User Tools

Site Tools


linux:managing-users-and-groups-part-1

Managing Users and Groups

Date: Mon Sep 24 12:17:52 EDT 2018

The passwd file

On my Fedora 28 virtual machine, I can see the following information about my user account:

$ grep "sean" /etc/passwd
sean:x:1000:1000:sean:/home/sean:/bin/bash

The fields are:

  • username
  • password indicator
  • user id
  • group id
  • gecos ingo
  • home directory
  • default shell

This is a pretty standard Linux file, but some things will change depending on the distribution. For example, the user id may start at a different point depending on the system. However, nowadays both Ubuntu and Fedora set the starting UID and group ID for new users at 1000.

The shadow file

Need to be root to examine the shadow file:

$ sudo su
# grep "sean" /etc/shadow
sean:ENCRYPTED_PASSWORD::0:99999:7:::

The fields are:

  • login name (username)
  • encrypted password
  • days since 1/1/1970 since password was last changed
  • days after which password must be changed
  • days before password is to expire that user is warned
  • days after password expires that account is disabled
  • days since 1/1/1970 that account is disabled
  • a reserved field

The group file

This file holds group information about the entire system:

$ cat /etc/group
$ # note one group of interest
$ grep "project1" /etc/group
project1:x:1001:sean,captkirk

The fields are:

  • group name
  • group password
  • group ID (GID)
  • group members

Management Tools

The book discusses the following tools:

  • /usr/sbin/useradd
  • /usr/sbin/usermod
  • /usr/sbin/userdel
  • /usr/sbin/groupadd
  • /usr/sbin/groupdel
  • /usr/sbin/groupmod

Practice

Create a new user; modify account

Let's create a new user and modify the account. First note the defaults in /etc/login.defs, /etc/skel, and /etc/default/useradd. And then let's change some defaults. We can either user sudo or become su. Here I become su:

$ sudo su
# nano /etc/skel/.bashrc

Now we're in nano, and we want to add these lines at the end. Feel free to add the comments:

# make "c" a shortcut for "clear"
alias c='clear'
# new files are 600; new directories are 700:
umask 0077

Now use nano again to create a README file. This file will be added to the home directories of all new users. Add any welcome message you want to add, plus any guidelines for using the system.

# nano /etc/skel/README

After writing (saving) and exiting nano, we can go ahead and create the new user:

# useradd linus
# grep "linus" /etc/passwd
linus:x:1002:1003::/home/linus:/bin/bash
# grep "linus" /etc/shadow
linus:!!:17798:0:99999:7:::
# # Let's create a password for 'linus'
# passwd linus
# grep "linus" /etc/shadow
# # Let's modify the maximum password lifetime
# passwd -n 90 linus
# # Let's modify the maximum password lifetime
# passwd -x 180 linus

Create a new group; add users to group

# grep "linus" /etc/group
# groupadd project2
# grep "project2" /etc/group
project2:x:1004:
# usermod -aG project2 linus
# usermod -aG project2 sean
# grep "project2" /etc/group
project2:x:1004:linus,sean

Delete, delete, delete

  1. Delete user 'linus'
  2. Confirm not listed in passwd and shadow files.
  3. Confirm home directory is gone

User deletion

# userdel -r linus
# grep "linus" /etc/passwd
# grep "linus" /etc/shadow
# cd /home ; ls -l 

Group deletion

  1. Look for groups in group file that begin with the string "project".
  2. Delete "project2" group
  3. Look again.
# grep "project*" /etc/group
# groupdel project2
# grep "project*" /etc/group
linux/managing-users-and-groups-part-1.txt · Last modified: 2019/01/21 11:14 by seanburns