Linux System Administration: Managing Users and Groups

4
60646

This is an article that takes the reader back to the basics of Linux. It covers the various aspects of users and groups in Linux, like adding or removing them, giving them passwords, etc—all from a systems administrator’s point of view.

Linux is a multi-user operating system, which means that more than one user can use Linux at the same time. Linux provides a beautiful mechanism to manage users in a system. One of the most important roles of a system administrator is to manage the users and groups in a system. All the commands used in this article are explained using the CentOS Linux distro.

Linux user
A user or account of a system is uniquely identified by a numerical number called the UID (unique identification number). There are two types of users – the root or super user and normal users. A root or super user can access all the files, while the normal user has limited access to files. A super user can add, delete and modify a user account. The full account information is stored in the /etc/passwd file and a hash password is stored in the file /etc/shadow. Some operations on a user account are discussed below.

Creating a user with a default setting: A user can be added by running the useradd command at the command prompt. After creating the user, set a password using the
passwd utility, as follows:

[root@localhost bhargab]# useradd anirban
[root@localhost bhargab]# passwd anirban
Changing password for user anirban.
New password: 
Retype new password: 
passwd: all authentication tokens updated successfully.

The system automatically assigns a UID, creates the home directory (/home/<username>) and sets the default shell to /bin/bash. The useradd command creates a user private group whenever a new user is added to the system and names the group after the user.
Specifying a user’s full name when creating a user: A systems administrator can use the –c option with useradd to specify the user’s full name, as shown below:

[root@localhost bhargab]# useradd -c “Anirban Choudhury” anirban

Creating a user with the UID: You can create a user with a custom UID with the –u option, as follows:

[root@localhost bhargab]# useradd -u 1036 anirban

Creating a user with non-default home directory: A non-default home directory can be set by executing the following command:

[root@localhost bhargab]# useradd –d /home/test anirban

Adding a user to a primary group and supplementary group: A systems administrator can specify a primary group and a supplementary one by specifying the –g and –G option, respectively.

[root@localhost bhargab]# useradd -g “head” -G “faculty” anirban

Locking and unlocking a user: A super user can lock and unlock a user account. To lock an account, one needs to invoke passwd with the -l option.

[root@localhost bhargab]# passwd -l anirban
Locking password for user anirban.
passwd: Success

The –u option with passwd unlock an account, as
shown below:

[root@localhost bhargab]# passwd -u anirban
Unlocking password for user anirban.
passwd: Success

Changing a user name: The –l option with the usermod command changes the login (user) name, as shown below:

[root@localhost bhargab]# usermod -l “nishant” anirban

Removing a user: Combining userdel with the –r option drop a user and the home directory associated with that user, as shown below:

[root@localhost bhargab]# userdel -r nishant

Linux group
Linux group is a mechanism to organise a collection of users. Like the user ID, each group is also associated with a unique ID called the GID (group ID). There are two types of groups – a primary group and a supplementary group. Each user is a member of a primary group and of zero or ‘more than zero’ supplementary groups. The group information is stored in /etc/group and the respective passwords are stored in the /etc/gshadow file. Some operations such as creating, deleting and modifying on a group are discussed below.
Creating a group with default settings: To add a new group with default settings, run the groupadd command as a root user, as shown below:

[root@localhost bhargab]# groupadd employee

If you wish to add a password, then type gpasswd with the group name, as follow:

[root@localhost bhargab]# gpasswd employee
Changing the password for group employee
New Password: 
Re-enter new password:

Creating a group with a specified GID: To explicitly specify the GID of a group, execute the groupadd command with the –g option, as follow:

[root@localhost bhargab]# groupadd -g 1200 manager

Removing group password: To remove a group password, run gpasswd –r with the relevant group name, as follow:

[root@localhost bhargab]# gpasswd -r employee

Changing the group’s name: To change the group’s name, run the groupmod command with the -n option as a super user, as shown below:

[root@localhost bhargab]# groupmod -n hrmanager employee

Changing the group’s GID: To change the GID of a group, run the groupmod command with –g, as follow:

[root@localhost bhargab]# groupmod -g 1050 manager

Deleting a group: Before deleting a primary group, delete the users of that primary group. To delete a group, run the groupdel command with the group name, as shown below:

[root@localhost bhargab]# groupdel employee

If you wish to know much more about the user and group management, you can refer to the Red Hat system administration and manual page of each command.

4 COMMENTS

  1. create a group sysmgrs.create user sysar,Natasha & harry.user Susan Sharry should be a part of the sysmgrs group.natasha should not be a part of that group and she is given an non interactive shell.password of all user are linux123

LEAVE A REPLY

Please enter your comment!
Please enter your name here