In this topic, we will discuss Linux user/group administrator commands.
Here are listed below the most useful commands to understand user and group management.
useradd
passwd
chage
groupadd
groupdel
usermod
groupmod
userdel
id
su — <user_name>
Before we jump into the commands, we are required to understand about /etc directories files.
/etc/passwd : Maintains user account name, group, description and password information
/etc/shadow : Holds encrypted password for the corresponding account.
/etc/group : Holds group information for each account
/etc/gshadow: Holds encrypted password for the corresponding group.
Useradd:
The useradd command in Linux is used to create a new user account. It is typically run by the system administrator or a user with root or sudo privileges.
a. useradd <user_name> : Commands won’t create home directory and will use older bash.
root@master:~# useradd user1
root@master:~# tail -1 /etc/passwd
user1:x:1004:1006::/home/user1:/bin/sh
root@master:~# ls /home/user1
ls: cannot access '/home/user1': No such file or directory
root@master:~#
root@master:~# tail -1 /etc/shadow
user1:!:19493:0:99999:7::: # ! Exclamatory denotes password not created
root@master:~# tail -1 /etc/group
user1:x:1006: # group will be created for the user
root@master:~# su - user1
su: warning: cannot change directory to /home/user1: No such file or directory
b. useradd -d -m -s “/bin/bash” <user_name>
d : Specify the home directory for the user.
-m: Create the user’s home directory.
-s: Set the login shell for the user.
root@master:~# useradd -d /home/user2 -m -s "/bin/bash" user2
root@master:~# tail -1 /etc/passwd
user2:x:1005:1007::/home/user2:/bin/bash
root@master:~# ls -lrt /home/user2
total 0
root@master:~# tail -1 /etc/shadow
user2:!:19493:0:99999:7:::
root@master:~# su - user2
user2@master:~$ pwd
/home/user2
passwd:
The passwd command in Linux is used to change a user's password. It is typically run by the system administrator or the user themselves to update their password.
root@master:~# passwd user2
New password:
Retype new password:
passwd: password updated successfully
root@master:~# tail -1 /etc/shadow
user2:$6$vbUhc7fAPfpvdCr9$r7BuJK:19493:0:99999:7::: # encrypted password
chage:
The chage command in Linux is used to change the password expiration and aging settings for user accounts.
root@master:~# chage user2
Changing the aging information for user2
Enter the new value, or press ENTER for the default
Minimum Password Age [0]: 30
Maximum Password Age [99999]: 31
Last Password Change (YYYY-MM-DD) [2023-05-16]: 2023-05-16
Password Expiration Warning [7]: 2
Password Inactive [-1]:
Account Expiration Date (YYYY-MM-DD) [-1]:
root@master:~# tail -1 /etc/shadow
user2:$6$vbUhc7fAPfpv:19493:30:31:2:::
groupadd:
The groupadd command in Linux is used to create a new group.It allows system administrators to manage user permissions and access control by organizing users into different groups.
root@master:~# groupadd devops_techies
root@master:~# tail -1 /etc/group
devops_techies:x:1008:
groupdel:
The groupdel command in Linux is used to delete a group. It allows system administrators to remove a group that is no longer needed or has become obsolete.
root@master:~# groupdel devopsuser
root@master:~# cat /etc/group | grep devopsuser
root@master:~#
usermod:
The usermod command in Linux is used to modify user account attributes. It allows system administrators to make changes to user accounts, such as modifying the user's username, home directory, login shell, group membership, and more.
root@master:~# tail -1 /etc/passwd # Existing user
dummy_user:x:1006:1009::/home/dummy_user:/bin/sh
root@master:~# usermod -l public_user -s /bin/bash -d /home/public_user dummy_user
root@master:~# tail -1 /etc/passwd
public_user:x:1006:1009::/home/public_user:/bin/bash
usermod -aG:
The correct usage is usermod -aG to add a user to additional groups. The -aG option allows you to append the user to the specified groups while preserving their existing group membership.
root@master:~# usermod -aG devops_techies user2
root@master:~# cat /etc/group | grep -i user2
devops_techies:x:1008:user2
root@master:~#
groupmod:
The groupmod command in Linux is used to modify existing group attributes. It allows system administrators to make changes to existing groups, such as modifying the group's name or GID (group ID).
root@master:~# groupmod -n devops_india devops_techies
root@master:~# cat /etc/group | grep -i user2
devops_india:x:1008:user2
userdel:
The userdel command in Linux is used to delete a user account from the system. It allows system administrators to remove user accounts that are no longer needed or have become obsolete.
root@master:~# userdel user2
root@master:~# ls -lrt /home/user2
total 0
root@master:~#
By default, the userdel command does not remove the user's home directory or mail spool. If you want to remove the user's home directory and mail spool, you can use the -r or --remove option.
root@master:~# userdel -r user_ind
root@master:~# ls -lrt /home/userind
ls: cannot access '/home/userind': No such file or directory
root@master:~#
id:
In Linux, UID (User Identifier) is a unique numerical identifier assigned to each user account. It is used by the system to uniquely identify users and determine their permissions and access levels. Here are some key points about UID in Linux:
- UID Range: The UID range for regular users typically starts from 1000 and goes up. The lower UID values, such as 0, 1, and 2, are reserved for system accounts.
user2@master:~$ id
uid=1007(user2) gid=1007(user2) groups=1007(user2)
user2@master:~$
2. Root User: The root user (superuser) has a UID of 0. The root user has full administrative privileges and can perform any system-level task.
root@master:~# id
uid=0(root) gid=0(root) groups=0(root)
root@master:~#
su — :
The command su - user is used to switch to another user account in Linux. When executed with the - option, it starts a new login session as the specified user, executing their shell and initializing their environment.
root@master:~# su - user2
user2@master:~$ pwd
/home/user2
user2@master:~$
Please provide your valuable comments over here. Thanks