May 21, 20251 yr I'm looking at creating my own RBAC script to initiate users, groups and apply acls at boot time on each startup.The issue is that I can't find a way to add users via command line that has them show up in the webGUIadding a user via useradd results in them showing in /etc/passwd but not in the webgui and not in /boot/passwde.g.useradd -m -g users -G downloads,software testuser2Does anyone know of a way to programatically add a user with a specified UID, GID and also have it show up in the webGUI too?Then it would be easier/closer to having a script that would be a rudimentary RBAC that could initialise and run on each startup without user intervention.I've gotten most of it working but I'm just missing the automation of user creation.Any insight, would be appreciated :)
May 21, 20251 yr you need to install the ssh config plugin then run these comands otherwise the user home adn accounts won't sruive a reboot..uses should aslo be made inteh user tab of the unraid web ui terminal to assinge permission...otheriwse a user script at first array start...
March 22Mar 22 Author Attempting to Create Unraid Users Programmatically (CLI)I'm trying to automate user creation on Unraid without using the web GUI. Here's what I've tested and observed so far.Environment- Unraid 7.2.2, Slackware 15.0+, x86_64What Works: System-Level User CreationStandard Linux commands create a user that works for system access and SMB:# Create system useruseradd -u 1050 -g 100 -d / -s /bin/false newuser# Persist to boot config (survives reboot)grep "^newuser:" /etc/passwd >> /boot/config/passwd# Add shadow entryecho "newuser:x:$(( $(date +%s) / 86400 ))::::::" >> /boot/config/shadow# (Optional) Set SMB passwordecho -e "password\npassword" | smbpasswd -a newuserAfter running this, id newuser works, usermod -aG works, SMB authentication works. The user is fully functional at the system level.However, the user does not appear in the Unraid web GUI until the next reboot.After a reboot, the user does appear in the GUI. So whatever populates the GUI user list reads /boot/config/passwd at boot time.What the GUI Does When Creating a User (Observed via syslog)I monitored /var/log/syslog while creating a user called testgui through the web GUI. These entries appeared:emhttpd: shcmd (137): useradd -g users -d / -s /bin/false -c '' 'testgui'useradd: new user: name=testgui, UID=2003, GID=100, home=/, shell=/bin/falsechpasswd: password changed for testguiemhttpd: Restarting services...emhttpd: shcmd (145): /etc/rc.d/rc.samba reloademhttpd: shcmd (148): exportfs -raemhttpd: shcmd (150): /etc/rc.d/rc.avahidaemon reloademhttpd: shcmd (155): cp /etc/passwd /etc/shadow /var/lib/samba/private/smbpasswd /boot/configObservations:- emhttpd calls useradd without specifying a UID (auto-assigned)- It uses chpasswd to set the password- It reloads samba, NFS exports, and avahi- It copies /etc/passwd, /etc/shadow, and smbpasswd FROM /etc/ TO /boot/config/File Monitoring (inotifywait)I ran inotifywait on /boot/config/passwd, /boot/config/shadow, /boot/config/smbpasswd, and /var/local/emhttp/users.ini while creating a userthrough the GUI.The write events observed were:/boot/config/passwd MODIFY/boot/config/shadow MODIFY/boot/config/smbpasswd MODIFY/var/local/emhttp/users.ini DELETE_SELFThe users.ini file received a DELETE_SELF event — it appears to be deleted and recreated rather than appended to.What I Tried That Doesn't Work1. emcmd (Unraid's CLI tool)/usr/local/sbin/emcmd "cmdUserEdit=Add&userName=newuser&userPassword=$(echo -n 'pass' | base64)&userPasswordConf=$(echo -n 'pass' | base64)"emcmd is a PHP script at /usr/local/emhttp/plugins/dynamix/scripts/emcmd that uses curl_socket to post to /var/run/emhttpd.socket at the pathhttp://localhost/update.The call blocks indefinitely. No useradd entry appears in syslog even after waiting 30+ seconds. I tried:- Backgrounding with nohup and &- Running via at job scheduler (fully detached)- Killing the process after various timeouts (5s, 10s, 15s, 30s)- Using /update.htm as the path instead of /update- Writing a custom PHP script using curl_socket directlyNone of these produced a user. No emhttpd: shcmd: useradd entry ever appeared in syslog from any CLI-initiated attempt.Interestingly, emcmd DOES work for deleting users that were created through the GUI:/usr/local/sbin/emcmd "cmdUserEdit=Delete&userName=testgui"This also blocks, but the user IS deleted (confirmed via id and syslog showing userdel).2. Direct socket writesTried posting directly to the emhttpd socket using PHP stream_socket_client, curl with CURLOPT_UNIX_SOCKET_PATH, and bash. Responses were eitherHTTP 500, 0 bytes received (timeout), or the connection hung.3. curl via nginx with session cookiecurl -sk -c cookies.txt -X POST https://nas.local/login -d 'username=root&password=xxx' -Lcurl -sk -b cookies.txt -X POST https://nas.local/update.htm -d 'cmdUserEdit=Add&...'Returns 502 Bad Gateway — nginx times out waiting for a response.4. Appending to users.iniI appended a properly formatted entry to /var/local/emhttp/users.ini. The entry was present in the file (confirmed with grep), but the user didnot appear in the GUI. Refreshing the page, clearing cache, etc. had no effect. The user only appeared after a reboot.5. GraphQL APIThe GraphQL endpoint at /graphql is active on Unraid 7.2.2, but user management mutations don't exist. Tested addUser, createUser, setUser,updateUser — all return "Cannot query field on type Mutation."Questions1. Is there a supported way to create users from the command line that the GUI will recognize without a reboot?2. Is there a command or signal to refresh the GUI's user list from /boot/config/passwd?3. Why does emcmd cmdUserEdit=Delete work but cmdUserEdit=Add appears not to?4. Are there plans to add user management to the GraphQL API?Current WorkaroundUsing useradd + config file writes. The user is fully functional for system and SMB access immediately. GUI visibility requires a reboot.Functional but not ideal for automation.SummaryMethodUser Created?In GUI?Deletable from GUI?GUI (Add User)YesYesYesuseradd + config filesYesAfter reboot onlyNot testedemcmd cmdUserEdit=AddNo (hangs)N/AN/ADirect socket writeNoN/AN/Acurl via nginxNo (502)N/AN/AAppend to users.iniN/ANoN/AGraphQL APINo (no mutation)N/AN/A Edited March 22Mar 22 by longy
March 22Mar 22 but write data to ram os sytem doen't surive a reboot.again the ssh plugin and web ui... as this makes and writes the created users to survive a reboot.https://github.com/docgyver/unraid-v6-plugins/blob/master/ssh.plglearn from it if you want cli and how unraid needs to handle the shadows and tdb user database...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.