CompTIA Linux+ (XK0-004)
Red Hat Enterprise Linux
Git and Github
Learn Docker and Kubernates
Tips and Tricks

7. Managing Users and Groups

  • Understanding Linux users and groups

  • Manage user accounts

  • Manage group accounts

User Accounts

  • Creating user account at the command line

    • useradd

    • userdel

    • passwd

  • Modifying user accounts

    • usermod

Take a look at the default configuration that if we don't change something gets applied.

useradd -D

Default configuration for a user

Creating a user

  • -c "bablu kumar" => comment

  • -s "/bin/ksh" => setting a shell

By default, a user is a member of its own group.

Taking a look at /etc/shadow

The exclamations indicate the password not have been set yet.
  • (*) => indicates they can't login because they are service accounts.

  • (!!) => indicates that no password is set yet.

Adding files to all the users by default

To make sure, all new members get, for example a company policy, in their home directory. We can add that to the /etc/skel

usermod

Locking user account

usermod -L bk => Locks the bk's account

Looking into the /etc/shadow file indicates the account has been locked.

User account lock: notice the exclamation symbol

Unlocking the user account

usermod -U bk

Deleting a user

  • If you just want to delete the user; userdel username In this case, the user's home directory remains intact.

  • Deleting a user including her/his home directory: userdel -r usernameRemember to take a backup before doing it though.

Manage group accounts

  • Creating groups at the command line

    • groupadd

    • groupdel

  • Creating groups in the GUI

  • Modifying groups

    • groupmod

Adding to group usermod

  • -a => append to

  • -G => a supplemental group

  • -g => switch a primary group

You can also check the group information in /etc/group:

usermod -aG wheel bkumar # Now bkumar can use sudo do tasks that require priviledges on Red Hat systems
usermod -aG admin bkumar # used in Ubuntu (Debian) systems for the same purposes.
  • su - it logs into the root account if you have the root's password

  • sudo -i it also does the same but once you are in the wheel group, you need to type in your password rather than the root's password which is a safer way.

  • sudo visudo contains the configuration file for the sudo management.

  • /etc/sudoers.d/ contains some snap in files that lets you add these configurations as snap-ins.

Delete the group: groupdel groupname