Learn how to create, delete and modify a user in Linux (useradd, userdel, usermod). Basic user management which is must know for every Linux/Unix administrator.
Anyone accessing system locally or remotely has to has a user session on the server hence can be termed as a user. In this post, we will be seeing user management which is almost similar for all Linux, Unix systems. There are three commands
usermod which are used to manage users on Linux systems.
Interesting related articles –
Command to add a new user to the system. This command can be as short as just one argument of userid. When running with just userid as an argument then it takes all default values for creating that user as defined in
/etc/default/useradd file. Or else a number of options can be specified which defines parameters of this new user while creation.
# cat /etc/default/useradd # useradd defaults file GROUP=100 HOME=/home INACTIVE=-1 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel CREATE_MAIL_SPOOL=yes
The command supports the below options :
-b <base_dir>If the home directory is not specified this one is mandatory.
-c <comment>Any text like a description of the account
-d <home_dir>Home directory
-e <expire_date>Account expiry date in YYYY-MM-DD
-f <inactive>No of days after which acc will be disabled after password expiry
-g <gid>group id
-u <uid>User id
-G <groups>Secondary groups
-k <skel_dir>Files within skel_dir will be copied to home_dir of the user after creation
-K <key=value>To override default parameters in /etc/login.defs
-mCreate the home directory if it doesn’t exist.
-oAllow non-unique UID
-pEncrypted password (not normal text one). It can be obtained from the crypt command.
-rCreate a system account. This won’t have password aging and UID from system UID range
# useradd -c "Test user" -d /home/test -m -e 2016-12-05 -f 7 -g 100 -u 956 -o -s /bin/bash testuser1 # cat /etc/passwd |grep testuser1 testuser1:x:956:100:Test user:/home/test:/bin/bash # useradd testuser2 # cat /etc/passwd |grep testuser2 testuser2:x:54326:54329::/home/testuser2:/bin/bash
See the above example with and without using options. Also, check the below list, it shows where you can verify the account-related particular parameter which you specified in
skel_dir filesCheck-in home_dir
chage -l usernameoutput.
As the name suggests its a command to delete users. It has only two options –
-rRemove user’s home_dir & mail spool
-fRemoves user even if he/she logged in. Removes home_dir, mail spool & group of the same name even these are being shared by another user. Dangerous!
If none of the options used and command just ran with userid argument. It will only remove the user from the system keeping its home_dir, mail spool and a group of the same name (if any) intact on the server.
# ll /home |grep testuser drwx------ 4 testuser testuser 4096 Nov 23 10:43 testuser # userdel testuser # ll /home |grep testuser drwx------ 4 54326 54329 4096 Nov 23 10:43 testuser
# userdel -r testuser # ll /home |grep testuser #
See above example which shows without using
-r option keeps home directory intact.
This command used to modify user parameters which we saw in
useradd command. All parameter options with
useradd command compatible with this command. Apart from those options, it supports below ones –
-l <new_login>Change login name to different. You have to manually rename home_dir
-LLock account. Basically it puts ! in front of encrypted password in passwd or shadow file.
-UUnlock account. It removes!
-m <new_home>Moves home_dir to new_dir.
-dis mandatory to use with it.
# useradd usr1# cat /etc/passwd |grep usr1 usr1:x:54326:54330::/home/usr1:/bin/bash # usermod -l usr2 usr1 # cat /etc/passwd |grep usr2 usr2:x:54326:54330::/home/usr1:/bin/bash
# cat /etc/shadow |grep usr2 usr2:$6$nEjQiroT$Fjda8KiOIbnELAffHmluJFRC8jjIRWuxEWBePK1gun/ELZRi3glZdKVtPaaZ4tcQLIK2KPZTxdpB3tJvDj3/J1:17128:1:90:7::: # usermod -L usr2 # cat /etc/shadow |grep usr2 usr2:!$6$nEjQiroT$Fjda8KiOIbnELAffHmluJFRC8jjIRWuxEWBePK1gun/ELZRi3glZdKVtPaaZ4tcQLIK2KPZTxdpB3tJvDj3/J1:17128:1:90:7::: # usermod -U usr2 # cat /etc/shadow |grep usr2 usr2:$6$nEjQiroT$Fjda8KiOIbnELAffHmluJFRC8jjIRWuxEWBePK1gun/ELZRi3glZdKVtPaaZ4tcQLIK2KPZTxdpB3tJvDj3/J1:17128:1:90:7:::
See the above examples of
usermod command showing locking, unlocking user and changing user names.
These three commands take almost most of the user management tasks in Linux Unix systems. Password management is another topic which does not fall in user management. We will see it on some other day.