I’ve checked out homectl for creating and managing users and it seems to be a nice way of doing it.
However, for it to be a replacement for
passwd it needs to be scriptable for me.
But I have found no way to create a user with
homectl create <user>, without needing to create a password for that user, so I can later create/update the users password with
homectl passwd <user>.
So has anyone found a way to “script” creation of users and setup of password with homectl?
I mean running a script where password and username is a variable, that gets put into the commands, so the script does not require user input.
homectl man page:
And also then
homectl passwd USER
homectl create <user> --enforce-password-policy=false would make it not ask to set the password?
Oops I meant
Takes a boolean argument. If true the user is asked to change their password on next login.
Yeah, change their password. But doesn’t that mean you still create a password, but the user just changes it on his next login?
What happens if you give an empty password?
I can’t give anything, if I want to script it. It should be interactive.
homectl create <user> works is that it will prompt you to enter a password when you run that command. Just like the regular
passwd command would.
In my script, where I use passwd now, I work around it by doing:
passwd < password.txt
where password.txt contains the password twice. I wonder if homectl would accept the same.
So something like:
homectl create <user> < password.txt
Will have to test this when I have time
Keep in mind that i never used
homectl and the like.
Home directories managed by
systemd-homed.service are usually in one of two states, or in a transition state between them: when "
active " they are unlocked and mounted, and thus accessible to the system and its programs; when "
inactive " they are not mounted and thus not accessible. Activation happens automatically at login of the user and usually can only complete after a password (or other authentication token) has been supplied.
The underlined bold part indicates that password-less user accounts are not supported, eg. you always need a password set.
The nice thing about *nix is that you can redirect the stdin/stdout of most commands, so feeding the required info from a file or pipe should work IMHO.
I finally got around to trying this today.
Sad to report it did not work.