User and group management is one of the most basic and crucial part of Linux administration. It covers things like creating, altering. enabling and disabling users, adding or moving users into different groups, creating groups, defining the permissions for users and groups. This article is about how you can manage users and groups in Linux.
As Linux is a multi-user environment it supports the login of multiple users from command line or terminal.
To perform user administration tasks you need to have sudo access.
Creating / Adding new user in Linux
# adduser user_name
# useradd user_name
There is different between adduser and userdd. I prefer to use adduser as it is more interactive.
When you run adduser command Linux will try to create the user and it will ask for the password and other information.
When user is created successfully it will:
1. Create a directory with username /home/username
2. Create a group with the same name as username and add the user to that group.
3. Create a mail spool in /var/spool/mail/username
4. Copy the following hidden files to user’s home directory.
- .bash_logout : When a login shell exits, bash reads and executes commands from the files ~/.bash_logout and /etc/bash.bash_logout, if the files exists.
- .bashrc : this file is executed on every interactive shell launch or everytime user logs in.
- .profile : this file is used to set system wide environmental variables.
Understanding /etc/passwd file
/etc/passwd is a text file which contains basic information about each user or account on the system. Each line of this file provides information about a user.
Each line has following fields:
user : x : uid : gid : comment : home_directory : default_shell
- user : it shows the name of the user.
- x : x means user is protected by password, stored with encryption in /etc/shadow file
- uid and gid : shows the user id and group id for the user.
- commnt : just a comment about user.
- home_directory : it shows the home directory of the user it can be /home/username or something else custom.
- default_shell : the default shell user will login.
Understanding /etc/group file
The groups information is stored in /etc/group file. Each line represents one group information and each line has following format:
group_name : x : gid : users_list
- group_name : self explanatory it shows the name of group.
- x : Generally passwords are used with groups so it is empty it can store encrypted password for group.
- gid : Again self explanatory it represents the id of group.
- users_list : shows a list of users who are the member of this group.
Lets have a look at few example of adduser command
Add a User without Password
This is useful when using the key based password less authentication where you don’t need password
# adduser –disabled-password mars
Add existing user to an existing group
# adduser mars sudo
Adding a user with custom home directory
# useradd –home /tmp mars
Adding a user with disabled login
This sets the password value of /etc/passwd file to ! which means user will not be able to login
# adduser –disabled-login mars
After setting up an account you can modify the user account with usermod command it has following basic syntax.
# usermod options user_name
Changing the home directory for a user
# usermod –home /tmp mars
Setting up expiry date for an account
# usermod –expiredate 2019-01-07 mars
Adding user to multiple supplementary groups at once
# sudo usermod –append –groups sudo,devops mars
Change the default shell for an account
# usermod –shell /bin/sh mars
Displaying the groups of a user
# groups mars
Locking user account
# usermod –lock mars
Unlocking user account
# usermod –unlock mars
In all of the examples I have used full word while specifying the options like –lock or –shell but you can also use just a single character like -L for lock, -s for shell and other options.
Removing a user from a group
gpasswd command can be used to remove a user from a group it has following syntax.
# gpasswd –delete user_name group_name
# gpasswd –delete mars devops
Deleting a user account
A user account can be deleted using userdel command.
it will delete the user’s home directory and mail spool.
# userdel –remove mars
Did it help you or you faced any issues let us know in the comment section and yes stay tuned more good stuff coming up.