There are two types of user:
1) System users
2) Normal users
The system users have ID values from 0 to 499 & the normal users can have ID values from 500 to 60,000.
The users and groups are maintained by the four databases files. These are:
1) /etc/passwd : This databases file maintains the user information like UID, GID, User name etc.
2) /etc/shadow : This file maintains user password related information like uname, encrypted pwd, etc. The pwd's are encrypted in the pwd binary file. To encrypt the passwords, MD5sum, DES algorithms are used.
3) /etc/group : It maintains group related information like group name, GID, etc.
4) /etc/gshadow : It maintains the group password related information.
User administration :
For user administration five commands are used.
1) useradd : This command is used to create a new user with default values.
$useradd <options> <user-name>
where the options can be,
-U = User id
-g = group ID (primary)
-G = group ID (secondary)
-c = comment
-d = directory
-s = shell
-f = inactive days
-e = expire date (YYYY MM DD)
Lets create an account
In this case useradd is told to create users the primary group sith belongs to (-g), and assign rbash as primary command shell (-s) ,Home directory under sith name (/home/sith) is created by default.Also add the userid 880 (-u).Here in the last command you can see the result that the UID = 880 and groups is users.
enter the command #getent passwd
Create
multiple users with same UID.
# useradd -o deepak -u 501
# useradd -o deep -u 501
# useradd -o user -u 501
2) usermod : This command is used to modify the user accounts. Only the administrator can use this command. It's syntax is,
$usermod <options> <user-name>
where the options can be,
-l = to change the user name
-L = to lock the user account
-U = to unlock the user account
# usermod -s /bin/csh Jedi
# usermod -Ga sales,marketing jedi
the first example changes the shell to the csh shell for the user named jedi.In the second example,supplementary groups are added for the user jedi.The -a option (-Ga) makes sure that the supplementary groups are added to any existing groups for the user jedi.If the -a is not used,existing supplementary groups for jedi are erased and the new list of groups includes the only supplementary groups assigned to that user.
3) passwd : This command is used to generate the passwords for users account.
$passwd < user-name>
To disable a password,
$passwd -d <user-name>
4) userdel : This command is used to delete a user account.
$userdel <user-name>
5) change : This command is used to change the password expiry information.
$chage <user name>
1) System users
2) Normal users
The system users have ID values from 0 to 499 & the normal users can have ID values from 500 to 60,000.
The users and groups are maintained by the four databases files. These are:
1) /etc/passwd : This databases file maintains the user information like UID, GID, User name etc.
2) /etc/shadow : This file maintains user password related information like uname, encrypted pwd, etc. The pwd's are encrypted in the pwd binary file. To encrypt the passwords, MD5sum, DES algorithms are used.
3) /etc/group : It maintains group related information like group name, GID, etc.
4) /etc/gshadow : It maintains the group password related information.
User administration :
For user administration five commands are used.
1) useradd : This command is used to create a new user with default values.
$useradd <options> <user-name>
where the options can be,
-U = User id
-g = group ID (primary)
-G = group ID (secondary)
-c = comment
-d = directory
-s = shell
-f = inactive days
-e = expire date (YYYY MM DD)
Lets create an account
In this case useradd is told to create users the primary group sith belongs to (-g), and assign rbash as primary command shell (-s) ,Home directory under sith name (/home/sith) is created by default.Also add the userid 880 (-u).Here in the last command you can see the result that the UID = 880 and groups is users.
enter the command #getent passwd
In creating
username ,the command performs several actions
1. Reads /etc/login.defs and
/etc/default/useradd files to get default values .
2. Check command line parameters to
find out which default values override.
3. Create user entry in /etc/passwd and
/etc/shadow
4. Create any new group entries in the
/etc/group file.
5. Create a home directory based on the
user’s name, in the /home directory
6. Copies any files located within
/etc/skel directory to the new home directory.This usually includes login and
application startup scripts.
If you want to see the default settings
#useradd –D
Group=100
Home=/home
INACTIVE=1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
How to
change default values of useradd command ?
To change
the default home directory location for all new users
# useradd -D -b /opt/users
# useradd -D | grep HOME
HOME=/opt/users
# useradd -D | grep HOME
HOME=/opt/users
To change
the default login shell
# useradd -D -s /bin/sh
# useradd -D | grep -i shell
SHELL=/bin/sh
# useradd -D | grep -i shell
SHELL=/bin/sh
# useradd -o deepak -u 501
# useradd -o deep -u 501
# useradd -o user -u 501
2) usermod : This command is used to modify the user accounts. Only the administrator can use this command. It's syntax is,
$usermod <options> <user-name>
where the options can be,
-l = to change the user name
-L = to lock the user account
-U = to unlock the user account
# usermod -s /bin/csh Jedi
# usermod -Ga sales,marketing jedi
the first example changes the shell to the csh shell for the user named jedi.In the second example,supplementary groups are added for the user jedi.The -a option (-Ga) makes sure that the supplementary groups are added to any existing groups for the user jedi.If the -a is not used,existing supplementary groups for jedi are erased and the new list of groups includes the only supplementary groups assigned to that user.
3) passwd : This command is used to generate the passwords for users account.
$passwd < user-name>
To disable a password,
$passwd -d <user-name>
4) userdel : This command is used to delete a user account.
$userdel <user-name>
5) change : This command is used to change the password expiry information.
$chage <user name>
Add a
User to Multiple Groups
usermod -a
-G ftp,admins,othergroup <username>
For
instance, lets say you wanted to add a new user named jsmith to the ftp group:
useradd -G
ftp jsmith
No comments:
Post a Comment