programmatically clone /etc/skel for new users
Solution 1
Note that useradd
command allows you to specify a custom SKEL directory using the -k
option. You may create a /etc/skel-for-group-A directory without the not-for-a.txt
, and then add new users with their default group as A, and specify their SKEL directory using the command:
useradd username -g groupA -k /etc/skel-for-group-A -m
Refer: http://manpages.ubuntu.com/manpages/trusty/man8/useradd.8.html
Solution 2
-
Create additional
skel
directories.sudo mkdir /etc/skel{A,B}
-
Copy the contents of
/etc/skel
to/etc/skelA
.sudo cp /etc/skel/* /etc/skelA/
Customize the alternative skel directory contents.
-
adduser
without a homedir, but with otherwise normal settings. Replace the ellipsis with the appropriate settings.sudo adduser --no-create-home ... bob
-
mkhomedir_helper
to create users homedir based on alternative skel dir.sudo mkhomedir_helper bob /etc/skelA
#!/bin/bash
### a bare bones dumb script to create a user with a homedir based on an alternitive skeldir
adduseropt="--no-create-home --ingroup"
# assumes $1 will be user TODO add sanity check
# Assumes $2 will be alternitive skeldir TODO add sanity check
# assumes $3 will be a group TODO add sanity check
sudo adduser --no-create-home $adduseropt $3 $1
sudo mkhomedir_helper $1 $2
Solution 3
The adduser
command can run a site-specific script to do any setup like removing files. As long as it is acceptable to start with a full copy and then delete some files afterwards, then this approach could work for you.
From the adduser(8) man page:
If the file
/usr/local/sbin/adduser.local
exists, it will be executed after the user account has been set up in order to do any local setup. The arguments passed toadduser.local
are:username uid gid home-directory
So all you need to do is write a script that takes four parameters and use it remove any files you need. Save it as /usr/local/sbin/adduser.local
and make sure it's marked executable (chmod a+x
).
Here's something to get you started:
#!/bin/bash
## Site-specific setup for newly-created users.
## adduser(8) will call this script after setting up a new user.
set -euo pipefail
if [[ "$#" != 4 ]]; then
echo "usage: $0 username uid gid home" > /dev/stderr
fi
NEW_USERNAME="${1:?}"
NEW_UID="${2:?}"
NEW_GID="${3:?}"
NEW_HOME="${4:?}"
# The groups command outputs a space-separated list of group names
IFS=' '
for group in $(groups "${NEW_USERNAME}"); do
case "${group}" in
a)
[[ "${VERBOSE}" > 0 ]] && echo Removing file for a
rm "${NEW_HOME}/not_for_a.txt"
;;
b)
[[ "${VERBOSE}" > 0 ]] && echo Removing dir for b
rm -r "${NEW_HOME}/not_for_b/"
;;
*)
[[ "${VERBOSE}" > 1 ]] && echo No special setup required for $group
;;
esac
done
The interesting part, which you'll want to edit, are the lines that look like this one:
a)
[[ "${VERBOSE}" > 0 ]] && echo Removing file for a
rm "${NEW_HOME}/not_for_a.txt"
;;
You can fill in the actual group name and behaviour you'd like to see instead of a)
and rm not_for_a.txt
.
Solution 4
adduser
does support a limited way to exclude files from the skeleton directory. From man adduser.conf
:
SKEL_IGNORE_REGEX
Files in /etc/skel/ are checked against this regex, and not
copied to the newly created home directory if they match. This
is by default set to the regular expression matching files left
over from unmerged config files (dpkg-(old|new|dist)).
While you can't set this regex from the command line, you can set the config file used using the --conf
option. So you can create additional copies of /etc/adduser.conf
that only differ on the SKEL_IGNORE_REGEX
, and use those:
(grep -v '^SKEL_IGNORE_REGEX' /etc/adduser.conf; printf "%s\n" 'SKEL_IGNORE_REGEX="not_for_a.txt"') > /etc/adduser_A.txt
sudo adduser --conf /etc/adduser_A.txt ...
Related videos on Youtube
Nam Nguyen
Updated on September 18, 2022Comments
-
Nam Nguyen over 1 year
/etc/skel
is a folder that will be cloned for new users. Is there a possible way that we can define rules what to copy from/etc/skel
folder?For example, I'm looking for a way that if a user is created and belongs to group named
A
, clone/etc/skel
folder except/etc/skel/not_for_a.txt
. Possible? -
J. Starnes over 6 years
useradd
is discouraged for debian based systems in the man page on my 16.04 system. If the reason for this caution has changed could you add it to your answer. Also on 16.04useradd
andadduser
are different programs with different options, perhaps you could edit your answer for clarity. -
Mukesh Sai Kumar over 6 years@J.Starnes To specify custom SKEL directory is not possible in
adduser
command, so we useuseradd
. It is not entirely discouraged: "useradd
is a low level utility for adding users. On Debian, administrators should usually useadduser
instead." It is OK to use this command under unusual circumstances like this.