chpasswd_root_stg():
-  sudo("echo 'root:PASS' | chpasswd")+    ''' PASSWORD is S3*******! ''' 
 +    sudo("echo 'root:$1$0u333IQv$YSGCzz8mesPzCaWxHCxit.' | chpasswd -e")
  
 # user.chpasswd_root_qa # user.chpasswd_root_qa
 @task  @task 
 def chpasswd_root_qa(): def chpasswd_root_qa():
-  sudo("echo 'root:PASS' | chpasswd")+    ''' PASSWORD is AW*******5 ''' 
 +    sudo("echo 'root:$1$0u444IQv$YSGCzz8mesPzCaWxHCxit.' | chpasswd -e")
  
  
 #------------------------------------------------ #------------------------------------------------
-# chpasswd not root+# chpasswd devuser01
 #------------------------------------------------ #------------------------------------------------
 # user.chpasswd_devuser01_pro # user.chpasswd_devuser01_pro
 @task @task
 def chpasswd_devuser01_pro(): def chpasswd_devuser01_pro():
-    sudo("id devuser01 && echo 'devuser01:PASS'", warn_only=True)+    sudo("id devuser01 && echo 'devuser01:PASS' | chpasswd", warn_only=True)
  
 # user.chpasswd_devuser01_stg # user.chpasswd_devuser01_stg
 @task @task
 def chpasswd_devuser01_stg(): def chpasswd_devuser01_stg():
-    sudo("id devuser01 && echo 'devuser01:PASS'", warn_only=True)+    sudo("id devuser01 && echo 'devuser01:PASS' | chpasswd", warn_only=True)
  
 # user.chpasswd_devuser01_qa # user.chpasswd_devuser01_qa
 @task @task
 def chpasswd_devuser01_qa(): def chpasswd_devuser01_qa():
-    sudo("id devuser01 && echo 'devuser01:PASS'", warn_only=True)+    sudo("id devuser01 && echo 'devuser01:PASS' | chpasswd", warn_only=True)
  
 +
 +#------------------------------------------------
 +# chpasswd devuser02
 +#------------------------------------------------
 # user.chpasswd_devuser02_pro # user.chpasswd_devuser02_pro
 @task @task
 def chpasswd_devuser02_pro(): def chpasswd_devuser02_pro():
-    sudo("id devuser02 && echo 'devuser02:PASS'", warn_only=True)+    sudo("id devuser02 && echo 'devuser02:PASS' | chpasswd", warn_only=True)
  
 +
 +# user.chpasswd_devuser02_stg
 +@task
 +def chpasswd_devuser02_stg():
 +    sudo("id devuser02 && echo 'devuser02:PASS' | chpasswd", warn_only=True)
 +
 +#------------------------------------------------
 +# chpasswd devuser03
 +#------------------------------------------------
 # user.chpasswd_devuser03_pro # user.chpasswd_devuser03_pro
 @task @task
 def chpasswd_devuser03_pro(): def chpasswd_devuser03_pro():
-    sudo("id devuser03 && echo 'devuser03:PASS'", warn_only=True)+    sudo("id devuser03 && echo 'devuser03:PASS' | chpasswd", warn_only=True) 
 + 
  
  
 #==================================================================== #====================================================================
-#userdel+# userdel
 #    -r, --remove : Files in the user's home directory will be removed #    -r, --remove : Files in the user's home directory will be removed
 #==================================================================== #====================================================================
Line 177: Line 239:
         sudo("userdel -r devuser02")         sudo("userdel -r devuser02")
         return         return
- 
-#==================================================================== 
-# etc 
-#==================================================================== 
  
  


os/linux/user/index.html.txt · Last modified: 2019/02/11 00:39 by kurihara

Page Tools


Home     About     Contact

Copyright (c) 2024 FastHandle - IT Operations Examples All Rights Reserved.