# Adding root level users non-interactively



## quakerdoomer (Mar 14, 2012)

I am trying to use *pw useradd* to add a user with root privileges, in a single command. So far I have done: [cmd=] pw useradd -n tom -s /bin/sh -m -g wheel -d /home/tom[/cmd] How do I assign a password now directly as a one liner?

I tried [cmd=]echo PASSWORD | pw user mod tom -H 0[/cmd] but that doesn't hash it. I tried echo-ing a salted string but $ cannot be escaped easily :-(


----------



## SirDice (Mar 15, 2012)

This should do the trick:


```
echo "somepassword" | pw user mod tom -h -
```

Or all in one go:

```
echo "somepassword" | pw useradd -n tom -s /bin/sh -m -g wheel -d /home/tom -h -
```


----------



## mamalos (Mar 15, 2012)

...and don't forget to clean your history after this


----------



## quakerdoomer (Mar 16, 2012)

Didn't work :-(
No hash was found in the file.. also couldn't log in.


```
tom:*:1002:0::0:0:User &:/home/tom:/bin/sh
```


----------



## mamalos (Mar 16, 2012)

Yes,

*Y*ou should put a 0 as the file desciptor. Something like:


```
echo "pass" | pw user add -n tom -h 0
```

the same holds for *pw user mod* as well. In the man page it states:


```
-h fd         This option provides a special interface by which interacâ€
                   tive scripts can set an account password using pw.  Because
                   the command line and environment are fundamentally insecure
                   mechanisms by which programs can accept information, pw
                   will only allow setting of account and group passwords via
                   a file descriptor (usually a pipe between an interactive
                   script and the program).  sh, bash, ksh and perl all posâ€
                   sess mechanisms by which this can be done.  Alternatively,
                   pw will prompt for the user's password if -h 0 is given,
                   nominating stdin as the file descriptor on which to read
                   the password.  Note that this password will be read only
                   once and is intended for use by a script rather than for
                   interactive use.  If you wish to have new password confirâ€
                   mation along the lines of passwd(1), this must be impleâ€
                   mented as part of an interactive script that calls pw.

                   If a value of â€˜-â€™ is given as the argument fd, then the
                   password will be set to â€˜*â€™, rendering the account inaccesâ€
                   sible via password-based login.
```

where it explains why you got the * as password.


----------



## quakerdoomer (Mar 17, 2012)

Hmm nice, worked. I had read about the -h fd and I remember somewhere this being mentioned that the password has to be the 10th argument. Couldn't get that to work ealier. I am using [cmd=]echo "pass" | pw user add -n tom -g wheel operator -h 0[/cmd]

How do I make tom wheel as well?
-g does not take 2 arguments
-g wheel -g operator gives tom only the last rights (operator).. Any inputs?


----------



## mamalos (Mar 19, 2012)

If I remember correctly, it must be the -G option. Search the man page for additional groups (or maybe secondary groups?).


----------

