Users are a entity in Linux system that are provided certain permissions to access resources. Users can be service accounts as well.
Let's create a user in the wheel group, so he/she can use that with sudo.
Usually, useradd
is used in Red Hat systems for creating users.
useradd -c "the friend" -G wheel amit; passwd -e amit
Usually, adduser username
is used for Debian (or Ubuntu) based systems.
Note:
If you are setting up user environment for users, and
If you know in advance that these people need to be member of certain groups, start by creating groups first and it is easier to assign to users to the group.
If you create the users first then you need to modify the users to assign to those groups which involves a little more work.
# groupadd groupname​groupadd marketinggroupadd sales
Adding a user to a supplementary (secondary) group:
-a
=> appends to
-G
=> a new list of groups
When creating a new user, default settings are applied that come from different sources:
useradd -D
can be used from the command line
/etc/login.defs
is used as the default configuration file
/etc/skel
contents is copied to user home directory upon user creation
So, if you create a new file company-policy.pdf
in this directory, every subsequent users created afterwards will get the company-policy.pdf
along with other files in the users home directory.
Linux does not offer an easy solution to apply new defaults to previously created users. (but it is possible using some scripting)
It is kind of an old method and sometimes gives unreliable information. The best way to check the setting is to check /etc/login.defs
.
The useradd -D
comes from /etc/default/useradd
:
You can change this file as per your requirement:
Below we have PASS_MAX_DAYS 99999
to 99
:
Now you can see the setting applied as I created a new user:
Also notice that !!
means no password set yet.
echo password | passwd --stdin username
Let's tackle the Lab in a different order. Let's start by 1. setting their passwords to expire after 60 days in: vim /etc/login.defs
Changing the password from 99 days to 60 days
2. Ensuring all these users get a home directory in /home
.
By default, /home
directory is set for new users.
If it is not set, please change it here: sudo vim /etc/default/useradd
3. Adding three groups namely sales, accounts, and users. Ignore in my case the groups already exist:
4. Creating users and adding to the groups:
Setting a password as password
However, there is a fancier way of doing the same for many users at once: