User Commands

The following commands are used to create, modify, delete, manipulate the properties of a user.

USERADD

This command Add/Creates user accounts in Linux. This command can be combined with various options

  • useradd Devops - Adds a user named Devops. To unlock this account you need to set a password for this user

  • passwd Devops - To set the password for the newly created user

Once a new user is created, /etc/passwd file gets a new entry regarding the user created.

  • cat /etc/passwd | grep Devops - Shows the entry created for user "Devops" in the passwd file

Each line in the /etc/paaswd contains 7 columns which provides us the information about the user. It can be interpreted in the following way -

  1. Username - Login name used to access the system - Devops
  2. Password - The letter x signals that shadow passwords are used and that the hashed password is stored in /etc/shadow file
  3. UserID - Devops has been assigned a UID of 501, which reflects the rule that the default UID values from 0 to 499 are typically reserved for system accounts
  4. GroupID - The primary Group ID (GID) Group Identification Number stored in /etc/group file
  5. UserInfo - Optional field to fill in extra information about the user like Role or Full Name of the user
  6. Home Directory - Location of user's home directory
  7. Shell - Location of user's shell

USERADD command can be combined with other options to customize user creation as per the requirement. Some of the options are -

  • useradd -c "Devops User" Devops - Creates a user with "Devops user" as a comment in UserInfo field as stated above

  • useradd -d /project/Devops Devops - Creates a user "Devops". Home directory for the user "Devops" is set as /project/Devops

  • useradd -u 619 Devops - Creates a user "Devops". UserID for the user "Devops" is set as 619

  • useradd -g 719 Devops - Creates a user "Devops". GroupID for the user "Devops" is set as 719

  • useradd -g g0 -G g1,g2 Devops - Adds the user "Devops" to primary group g0 and to multiple groups(g1 and g2). You can check about the user is a part of which groups by using the command "id Devops"

  • useradd -e 2016-10-01 Devops - Creates a user "Devops" with account expiry date of October 1st,2016. Date should be mentioned in YYYY-MM-DD format. By default it is 0, never expires

  • useradd -s /sbin/nologin Devops - Will add a user ‘tecmint‘ without login shell i.e. ‘/sbin/nologin‘ shell

  • useradd -M Devops - Creates a user "Devops" with no home directory. When you combine useradd -m it will make sure that "Devops" user is created with Home directory if it does not exist

USERMOD

This command is similar to useradd except it takes actions on already existing users. It modifies the properties of already existing users . You can use this command with almost same options as you use with command useradd.

  • usermod -c "Am Devops User" -u 619 -e 2016-10-01 Devops - Modifies the user "Devops" UserInfo property as stated in the above examples

  • usermod -l Devops_ad Devops - Modifies the user login name from Devops to Devops_ad

  • usermod -L Devops - Locks the user "Devops" account. After the account lock, Login is disabled and you will see a ! added before the encrypted password in /etc/shadow file means password is disabled an user account is locked

USERDEL

This command removes the user accounts and files associated to the user from Server/Workstation

  • userdel -r Devops - Combining userdel with the -r option removes files in the user's home directory along with the home directory itself and the user's mail spool

  • userdel -f Devops - This option forces the removal of the user account, even if the user is still logged in. This option is dangerous and may leave your system in an inconsistent state

ID

This command is used to get the system identifications of a specific user like UID, Groups a user belong to.

  • id Devops - Displays the System identifications for the user "Devops"

  • id -u Devops - Displays UserID for the user "Devops"

  • id -g Devops - Displays GroupId for the user "Devops"

Group Commands

The following commands are used to create, modify, delete, manipulate the properties of a group.

GROUPADD

Groups are a useful tool for permitting co-operation between different users. This command is used to add a new group to the system.

  • groupadd friends - Adds a group named "friends" with default settings. You can gather more information about the group from the file /etc/group

  • groupadd -g 719 friends - Creates a group named "friends" set its GroupID as 719. When used with -g and GID already exists, groupadd refuses to create another group with existing GID

  • groupadd -r friends - Creates a system group which are used for system purposes which practically means that GID is allocated from 1 to 499 if not specified

NOTE :- If you want to add an existing user to the named group, you can make use of the gpasswd command too instead of usermod and useradd. gpasswd is used to unlock the group and set password on the group

  • gpasswd friends - Unlocks the group "friends" and sets the required password.

  • gpasswd -a Devops friends - Add the user "Devops" to group "friends". Replacing "-a" with "-r" command removes the user "Devops" from group "friends"

  • gpasswd --members Devops,Devops_ad friends - Adds a list of members(Devops,Devops_ad) to the group "friends". This command can be used to add multiple users to a group at a time.

  • gpasswd -A Devops,Devops_ad friends - Makes Devops,Devops_ad group administrators. A group administrator can add and delete users as well as set, change, or remove the group password. A group can have more than one group administrator.

  • gpasswd -r friends - Removes password authentication on the group "friends"

GROUPMOD

When a group already exists and you need to specify any of the options now, use the groupmod command. The logic of using groupmod is identical to groupadd as well as its syntax.

  • groupmod -g 819 friends - Modifies the GroupID for the group "friends" to 819

  • groupmod -n classmates friends - Replaces the name of group with "classmates"

GROUPDEL

This command is used to delete the group. There are some conditions you should take care of before deleting a group. You may not remove the primary group of any existing user; you must remove the user before you remove that user's primary group.

  • groupdel friends - Deletes the group named "friends". Below is the error if friends is the primary group of any user