1
00:00:03,140 --> 00:00:06,980
At this point you're almost ready to tackle your first project.

2
00:00:06,980 --> 00:00:09,420
There are just a couple of items left to cover.

3
00:00:09,440 --> 00:00:14,420
That's why in this lesson you're going to learn how to get input from the person executing the script

4
00:00:14,720 --> 00:00:17,410
and how to create an account on a Linux system.

5
00:00:17,600 --> 00:00:22,430
As usual I'm going to start up a terminal on my local system go into our class folder

6
00:00:25,320 --> 00:00:32,380
from there into the project folder that we're working on and we already have created the VM so I'm just

7
00:00:32,380 --> 00:00:35,260
going to run vagrant up to bring up that virtual machine

8
00:00:40,150 --> 00:00:41,710
now will connect to it.

9
00:00:43,770 --> 00:00:52,630
And we'll move into the shared folder of slash vagrant script I'm going to call Ehle user demo of dot

10
00:00:52,650 --> 00:00:55,170
SH So I'll go ahead and start my editor

11
00:00:59,850 --> 00:01:03,860
and I will start out with the show being like we should with every script we write.

12
00:01:05,970 --> 00:01:09,390
Now I'm on a set the goal here or intention for this script.

13
00:01:21,900 --> 00:01:27,150
So as you can see on your screen the goal here is to create an account on the local system and whoever

14
00:01:27,150 --> 00:01:30,760
runs the script will be prompted for the account name and password.

15
00:01:30,960 --> 00:01:33,980
So the first thing you want to do is ask for the user's name.

16
00:01:34,040 --> 00:01:39,890
So I'm just going to create a comment here and leave that as a stub for us to go back and fill in in

17
00:01:39,890 --> 00:01:47,000
just a minute then what we want to do is ask for the real name of the person who is going to be using

18
00:01:47,000 --> 00:01:50,210
this account that is going to be created from there.

19
00:01:50,210 --> 00:01:55,130
We want to get the password.

20
00:01:55,330 --> 00:02:00,180
The next step would be to actually create the user.

21
00:02:00,340 --> 00:02:05,830
And then once we created a user we need to set a password for that user using the password that was

22
00:02:05,830 --> 00:02:06,900
collected earlier.

23
00:02:11,270 --> 00:02:22,420
And finally what we want to do is force that user to change their password the first time they log in.

24
00:02:22,470 --> 00:02:27,720
Up until this point we've been working with scripts that can execute on their own without any external

25
00:02:27,780 --> 00:02:31,920
input or interaction with the person executing the script.

26
00:02:31,920 --> 00:02:36,750
Sometimes you're going to need information from the user in order for the script to do any meaningful

27
00:02:36,750 --> 00:02:43,060
work and this specific example you're going to ask the person who's running the script to supply a user

28
00:02:43,060 --> 00:02:48,400
name and password for the account so that the script can go ahead and create that account.

29
00:02:48,420 --> 00:02:54,570
One way to get input from a user is by using the read shell builtin command which is what we're going

30
00:02:54,570 --> 00:02:56,400
to use in this script.

31
00:02:56,400 --> 00:03:02,070
Another way to get input from a user is to have them supply information on the command line as arguments

32
00:03:02,070 --> 00:03:07,280
to your script and you'll be learning about that method later on in the course.

33
00:03:07,410 --> 00:03:11,140
But for now let's look at the read built in.

34
00:03:11,170 --> 00:03:16,090
So as you already know you can use the type command to tell if a command is a shell built in or if it's

35
00:03:16,390 --> 00:03:19,570
an actual file on the file system would you type read.

36
00:03:19,570 --> 00:03:23,650
It says if you just execute read then you'll get the read shell built in.

37
00:03:23,650 --> 00:03:29,860
Again if you want to see all the options here you can do dash A and the first option which is what's

38
00:03:29,860 --> 00:03:33,290
going to happen when you type in a command is run the shell built in.

39
00:03:33,370 --> 00:03:37,240
Otherwise you can use the path to a file that's on your system and user.

40
00:03:37,240 --> 00:03:38,380
Been read.

41
00:03:38,620 --> 00:03:41,640
So what we want to look at here is the shell built in.

42
00:03:41,650 --> 00:03:46,750
So we're going to use the help built in actually to get help on the read built in.

43
00:03:46,860 --> 00:03:51,600
And I'm going to pipe this into last because I know there will be a good bit of output that probably

44
00:03:51,600 --> 00:03:52,930
comes on the screen.

45
00:03:54,010 --> 00:03:59,080
You can tell what this command does by reading the first line and description it says read a line from

46
00:03:59,080 --> 00:04:02,190
the standard input and split it into fields.

47
00:04:02,410 --> 00:04:05,590
Now let's talk about input for a moment.

48
00:04:05,590 --> 00:04:09,860
There are actually three default types of input and output.

49
00:04:09,880 --> 00:04:14,300
They are standard input standard output and standard error.

50
00:04:14,410 --> 00:04:20,800
By default standard input comes from the keyboard and standard output and standard error are displayed

51
00:04:20,800 --> 00:04:25,900
to the screen and I'm using my words here carefully I'm saying by default because you're going to learn

52
00:04:25,900 --> 00:04:30,480
here in a few minutes that standard input does not always have to come from the keyboard.

53
00:04:30,490 --> 00:04:33,610
But typically that's where standard input comes from.

54
00:04:33,610 --> 00:04:38,200
It also goes on to talk about that the line will be split into fields and so on.

55
00:04:38,200 --> 00:04:42,470
It also says that any leftover words are assigned to the last name.

56
00:04:42,550 --> 00:04:49,120
And if you look at the end here you see name and these three periods are three dots are ellipses here

57
00:04:49,450 --> 00:04:51,710
that says you can specify multiple names.

58
00:04:51,940 --> 00:04:56,620
And what happens is each one of those will assign the value to a variable.

59
00:04:56,620 --> 00:05:04,360
So if you want to assign an entire line of input to one variable just supply one name or one variable

60
00:05:04,360 --> 00:05:06,610
name here at the end of the line.

61
00:05:06,790 --> 00:05:10,050
So that's what we we're going to be using in this script.

62
00:05:10,770 --> 00:05:16,230
Also in our case we want to display some text asking the user to supply us with some standard input

63
00:05:16,230 --> 00:05:17,400
from their keyboard.

64
00:05:17,610 --> 00:05:25,650
So if we go down here and the help you'll see a dash p option and a prompt so we can use dash P followed

65
00:05:25,650 --> 00:05:32,820
by a stream which will act as a prompt came in a get out of this help here by hitting q and let's do

66
00:05:32,880 --> 00:05:34,400
an example at the prompt.

67
00:05:34,400 --> 00:05:39,000
We'll use the read built in with the dash p option which stands for prompt.

68
00:05:39,000 --> 00:05:42,420
Then we're going to specify a string that will act as that prompt.

69
00:05:45,240 --> 00:05:49,890
Here I'm going to put a space at the end of this string so that when the users start typing they're

70
00:05:49,890 --> 00:05:54,650
not typing right at the end of that colon there there's going to be a space.

71
00:05:54,660 --> 00:05:59,590
So now we want to store what they type into a variable and we'll just call this variable thing.

72
00:05:59,790 --> 00:06:01,900
Each i n g and hit enter.

73
00:06:02,160 --> 00:06:08,220
So the read and executes it displays the prompt of type something and now I'm going to provide some

74
00:06:08,220 --> 00:06:14,370
standard input using my keyboard and I'm literally going to type something and hit enter.

75
00:06:14,380 --> 00:06:18,790
Now the value that I typed in there should be stored in the variable thing.

76
00:06:18,790 --> 00:06:19,860
So let's check it out.

77
00:06:19,890 --> 00:06:20,310
Echo

78
00:06:23,550 --> 00:06:26,190
and sure enough something comes back.

79
00:06:26,280 --> 00:06:30,380
Let's do this again we'll just do the same command again and then type something else.

80
00:06:30,390 --> 00:06:32,800
I'm going to type Fred.

81
00:06:33,150 --> 00:06:35,570
So that will echo thing.

82
00:06:35,580 --> 00:06:41,880
And sure enough Fred is return because Fred is the value that stored in the variable named thing.

83
00:06:41,890 --> 00:06:44,310
So this is how you can use the read built in.

84
00:06:44,310 --> 00:06:46,100
And we're going to do this in our script

85
00:06:58,120 --> 00:07:02,860
hey we're going to take the user input that we get and assign it to the variable called user underscore

86
00:07:02,860 --> 00:07:03,760
name.

87
00:07:04,020 --> 00:07:07,610
OK we'll just use this same technique for the real name of the user.

88
00:07:18,610 --> 00:07:23,880
And we're going to assign this input to the variable of comment.

89
00:07:23,960 --> 00:07:32,720
Kate one last read statement here.

90
00:07:32,870 --> 00:07:38,690
We're going to store this standard input into the pass word variable.

91
00:07:38,930 --> 00:07:44,150
At this point in the script we have gathered all the information from the person executing the script

92
00:07:44,240 --> 00:07:46,660
in order to be able to create an account.

93
00:07:46,790 --> 00:07:52,220
So let's go back to the command line here and look at the user add command which we're going to use

94
00:07:52,220 --> 00:07:56,610
to actually create an account.

95
00:07:56,720 --> 00:08:02,240
If you look at the synopsis here on the man page for the user add command it says user add followed

96
00:08:02,240 --> 00:08:05,670
by options which are in brackets which as you know are optional.

97
00:08:05,780 --> 00:08:11,990
And then it has a log in at the end of the command so that is required because it's not in brackets.

98
00:08:11,990 --> 00:08:14,220
Let's talk about logons.

99
00:08:14,360 --> 00:08:19,250
Now the word log in and username are the same thing here in the documentation.

100
00:08:19,250 --> 00:08:24,590
Obviously they're using the term log in when I talk to you or when I'm writing scripts I'll use user

101
00:08:24,600 --> 00:08:31,460
names typically in either case log ins or user names have some rules around them.

102
00:08:31,460 --> 00:08:36,170
Now typically they are eight characters or less by convention.

103
00:08:36,170 --> 00:08:41,900
Now that's not a hard and fast rule but that's typically a convention or a practice that is followed

104
00:08:42,590 --> 00:08:46,070
by the way this is something that you could check in your script if you wanted to.

105
00:08:46,070 --> 00:08:51,590
Or you can just display a warning if the username is over 8 characters and will get the testing for

106
00:08:51,590 --> 00:08:53,360
string sizes in a future lesson.

107
00:08:53,360 --> 00:08:56,440
But that's just something to keep in the back of your mind for now.

108
00:08:56,610 --> 00:09:02,000
So you might be asking well why is there this eight character convention.

109
00:09:02,000 --> 00:09:04,280
The answer is that it's based on history.

110
00:09:04,370 --> 00:09:10,190
That used to be the maximum length back in old UNIX systems and of course Linux was modeled after a

111
00:09:10,190 --> 00:09:11,740
lot of UNIX practices.

112
00:09:11,870 --> 00:09:18,860
And so we started using 8 character usernames and a lot of commands such as P-bass and so on only display

113
00:09:18,860 --> 00:09:20,560
eight characters of username.

114
00:09:20,600 --> 00:09:26,320
So let's jump to the show create a user name that has more than 8 characters and see what happens.

115
00:09:26,690 --> 00:09:31,010
In order to add users to a system you need to use super user privileges.

116
00:09:31,010 --> 00:09:35,610
And one way we can do that is with the sudo command will do Sea-Doo user add.

117
00:09:35,660 --> 00:09:40,490
We're going to leave off all those optional options and then create a long user name.

118
00:09:40,490 --> 00:09:45,500
For example I'm going to use Doug Stamper and hit enter.

119
00:09:45,500 --> 00:09:51,610
So now we can switch to this user again if we can use root privileges we won't have to specify a password.

120
00:09:51,770 --> 00:09:53,740
So I use Su's space dash.

121
00:09:53,750 --> 00:09:56,760
Doug Stamper and hit enter.

122
00:09:56,990 --> 00:10:03,500
By the way the dash option to the su command tells you to start with an environment similar to that

123
00:10:03,500 --> 00:10:09,400
of a real log in and also you can use su Dasch L to get the same experience.

124
00:10:09,410 --> 00:10:15,490
But either way SU Dasch or su dash l will start a log in shell if you will.

125
00:10:15,800 --> 00:10:19,030
So now we're logged in here as Doug stamper user.

126
00:10:19,130 --> 00:10:21,570
We can see our prompt has changed to Doug Stamper.

127
00:10:21,680 --> 00:10:28,140
So now what I want to do is look at the process table with the command POS dash E-F to show every process.

128
00:10:28,460 --> 00:10:34,700
And then you can see here at the bottom that the two commands that are in the process table Bash and

129
00:10:34,960 --> 00:10:35,280
dash.

130
00:10:35,300 --> 00:10:40,900
Yep are by the Doug stamper username but you can only see the first eight characters.

131
00:10:40,940 --> 00:10:47,420
And when the user name is longer than that and then filled you'll see a plus sign after it.

132
00:10:47,420 --> 00:10:53,360
So again it's not something that's going to break anything if you have a nine character or a 10 character

133
00:10:53,360 --> 00:10:55,060
or 20 character username.

134
00:10:55,100 --> 00:10:59,480
It's just something to be aware of that some of these commands such as P.S. are going to give you a

135
00:10:59,480 --> 00:11:05,480
little bit different output because historically user names are limited to eight characters so that's

136
00:11:05,480 --> 00:11:10,790
just something I want to point out here just in this conversation about creating scripts to create user

137
00:11:10,790 --> 00:11:11,410
names.

138
00:11:12,030 --> 00:11:18,990
Going to exit out of Dug's shell here and get back to the vagrant user by the way user names are case

139
00:11:19,050 --> 00:11:19,990
sensitive.

140
00:11:20,190 --> 00:11:25,990
So lowercase Doug is not the same user as capital D lower case o u g.

141
00:11:26,250 --> 00:11:27,720
Again you can do that.

142
00:11:27,720 --> 00:11:32,530
You can use upper case letters but by convention they're in all lowercase.

143
00:11:32,550 --> 00:11:36,900
So it's a good practice to make sure your user names are in all lowercase.

144
00:11:36,900 --> 00:11:41,440
Another thing to know is that you can't include any special characters in your name.

145
00:11:41,550 --> 00:11:47,910
However you can use numbers for example if you're creating accounts using last names and you have several

146
00:11:47,910 --> 00:11:50,620
people at your company that have the last name of Smith.

147
00:11:50,730 --> 00:11:56,660
Then you could do Smith one Smith to Smith 99 and so on and those are all valid usernames.

148
00:11:56,940 --> 00:12:00,830
Let's get back to the man page and I want to point out one more thing to you here.

149
00:12:02,420 --> 00:12:08,270
There's an option to the user add command which is dashi that allows for a comment and that comment

150
00:12:08,270 --> 00:12:09,800
can be any string.

151
00:12:09,810 --> 00:12:12,820
Now generally it's a short description of the log in.

152
00:12:12,980 --> 00:12:15,990
And historically it's been used for a person's name.

153
00:12:16,010 --> 00:12:22,100
So if we make Smith one account and it's for Jane Smith then we put Jane Smith in the comments so we

154
00:12:22,100 --> 00:12:29,480
know what person is associated with that account if the account is not for a person then you can put

155
00:12:29,480 --> 00:12:33,110
in the application that's going to use the account for example.

156
00:12:33,290 --> 00:12:39,440
Another thing I've seen done is when the account gets created you put the name of the user in the comment

157
00:12:39,440 --> 00:12:44,620
field along with the help desk ticket number and that can help for auditing purposes.

158
00:12:44,930 --> 00:12:49,730
For example when you create Jane's account and it has helped us ticket one to three you can go back

159
00:12:49,730 --> 00:12:54,470
and look at helpdesk ticket one two three and said Oh if Jason was a linux administrator that created

160
00:12:54,470 --> 00:12:59,450
that account and then you can see our Jain's manager approved that account and then you can see who

161
00:12:59,450 --> 00:13:02,090
initiated that request from the helpdesk.

162
00:13:02,090 --> 00:13:07,890
So you have full accountability and a full chain of what happened and where that account came from.

163
00:13:08,180 --> 00:13:12,170
OK I know I said there was only one more thing I wanted to show you but it turns out there was another

164
00:13:12,170 --> 00:13:14,390
thing I wanted to show you here and I just thought of it.

165
00:13:14,390 --> 00:13:17,990
It's a dash him option or dash dash create dash home.

166
00:13:18,020 --> 00:13:23,820
By the way when you see that and the man page two options here one a short form dash and another along

167
00:13:23,960 --> 00:13:25,850
form dash dash create dash home.

168
00:13:25,910 --> 00:13:31,490
They both do the same thing and you only need to specify one or the other for speed a lot of times people

169
00:13:31,490 --> 00:13:37,490
use the shorthand name if you want to be super clear you can use long form name the dash dash but we're

170
00:13:37,490 --> 00:13:43,460
just going to stick to dash em here when we use this to create or counts the dash him option here as

171
00:13:43,460 --> 00:13:47,220
it says creates the user's home directory if it does not exist.

172
00:13:47,270 --> 00:13:51,710
It also goes on to say that the files and directories contained in the skeleton directory will be copied

173
00:13:51,710 --> 00:13:52,990
into the home directory.

174
00:13:53,150 --> 00:13:56,290
Traditionally that's ETSI skel S K E L.

175
00:13:56,570 --> 00:14:02,150
But also here it says you can override that default with the dash k option continuing on.

176
00:14:02,150 --> 00:14:07,640
It says By default if this option is not specified and create underscore home it's not enabled.

177
00:14:07,640 --> 00:14:10,250
No home directories are created.

178
00:14:10,250 --> 00:14:14,270
So where is it getting this create underscore home information from.

179
00:14:14,450 --> 00:14:18,490
Well if you look into the configuration section of the man page you're going to find out.

180
00:14:18,490 --> 00:14:21,770
Let's see that now you afford Ford slash for a forward search.

181
00:14:23,260 --> 00:14:25,080
Type in what I'm looking for and hit enter.

182
00:14:25,240 --> 00:14:30,160
And here we are at that section of the man page it says the following configuration variables and the

183
00:14:30,160 --> 00:14:36,700
log index change the behavior of this tool and so that is the Create underscore home variable that we

184
00:14:36,700 --> 00:14:39,470
were talking about with the dash m option.

185
00:14:39,530 --> 00:14:44,870
So actually let's get you to get out of the man page and actually look at that file cat and see log

186
00:14:44,870 --> 00:14:46,940
in deaths and hit enter.

187
00:14:47,210 --> 00:14:51,760
And as you can see they're three quarters away up the top of your screen create underscore.

188
00:14:51,770 --> 00:14:53,660
Home is set to Yes.

189
00:14:53,660 --> 00:15:00,500
So if we were to not specify the dash m option the home directory would get created because that is

190
00:15:00,500 --> 00:15:02,130
the default behavior.

191
00:15:02,480 --> 00:15:06,380
Something just to keep in mind and consider when you're writing shell scripts is that these default

192
00:15:06,380 --> 00:15:09,230
configurations may vary among different systems.

193
00:15:09,230 --> 00:15:15,080
So if you want to ensure for example a user home directory gets created then use the dash in Flag and

194
00:15:15,080 --> 00:15:18,400
then you don't have to depend on this external configuration file.

195
00:15:18,710 --> 00:15:22,880
If you're in a controlled environment where you're sure all the ETSI log in desk files are the same

196
00:15:23,180 --> 00:15:26,210
then you can optionally leave that off.

197
00:15:26,360 --> 00:15:31,040
But if you want to be safe and force the creation of the home directory use the dash him flag and that's

198
00:15:31,040 --> 00:15:32,010
what I recommend.

199
00:15:32,270 --> 00:15:37,340
OK let's get back to our script and use what we learned about these or add command to actually create

200
00:15:37,340 --> 00:15:37,760
a user

201
00:15:42,810 --> 00:15:46,510
so we'll use user add dash see for a comment

202
00:15:50,800 --> 00:15:57,420
dash them to force the creation of a home directory and then give it the user name or log in as it says.

203
00:15:57,430 --> 00:16:05,290
And the man page by the way you may have noticed that I put the comment variable in quotes.

204
00:16:05,290 --> 00:16:11,350
The reason I did that is because this common variable may contain spaces when we prompt them to enter

205
00:16:11,350 --> 00:16:13,470
the name of the person that the account asked for.

206
00:16:13,570 --> 00:16:16,580
Typically people have first and last names if not more names.

207
00:16:16,690 --> 00:16:23,620
So someone will type in Jane space Smith and that will be the information that is stored in that one

208
00:16:23,620 --> 00:16:24,820
comment variable.

209
00:16:24,820 --> 00:16:26,720
But again there's a space.

210
00:16:26,800 --> 00:16:32,170
Now it's important to point out here by putting something in quotes it gets treated as a single argument

211
00:16:32,200 --> 00:16:36,400
or a single item and not separate arguments or separate items.

212
00:16:36,790 --> 00:16:42,270
OK the next thing we need to do is set the password for the user and the command for that is P-A SSW

213
00:16:42,270 --> 00:16:43,410
D.

214
00:16:43,450 --> 00:16:47,130
Now let's get to the shell here and get some information about this command.

215
00:16:47,790 --> 00:16:55,530
By default the password command spelled ph ss d will prompt you to enter a new password for your account

216
00:16:55,920 --> 00:16:58,400
to change your password for another account.

217
00:16:58,470 --> 00:17:03,630
You have to specify that account of course only route can change other people's passwords.

218
00:17:03,630 --> 00:17:10,230
So let's just try the command out here on the command line for our current user type SPSS W.D..

219
00:17:10,410 --> 00:17:12,880
And it prompts us for our current password.

220
00:17:12,990 --> 00:17:17,880
And then if we were to complete this process then we could enter in a new password and our password

221
00:17:17,880 --> 00:17:18,510
would be change.

222
00:17:18,510 --> 00:17:24,600
I'm just going to hit enter here and let it fail so we need to come up with some sort of method to get

223
00:17:24,600 --> 00:17:29,910
around this interactive prompt So let's dig into the main page and see if there is a way to supply the

224
00:17:29,910 --> 00:17:35,410
password non interactively or in some programmatically or automated fashion.

225
00:17:35,580 --> 00:17:37,520
So many W.D..

226
00:17:37,680 --> 00:17:40,970
Now I'm gonna scroll down here dash K for keep.

227
00:17:40,980 --> 00:17:41,850
I don't think we need that.

228
00:17:41,850 --> 00:17:46,120
We're not looking to lock an account which is dash dash dash lock.

229
00:17:46,140 --> 00:17:54,210
Here we go dash dash s t i n this option is used to indicate that P-8s WD should read the new password

230
00:17:54,210 --> 00:17:56,940
from standard input which can be a pipe.

231
00:17:57,000 --> 00:18:00,870
So remember earlier that I said by default standard input comes from a keyboard.

232
00:18:00,890 --> 00:18:07,080
Well standard input can also come from another command when it's used in what's called a pipeline.

233
00:18:07,260 --> 00:18:13,480
When you use a pipe symbol on a command line it means take the standard output from the preceding command.

234
00:18:13,530 --> 00:18:19,680
The command goes before the pipe and pass it as the standard input to the following command or the command

235
00:18:19,680 --> 00:18:21,090
that comes after the pipe.

236
00:18:21,360 --> 00:18:26,430
If the first command displays error messages those will not be passed to the second command.

237
00:18:26,430 --> 00:18:30,120
Those error messages are called standard error output.

238
00:18:30,150 --> 00:18:33,710
You'll learn how to control standard air output later in the course.

239
00:18:34,540 --> 00:18:37,050
So we'll use this dash dash SDD.

240
00:18:37,090 --> 00:18:39,670
An option to set the password.

241
00:18:39,670 --> 00:18:44,780
We also want to force the user to change their password the first time they log in to do that.

242
00:18:44,800 --> 00:18:50,200
We'll use the dash easy option as you can read the description here it says this is a quick way to expire

243
00:18:50,200 --> 00:18:51,640
a password for an account.

244
00:18:51,790 --> 00:18:56,950
The user will be forced to change the password during the next log in a template which is exactly what

245
00:18:56,950 --> 00:18:58,160
we want to do.

246
00:18:58,580 --> 00:19:02,770
OK let's get you to get out of the man page and let's get back to editing our file.

247
00:19:05,020 --> 00:19:08,080
You already know how to use echo to create output.

248
00:19:08,080 --> 00:19:14,410
So we'll use echo to output the provided password and then use that output as standard input to the

249
00:19:14,540 --> 00:19:16,250
P.A. the command.

250
00:19:16,390 --> 00:19:24,730
So echo the password used a pipe which again takes the output of the preceding Command which has echo

251
00:19:24,820 --> 00:19:30,150
takes that output and makes it the standard input for the following command which is a SSW D.

252
00:19:30,270 --> 00:19:36,520
And as we learn by reading the man page we can use the dash dash SDD in option to take standard input

253
00:19:36,580 --> 00:19:38,000
ask the password.

254
00:19:38,050 --> 00:19:46,040
And so now all we have to do is tell the password command what user that this password belongs to.

255
00:19:46,050 --> 00:19:51,150
Finally we need to force the user to change their password at Force log in again as we learned in the

256
00:19:51,390 --> 00:19:57,080
man page we can use the dash e option so a P S S W D E for expire.

257
00:19:57,270 --> 00:19:59,870
User name and then we're good to go.

258
00:20:00,660 --> 00:20:05,910
OK let's exit Oliver shellscript here see if our changes and let's try it out see if it works.

259
00:20:06,150 --> 00:20:09,060
Because this is the first time I'm going to be executing this script.

260
00:20:09,090 --> 00:20:11,700
I need to make sure it has the execute bit set on it.

261
00:20:11,700 --> 00:20:18,180
So I'm going to use the chmod command chmod we can use plus X for example l user Dymo for that SH That

262
00:20:18,180 --> 00:20:18,830
will work.

263
00:20:18,840 --> 00:20:22,990
You can also use the numeric notation of chmod 755.

264
00:20:23,190 --> 00:20:28,380
I'll just use this for variety to show you another way to use the chmod command because we're adding

265
00:20:28,380 --> 00:20:29,310
a user with this script.

266
00:20:29,310 --> 00:20:31,840
We need to run this script with root privileges.

267
00:20:31,920 --> 00:20:36,630
So will you say to all user demo for S.H. and hit enter.

268
00:20:36,630 --> 00:20:41,990
We've been talking about this person named Jane Smith So let's give her an account we'll call it J.

269
00:20:42,000 --> 00:20:47,430
Smith and hit enter the name of the person is Jane Smith and enter.

270
00:20:47,750 --> 00:20:50,540
And the password for the account will use J.

271
00:20:50,570 --> 00:20:51,340
Smith.

272
00:20:51,510 --> 00:20:52,800
One two three.

273
00:20:52,810 --> 00:20:54,280
Now that's not very secure.

274
00:20:54,330 --> 00:20:55,860
But we're going to go with it for now.

275
00:20:56,950 --> 00:21:02,920
The output you see on your screen is from the p SS Dev D command which says changing the password for

276
00:21:02,920 --> 00:21:07,530
user J Smith and then also expiring the password for J Smith.

277
00:21:07,540 --> 00:21:15,880
Now let's switch to the user and use their passwords or do you space dash to act as a log in shell and

278
00:21:15,880 --> 00:21:17,080
then the username J.

279
00:21:17,170 --> 00:21:23,200
Smith and this should prompt for a password because we're not using root privileges or Sea-Doo because

280
00:21:23,260 --> 00:21:26,000
you can do anything they can switch to any account without a password.

281
00:21:26,140 --> 00:21:31,510
But since this is the normal vagrant user that it's going to ask for the account password of this J

282
00:21:31,510 --> 00:21:35,620
Smith account because it doesn't know or doesn't trust this vagrant user.

283
00:21:36,030 --> 00:21:37,500
Hey let's see if our password works.

284
00:21:37,500 --> 00:21:39,430
JAY SMITH One two three.

285
00:21:39,430 --> 00:21:44,980
Hit enter and sure enough we get prompted to change your password so let's change it.

286
00:21:44,980 --> 00:21:45,890
From J.

287
00:21:45,910 --> 00:21:47,140
Smith One two three.

288
00:21:47,140 --> 00:21:49,600
There's something more interesting.

289
00:21:51,860 --> 00:21:54,130
OK obviously I chose a poor password.

290
00:21:54,130 --> 00:21:56,440
Let me try something that is more secure.

291
00:22:04,690 --> 00:22:08,920
OK I've changed my account the first time I've logged in so now the person that created account won't

292
00:22:08,920 --> 00:22:10,930
know their new password.

293
00:22:10,930 --> 00:22:14,860
The password that they're actually using going forward is you can look at the Promp.

294
00:22:14,950 --> 00:22:18,090
We have successfully changed to this account.

295
00:22:18,520 --> 00:22:23,690
Just type exit to log out of the J Smith account and get back to our vagrant account.

296
00:22:24,160 --> 00:22:28,600
Let's quickly recap some of the things we talked about during this lesson.

297
00:22:28,600 --> 00:22:34,270
First off you learned about the read shell built in command which reads one line of standard input and

298
00:22:34,270 --> 00:22:36,100
stores it into a variable.

299
00:22:36,160 --> 00:22:41,860
From there we looked at the user add command and you learned that the Dessie option allows you to specify

300
00:22:41,860 --> 00:22:44,320
a comment for the account you're creating.

301
00:22:44,320 --> 00:22:49,900
Typically this comment will be the user's real name or other relevant information about the account.

302
00:22:49,930 --> 00:22:55,980
You also learned that the dash m option forces the creation of a home directory when creating an account.

303
00:22:56,110 --> 00:23:01,660
Next you learned how to program magically supply a password to the password command by piping the output

304
00:23:01,660 --> 00:23:06,840
of echo into the password command using the dash dash as t in option.

305
00:23:07,210 --> 00:23:12,670
Finally you learn how to force a password reset for an account by using password with the dash option

306
00:23:12,880 --> 00:23:15,290
followed by a username.

307
00:23:15,370 --> 00:23:20,170
At this point you've learnt all the concepts and techniques you'll need to create a script that adds

308
00:23:20,200 --> 00:23:21,820
users to a Linux system.

309
00:23:21,820 --> 00:23:23,690
Next up you get to write that script.