If you would like to copy a set of files for all existing users, use the following scripting trick. It will save lots of manual work.
First you need to grab all user names from /etc/passwd file using the cut command:
# cut -d: -f1 /etc/passwd
However, the above will grab all system account too. To grab only user account (UID >= 500), enter:
# awk -F':' '{ if ( $3 >= 500 ) print $1 }' /etc/passwd
Next, you can use the shell for loop command to copy file(s) and set the correct permissions on the file. The id command can be used to obtain the correct user ID and group ID for each user.
Copy Single File To All Users Home Directory
#!/bin/bash UHOME="/home" FILE="/nas05/.newconfig-file" # get list of all users _USERS="$(awk -F':' '{ if ( $3 >= 500 ) print $1 }' /etc/passwd)" for u in $_USERS do _dir="${UHOME}/${u}" if [ -d "$_dir" ] then /bin/cp "$FILE" "$_dir" chown $(id -un $u):$(id -gn $u) "$_dir/${FILE}" fi done |
Copy Multiple Files To All Users Home Directory
You can also copy multiple files using inner and outer loop concept:
#!/bin/bash UHOME="/home" # note wild card allowed _FILES="/etc/skel/.newconfig-file /etc/skek/.update-config /chroot/jail/.force.conf /nas05/perl/*.pl" _USERS="$(awk -F':' '{ if ( $3 >= 500 ) print $1 }' /etc/passwd)" # get list of all users for u in $_USERS do for f in $_FILES do _dir="${UHOME}/${u}" if [ -d "$_dir" ] then /bin/cp -f "${f}" "$_dir" chown $(id -un $u):$(id -gn $u) "${_dir}/${f}" fi done done |
As pointed out by our readers (see comments below), you need to add additional security check such as:
- User should be a normal user (hint: use awk -F’:’ { if ( $2 >= 500 )… )
- User must have a directory (hint: use [ -f dir ] syntax)
- User must have a valid password / account. (hint: use /etc/passwd to verify the same)
This is left as exercise for the reader.
Updated for accuracy.
- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook • 12 comments... add one ↓
40 Linux Server Hardening Security Tips [2019 edition]
Linux 25 PHP Security Best Practices For Sys Admins
Linux Rename Multiple Files At a Shell Prompt
Top 25 Nginx Web Server Best Security Practices
21 Examples To Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
The Novice Guide To Buying A Linux Laptop
30 Best Sources For Linux / *BSD / Unix Documentation On the Web
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
This will also copy files to home directory of system users (not all of them have home directories).
This will prevent that this happens.
ID=$(id -u $u)
if [ $ID -ge 1000 ] ; then
if [ -d ${UHOME}/${u} ] ; then
… do copy here….
fi
fi
Casper,
Yeah, you got a valid point there.
Appreciate your post.
marinosi@lucifer:~$ id -u nobody
65534
I’m pretty sure you don’t want to copy something to the nonexistent nobody’s homedir. 😛
Someone , could have in the system other accounts that cannot login (or don’t have a home dir etc)..One way to find the active users of a system is :
$ cat /etc/shadow | grep -v ‘[*!]’
Users who are inactive(have disabled accounts ) have a * or $ (these users cannot login) at the field where they should have the password hash.
Ilias,
The post has been updated. Thanks for sharp observation.
Instead of using cp… chown… use the install command. It does the same thing.
If you don’t have your users in /etc/passwd, but for instance in ldap, you can use `getent passwd` instead.
You also need to safely handle pre-existing files of the same name. You can use the –backup option with install or cp, but you probably want to log it and/or inform users in some way.
The users home directory isn’t necessarily in the /home directory, you should read it from the ‘directory’ field in /etc/passwd – field 6
UHOME=$(grep '^${u}' /etc/passwd | cut -d: -f6)hmm… errr…..
if you chown $_dir/${FILE} then you are trying to chown a nonexistant file,
as this expands to /home/user//nas05/.newconfig-file
chown $(id -un $u):$(id -gn $u) “$_dir/${FILE}”
Maybe if you created a new variable:
FILENAME=”.newconfig-file”
then you changed the chown line:
chown $(id -un $u):$(id -gn $u) “$_dir/${FILENAME}”
it would expand properly?
What if I want to copy into a folder? (ie: ~Desktop/) or other and that folder does not exist.
I know you can include a test to see if it exists or not, and create it if necessary.
Hi,
Thanks for this post, was helpful
For more compatibility with others OS than Linux (Solaris, HP-UX…) i get the uid / gid using old fashionned way
_uid=”$(getent passwd | grep ${u} | cut -d: -f3)”
_gid=”$(getent passwd | grep ${u} | cut -d: -f4)”
and i get the users with getent aswell as i am using an LDAP
_USERS=”$(getent passwd | awk -F’:’ ‘{ if ( $3 >= 500 ) print $1 }’)”
Some modified version for multiple files copy, it’s not perfect code but it fork
#!/bin/bash UHOME="/home" # note wild card allowed _FILES="/tmp/.bashrc /tmp/.bashrc-user" _USERS="$(awk -F':' '{ if ( $3 >= 500 && $3 <=1000 ) print $1 }' /etc/passwd)" # get list of all users for u in $_USERS do for f in $_FILES do _dir="${UHOME}/${u}" if [ -d "$_dir" ] then /bin/cp -f "${f}" "$_dir" file_name=`basename ${f}` chown $(id -un $u):$(id -gn $u) "${_dir}/${file_name}" fi done done