How to script homectl (from system-homed)?

I’ve checked out homectl for creating and managing users and it seems to be a nice way of doing it.

However, for it to be a replacement for useradd, usermod and passwd it needs to be scriptable for me.

But I have found no way to create a user with homectl create <user>, without needing to create a password for that user, so I can later create/update the users password with homectl passwd <user>.

So has anyone found a way to “script” creation of users and setup of password with homectl?
I mean running a script where password and username is a variable, that gets put into the commands, so the script does not require user input.

homectl man page:

What about --enforce-password-policy=BOOL ?
And also then homectl passwd USER

So homectl create <user> --enforce-password-policy=false would make it not ask to set the password?

Oops I meant --password-change-now=BOOL
Takes a boolean argument. If true the user is asked to change their password on next login.

Yeah, change their password. But doesn’t that mean you still create a password, but the user just changes it on his next login?

What happens if you give an empty password?

I can’t give anything, if I want to script it. It should be interactive.

The way homectl create <user> works is that it will prompt you to enter a password when you run that command. Just like the regular passwd command would.

In my script, where I use passwd now, I work around it by doing:

passwd  < password.txt

where password.txt contains the password twice. I wonder if homectl would accept the same.

So something like:

homectl create <user> < password.txt

Will have to test this when I have time

:information_source: Keep in mind that i never used homectl and the like.

Accoarding to homectl(1):

Home directories managed by systemd-homed.service are usually in one of two states, or in a transition state between them: when " active " they are unlocked and mounted, and thus accessible to the system and its programs; when " inactive " they are not mounted and thus not accessible. Activation happens automatically at login of the user and usually can only complete after a password (or other authentication token) has been supplied.

The underlined bold part indicates that password-less user accounts are not supported, eg. you always need a password set.

The nice thing about *nix is that you can redirect the stdin/stdout of most commands, so feeding the required info from a file or pipe should work IMHO.

I finally got around to trying this today.

Sad to report it did not work.