Vijayan
Vijayan Thanks for stopping by guys! I'm Vijayan and Techpulse is my beloved brainchild. Currently working as a PHP developer in a digital marketing start-up, I'm overly passionate about not just learning new things but also putting those into practice. I swear by a quote I once came across... 'What separates successful people from unsuccessful people is the former's ability to execute'. Feel free to reach out to me if you have any questions, suggestions or feedback. Hoping to see more of you here!

Managing Users and Groups in Linux


Managing Users and Groups in Linux

This is an article that takes the reader back to the basics of Linux. Managing Users and Groups in Linux, like adding or removing them, giving them a password, etc -all from a system administrator’s point of view.

Linux is a multi-user operating system, which means that more than one user use Linux at the same time. Linux provides a beautiful mechanism to manage users in a system. On of the most important roles of a system administrator is to manage the users and groups in a system. All the commands used in this article are explained using the CentOS Linux distro.

Linux user

A user or account of a system is uniquely identified by a numerical number called the UID (unique identification number). There are two types of users - the root or super user can access all the files, while the normal user has limited access to files. A superuser can add, delete and modify a user account. The full account information is stored in the /etc/passwd file and a hash password is stored in the file /etc/shadow. Some operations on a user account are discussed below.

Creating a user with a default setting:

A user can be added by running the useradd command at the command prompt. After creating the user, set a password using the passwd utility, as follows:

root@vijayan-VPCCA35FA:/home/vijayan# useradd techpulsetoday
root@vijayan-VPCCA35FA:/home/vijayan# passwd techpulsetoday
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
root@vijayan-VPCCA35FA:/home/vijayan#

The system automatically assigns a UID, creates the home directory (/home/<username>) and sets the default shell to /bin/bash. The useradd command creates a user private group whenever a new user is added to the system and names the group after the user.

Specifying a user's full name when creating a user:

A systems administrator can use the -c options with useradd to specify the user’s full name, as shown below:

root@vijayan-VPCCA35FA:/home/vijayan# userdel techpulsetoday
root@vijayan-VPCCA35FA:/home/vijayan# useradd -c "TechPulseToday" techpulsetoday

Creating a user with the UID:

You can create a user with a custom UID with the -u option, as follows:

root@vijayan-VPCCA35FA:/home/vijayan# useradd -u 1036 techpulsetoday

Creating a user with the non-default home directory:

A non-default home directory can be set by executing the following command:

root@vijayan-VPCCA35FA:/home/vijayan# useradd -d /home/test techpulsetoday

Adding a user to a primary group and supplementary group:

A system administrator can specify a primary group and a supplementary one by specifying the -g and -G option, respectively.

root@vijayan-VPCCA35FA:/home/vijayan# useradd -g "head" -G "faculty" techpulsetoday

Locking and unlocking a user:

A superuser can lock and unlock a user account. To Lock an account, one needs to invoke passwd with the -l option.

root@vijayan-VPCCA35FA:/home/vijayan# passwd -l techpulsetoday
Locking password for user techpulsetoday.
passwd: Success

The -u option with passwd unlock an account, as shown below:

root@vijayan-VPCCA35FA:/home/vijayan# passwd -u techpulsetoday
Unlocking password for user techpulsetoday.
passwd: Success

Changing a user name:

The -l option with the -r option drops a user and the home directory associated with that user, as shown below:

root@vijayan-VPCCA35FA:/home/vijayan# usermod -l "Vijayan J" techpulsetoday

Removing a user:

Combining userdel with the -r option drop a user and the home directory associated with that user, as shown below:

root@vijayan-VPCCA35FA:/home/vijayan# userdel -r techpulsetoday

Linux Group

Linux group is a mechanism to organize a collection of users. Like the user ID, each group is an also associated with a unique ID called the GID (group ID). There are two types of groups - a primary group and a supplementary group. Each user is a member of a  member of a primary group and of zero or ‘more than zero’ supplementary group. The group information is stored in /etc/group and the respective passwords are stored in the /etc/gshadow file. Some operations such as creating, deleting and modifying on a group are discussed below.

Creating a group with default settings:

To add a new group with default settings, run the groupadd command as a root user, as shown below:

root@vijayan-VPCCA35FA:/home/vijayan# groupadd employee

If you wish to add a password, then type gpasswd with the group name, as follow:

root@vijayan-VPCCA35FA:/home/vijayan# gpasswd employee
Changing the password for group employee
New Password:
Re-enter new password:

Creating a group with a specified GID:

To explicitly specify the GID of a group, execute the groupadd command with the -g option, as follow:

root@vijayan-VPCCA35FA:/home/vijayan# groupadd -g 1200 manager

Removing group password:

To remove a group password, run gpasswd -r with the relevant group name, as follow:

root@vijayan-VPCCA35FA:/home/vijayan# gpasswd -r employee

Changing the group's name:

To change the group’s name, run the groupmod command with the -n option as a super user, as shown below:

root@vijayan-VPCCA35FA:/home/vijayan# groupmod -n techmanager employee

Changing the group's GID:

To change the GID of a group, run the groupmod command with -g, as follow:

root@vijayan-VPCCA35FA:/home/vijayan# groupmod -g 1050 manager

Deleting a group:

Before deleting a primary group, delete the users of that primary group. To delete a group, run the groupdel command with the group name, as shown below:

root@vijayan-VPCCA35FA:/home/vijayan# groupdel manager
root@vijayan-VPCCA35FA:/home/vijayan# groupdel employee

If you wish to know much more about the user and group management, you can refer to the Red Hat System Administration and manual page of each command.

comments powered by Disqus