Linux user management (useradd, userdel, usermod)

user managementLearn how to create, delete and modify user in Linux (useradd, userdel, usermod). Basic user management which is must know for every Linux/Unix administrator.


 

Anyone accessing system locally or remotely has to has a user session on server hence can be termed as user. In this post we will be seeing user management which is almost similar for all Linux, Unix systems. There are three commands useradd, userdel and usermod which are used to manage users on Linux systems.

Read also : Understanding /etc/passwd file. & Understanding /etc/group file

Command : useradd

Command to add new user on system. This command can be as short as just one argument of userid. When run with just userid as argument then it takes all default values for creating that user as defined in /etc/default/useradd file. Or else number of options can be specified which defines parameters of this new user while creation.

Command supports below options :

  • -b base_dir      : If home directory is not specified this one is mandatory.
  • -c comment      : Any text like description of account
  • -d home_dir     : Home directory
  • -e expire_date : Account expiry date in YYYY-MM-DD
  • -f inactive         : No of days after which acc will be disabled after password expiry
  • -g gid                 : group id
  • -u uid                 : User id
  • -G groups         : Secondary groups
  • -k skel_dir        : Files within skel_dir will be copied to home_dir of user after creation
  • -K key=value   : To override default parameters in /etc/login.defs
  • -m                       : Create home directory if it dosnt exist.
  • -o                         : Allow non-unique uid
  • -p                        : Encrypted password (not normal text one). Can be obtained from crypt command.
  • -r                         : Create system account. This wont have password ageing and uid from system uid range
  • -s                         : shell

See above example with and without using options. Also check below list, it shows where you can verify account related particular  parameter which you specified in useradd command.

home_dir : Check using ls -lrt
uid, gid : In /etc/passwd and /etc/group
comment, shell : In /etc/passwd file
groups : In /etc/group file
skel_dir files : Check in home_dir
expire_date, inactive : Check in chage -l username output.
Encrypted password : In /etc/shadow file


Command : userdel

As name suggests its a command to delete users. It has only two options –

  • -r : Remove user’s home_dir & mail spool
  • -f : Removes user even if he/she logged in. Removes home_dir, mail spool & group of same name even these are being shared by another users. Dangerous!

If none of the options used and command just ran with userid argument. It will only removes user from system keeping its home_dir, mail spool and group of same name (if any) intact on server.

See above example which shows without using -r option keeps home directory intact.


Command : usermod

This command used to modify user parameter which we seen in useradd command. All paramter options with useradd command compatible with this command. Apart from those options it support below ones –

  • -l new_login     : Change login name to different. You have to manually rename home_dir
  • -L                        : Lock account. Basically it puts ! in front of encrypted password in passwd or shadow file.
  • -U                       : Unlock account. It removes !
  • -m new_home : Moves home_dir to new_dir. -d is mandatory to use with it.

See above examples of usermod command showing locking, unlocking user and changing user names.

These three commands takes almost most of the user management tasks in Linux Unix systems. Password management is another topic which does not falls in user management. We will see it on some other day.

Any thoughts?