🇺🇸 English • 🇧🇷 Leia em Português
Automate user, group, and directory provisioning on Linux systems with Infrastructure as Code principles
This project was developed as part of the first challenge of DIO's Linux Fundamentals Training, applying Infrastructure as Code (IaC) concepts to completely automate user infrastructure creation in Linux environments.
Create a script that automatically provisions the entire organizational structure of a technology company, including users, permission groups, and departmental directories, ensuring any new virtual machine is ready for use after execution.
The script simulates the real structure of a technology company, creating realistic departments and users:
| 🏗️ Department | 👥 Group | 📁 Directory | 👤 Users |
|---|---|---|---|
| Development | GRP_DEV |
/desenvolvimento |
ana.silva, carlos.pereira, maria.santos |
| Operations | GRP_OPS |
/operacoes |
joao.oliveira, roberto.costa, paula.ferreira |
| Security | GRP_SEC |
/seguranca |
marcos.almeida, lucia.rodrigues, pedro.martins |
| Public | everyone | /publico |
shared access |
- ✅ Group Creation → Professional departmental groups
- ✅ Directory Creation → Organizational folder structure
- ✅ User Creation → Realistic accounts (firstname.lastname)
- ✅ Permission Configuration → Group-based security
- 🔐 Encrypted Passwords → SHA-512 hash for all accounts
- 🚫 Departmental Isolation → Group-restricted access (770)
- 🌐 Shared Area → Public directory with full access (777)
- 🔄 Idempotency → Can be executed multiple times safely
- 📄 Configuration File →
config.txtfor easy customization - 🔧 Reusability → Adapt for different organizations without code changes
- 📝 Simple Maintenance → Modifications only in configuration file
- Operating System: Linux (Ubuntu, Debian, CentOS, etc.)
- Privileges: Root/sudo access
- Dependencies:
bash,openssl(usually pre-installed)
-
Clone the repository:
git clone https://github.com/th-hoffmann/linux-user-provisioning.git cd linux-user-provisioning -
Make the script executable:
chmod +x linux-user-provisioning.sh
-
Run the script:
sudo ./linux-user-provisioning.sh
-
Verify the results:
# List created groups getent group | grep GRP_ # List created users getent passwd | grep -E "(ana|carlos|maria|joao|roberto|paula|marcos|lucia|pedro)" # Check directories and permissions ls -la / | grep -E "(publico|desenvolvimento|operacoes|seguranca)"
linux-user-provisioning/
├── 🚀 linux-user-provisioning.sh # Main script
├── ⚙️ config.txt # Configuration file
├── 📖 README.md # Documentation (English)
└── 📖 README_pt-br.md # Documentation (Portuguese)
Edit the config.txt file to customize:
# Customization example
DIRETORIOS="/publico /sales /marketing /it"
GRUPOS="GRP_SALES GRP_MKT GRP_IT"
USUARIOS_SALES="jane.doe john.smith anna.johnson"
SENHA="MyCompany2025!"The script is idempotent - can be executed multiple times:
- ✅ Existing elements are ignored
- ✅ Only new elements are created
- ✅ No conflicts or errors
- Strong Passwords: Robust password policy with special characters
- Encryption: SHA-512 hash for secure storage
- Principle of Least Privilege: Department-restricted access
- Separation of Duties: Isolated groups with specific permissions
🚨 Warning: This script is for development/test environments. For production, consider:
- Integration with corporate authentication systems (LDAP/AD)
- More stringent password policies
- Detailed auditing and logging
- Automated backup before execution
- Automation → Elimination of manual processes
- Consistency → Same configuration in any environment
- Version Control → Change management via Git
- Reproducibility → Identical results across executions
- User Management →
useradd,groupadd - Permission Control →
chmod,chown - Shell Scripting → Bash automation
- System Management → Programmatic configuration
Contributions are welcome! Feel free to:
- 🐛 Report bugs
- 💡 Suggest improvements
- 🔧 Submit pull requests
- 📖 Improve documentation
This project is licensed under the MIT License. See the LICENSE file for details.
Developed by th-hoffmann as part of DIO's Linux Fundamentals Training.