If you would like to copy a set of files for all existing users, use the following scripting trick. It will save lots of manual work.
First you need to grab all user names from /etc/passwd file using the cut command:
# cut -d: -f1 /etc/passwd
However, the above will grab all system account too. To grab only user account (UID >= 500), enter:
# awk -F':' '{ if ( $3 >= 500 ) print $1 }' /etc/passwd
Next, you can use the shell for loop command to copy file(s) and set the correct permissions on the file. The id command can be used to obtain the correct user ID and group ID for each user.
Copy Single File To All Users Home Directory
#!/bin/bash UHOME="/home" FILE="/nas05/.newconfig-file" # get list of all users _USERS="$(awk -F':' '{ if ( $3 >= 500 ) print $1 }' /etc/passwd)" for u in $_USERS do _dir="${UHOME}/${u}" if [ -d "$_dir" ] then /bin/cp "$FILE" "$_dir" chown $(id -un $u):$(id -gn $u) "$_dir/${FILE}" fi done
Copy Multiple Files To All Users Home Directory
You can also copy multiple files using inner and outer loop concept:
#!/bin/bash UHOME="/home" # note wild card allowed _FILES="/etc/skel/.newconfig-file /etc/skek/.update-config /chroot/jail/.force.conf /nas05/perl/*.pl" _USERS="$(awk -F':' '{ if ( $3 >= 500 ) print $1 }' /etc/passwd)" # get list of all users for u in $_USERS do for f in $_FILES do _dir="${UHOME}/${u}" if [ -d "$_dir" ] then /bin/cp -f "${f}" "$_dir" chown $(id -un $u):$(id -gn $u) "${_dir}/${f}" fi done done
As pointed out by our readers (see comments below), you need to add additional security check such as:
- User should be a normal user (hint: use awk -F':' { if ( $2 >= 500 )... )
- User must have a directory (hint: use [ -f dir ] syntax)
- User must have a valid password / account. (hint: use /etc/passwd to verify the same)
This is left as exercise for the reader.
Updated for accuracy.
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- My 10 UNIX Command Line Mistakes
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
Facebook it - Tweet it - Print it -
We're here to help you make the most of sysadmin work. So, subscribe!
{ 9 comments… read them below or add one }
This will also copy files to home directory of system users (not all of them have home directories).
This will prevent that this happens.
ID=$(id -u $u)
if [ $ID -ge 1000 ] ; then
if [ -d ${UHOME}/${u} ] ; then
… do copy here….
fi
fi
Casper,
Yeah, you got a valid point there.
Appreciate your post.
marinosi@lucifer:~$ id -u nobody
65534
I’m pretty sure you don’t want to copy something to the nonexistent nobody’s homedir. :-P
Someone , could have in the system other accounts that cannot login (or don’t have a home dir etc)..One way to find the active users of a system is :
$ cat /etc/shadow | grep -v ‘[*!]‘
Users who are inactive(have disabled accounts ) have a * or $ (these users cannot login) at the field where they should have the password hash.
Ilias,
The post has been updated. Thanks for sharp observation.
Instead of using cp… chown… use the install command. It does the same thing.
If you don’t have your users in /etc/passwd, but for instance in ldap, you can use `getent passwd` instead.
You also need to safely handle pre-existing files of the same name. You can use the –backup option with install or cp, but you probably want to log it and/or inform users in some way.
The users home directory isn’t necessarily in the /home directory, you should read it from the ‘directory’ field in /etc/passwd – field 6
UHOME=$(grep '^${u}' /etc/passwd | cut -d: -f6)hmm… errr…..
if you chown $_dir/${FILE} then you are trying to chown a nonexistant file,
as this expands to /home/user//nas05/.newconfig-file
chown $(id -un $u):$(id -gn $u) “$_dir/${FILE}”
Maybe if you created a new variable:
FILENAME=”.newconfig-file”
then you changed the chown line:
chown $(id -un $u):$(id -gn $u) “$_dir/${FILENAME}”
it would expand properly?