I came across the script "newuser" at
http://chip.cuccio.us/projects/hacks/, and was considering porting it to my environment.
Question - does anyone forsee a problem with setting this script setuid root, and making it executable only by members of the group "new" (which will be only one - user "new") and setting it as user "new"'s login shell?
What I'm trying to accomplish is for someone to be able to log in to my system as user "new" and basically create their own account. Once the script is finished they will then be logged out and can then log in with their new account.
As a side note - considering extending it to not allow the user to select a password during this step, but instead use apg to geterate a random password, and require the user to enter a valid email address (which this random password would be sent to). Upon new user creation the password would be expired so as soon as they log in with this random password they will be required to set their own.
Thoughts?