User & Group Management
Adding Users
Adding Users
To add a user, the useradd command can be used.
useradd usernameIf you want to create a user with it's own home directory, this can be done using the -m flag:
useradd -m usernameThe default contents of a users home directory are defined within the /etc/skel directory, please see HERE for more info on this.
Adding a system user
useradd -r usernameOnce created, you'll want to restrict the account by disabling the ability for login, as mentioned here
Default options
There are lots of different options that can be set when creating users and groups, the default options can be viewed using the below command:
useradd -DAdditional options:
-e -expires
-e 2023/12/31-c - comment
-c "full name"-s -shell
-s /bin/sh
Groups
When creating a user, you can also specify groups to add the user to, this is done using the -G flag:
useradd -G groupname usernameComments
When creating a user, you can also opt to add a comment using the -c flag, for example this could be a name:
useradd -c "comment" username====================================================================================
Passwords
====================================================================================
Set Password
Once a user has been created, you can add a password using the passwd command:
passwd usernameOnce run, you'll be prompted to enter a new password
Changing password
Changing a users password can be done using the passwd command when signed in as that user.
You can either SSH to the server directly using the required user, or access as root and use su- username to access the user. Once accessed, the passwd command can be run alone to change the password:
passwdYou can also change a users password using root:
passwd usernameAdditional Options:
Checking user password metrics (password expiration, last time password changed)
chage -l usernameForcing password change at logon
chage -d 0 usernameTemporary Password
When setting a password, you're able to set a temporary placeholder password that can be used to log in by the user, upon logging in the user will be prompted to change to a password of their choice. This can be achieved by using the -e flag after setting a password
passwd username #set as temp password
passwd -e #sets password as expiredDeleting Users
Deleting Users
Users can be deleted using the userdel command:
userdel usernameThe above command only removes the user from the system, without removing their home directory.
Remove user and home directory
userdel -r usernameModifying Users
Post Creation, users can be modified using the usermod command.
Add User To Group
usermod -a -G groupname usernameLock/Unlock Users
Lock User Login
usermod -L usernameUnlock User Login
usermod -U usernameDisable login access
usermod -s /sbin/nologin usernameor we can use the change shell (chsh) command:
chsh -s /bin/nologin usernameChange User Home Directory
usermod -d /pathtonewhome username
chown username:usergroup /pathtonewhomeGroups
Viewing Groups
groups usernameCreating Groups
New groups can be created using the groupadd command:
groupadd groupnameManaging group users
Users can be added/removed from a group with 2 main methods,
- They can be added when initially created, as mentioned above
- They can be added after creation using the usermod command, as mentioned above
- They can be added using the gpasswd command.
Add a user to a group
gpasswd -a username groupnameRemoving a user from a group
gpasswd -d username groupnameAdd user to a group as an admin
gpasswd -A username groupname
Deleting groups
Groups can be removed using the groupdel command, note that this doesn't delete the users that are part of this group.
groupdel groupnameModifying Groups
There are various group properties that can be modified using the groupmod command.
Change Group Name
groupmod -n newname oldnameChange Group ID
groupmod -g NEWID groupname
No Comments