Every user who has access to a Linux system needs a login and a password. Each user must belong to a primary group and for security or access purposes can belong to several secondary groups. In order to create new logins, modify or delete users, you must already be logged in as root. The root login is the highest level and only certain individuals should have access to the root account.
useradd – Adding a new user
Options:
| Option | description |
| -d | home directory |
| -s | starting program (shell) |
| -p | password |
| -g | primary group assigned to the users |
| -G | Other groups the user belongs t |
| -m | Create the user’s home directory |
Example:
To add a new user with
- a primary group of users
- a second group mgmt
- starting shell /bin/bash
- password of xxxx
- home directory of roger
- create home directory
- a login name of roger
useradd -gusers -Gmgmt -s/bin/shell -pxxxx -d/home/roger -m roger
usermod – Modifying existing user
Options:
| Option | description |
| -d | home directory |
| -s | starting program (shell) |
| -p | password |
| -g | primary group assigned to the users |
| -G | Other groups the user belongs to |
Example:
To add the groups ‘group1 group2 …’ to the user roger
usermod -G group1,group2,... roger
If the user is currently a member of a group which is not listed,
the user will be removed from the group.
userdel – Deleting a user
Options:
| Option | description |
| -r | remove home directory |
Example:
To remove the user ‘roger’ and his home directory
userdel -r roger
passwd – User’s Password
Example:
To change the password for the account you are currently logged in as…
passwd Enter existing password Enter new password Enter new password again (to validate)
To change the password for the user ‘roger’ (only you are logged in as root)…
passwd roger Enter existing password (can be either roger's password or root's password) Enter new password Enter new password again (to validate)
Where user and group information stored
User names and primary groups are stored in /etc/passwd.
This file can be directly edited using the ‘vi’ editor, although this is not recommended. Format of the file is…
- User name (normally all lower case)
- Password (encrypted – only contains the letter ‘x’)
- User ID (a unique number of each user)
- Primary Group ID
- Comment (Normally the person’s full name)
- Home directory (normally /home/<user name>
- Default shell (normally /bin/bash)
Each field is separated by a colon.
Passwords for each user are stored in /etc/shadow.
This file should only be changed using the passwd command.
Group information is stored in /etc/group.
This file can be directly edited using the ‘vi’ editor. Format of the file is…
- Group name
- Group password (hardly ever used)
- Group ID
- User names (separated by commas)
Each field is separated by a colon.
Default files
When a new user is created, the default files and directories that are created are stored in /etc/skel.
This directory can be modified to fit your needs. Modifications only effect new users and does not change anything for existing users.
su – Switch User
To switch to another user, use the su command. This is most commonly used to switch to the root account.
Example:
To switch to root account…
su Enter root's passwd
To switch to the user ‘roger’…
su roger Enter roger's or root's passwd
To return to original user, enter exit
Disable a user’s login without disabling the account
passwd -l user
to disable login
That will lock the user account. But you’ll still be able to
su - user
but you’ll have to su - user as root.
Alternatively, you can accomplish the same thing by prepending a ! to the user’s password in /etc/shadow (this is all passwd -l does behind the scenes). And passwd -u will undo this.
User without a password
$ sudo useradd test
$ sudo passwd -d test
Removing password for user test.
passwd: Success
$ su test
$ whoami
test
Last updated: 14 Marzo 2019 by Pierluigi Minati