Manage User and Group Accounts in Linux (RHEL 8/ Centos 8) –
The manage user and groups account is the core part of Linux operating system. Each user has distinct login credentials in operating system to manage customize privileges in to user and group account. Each user and group got default unique ID’s add the time of creation, we can manage various permission ton basis of user and group for access any file, directory or commands it important to understand the user and group account management.
Here we use RHEL8/Centos 8 for the steps –
What is User?
- A user is another name of an account capable of logging into a computer.
- A user is an individual who uses the available hardware and software resources.
- In RHEL 8 by default 0 – 999 User ID (UID) are reserved for system purpose, when we create user account it got user id from 1000+.
Type of User
- System User (Privilege/Administrative)
- Normal User (Non-privilege/Secondary)
- System User –
- It is created by OS automatically.
- System user account by default have user id between 0 – 999.
- Root user account automatically created at the time of Linux OS Installation.
- Administrator user account automatically created at the time of windows OS installation.
- Normal User –
- It is created by privilege/Administrator user
- Normal user account by default got id 1000+
To manage user account use following commands –
useradd – use to add user account
usermod – use to modify existing user account
userdel – use to delete user account
passwd – use to create or change user account password
Database File of User Account –
All user account database by default stored in following file –
- User account Properties – /etc/passwd
- User Password Properties – /etc/shadow
Manage User Account step by step:
- For Create user account:
2.For check user account properties:
grep ajay /etc/passwd
grep search ajay string into passwd file where stored the user account database and display the whole line where match ajay string. Here total 7 filed available each filed separated by : (colon).
ajay – It show user name ( user login name )
x – It show mask password
1001 – It show user account ID (UID)
1001 – It show user account primary group ID (GID)
:: – It show user comment or full name ( by default empty)
/home/ajay – It show user home directory
/bin/bash – It show user login shell
1.For Crate/change user account password – Passwd ajay
Type here password which want to we set, need to re-enter password for the confirmation.
2.For check user password properties:
grep ajay /etc/shadow
User password properties store in following format, each filed is separated by : (colon)
ajay:@s$!1bc25f%:18002:0:99999:7: : :
ajay – it show user name (login name)
!6$^6ek23u%78 – it show user encrypted password
18556 – it show number of days since 1969.
0 – it show minimum life of password
99999 – it show maximum life of password
7 – it show warning days before expire password
::: – it show password expiry days or inactive period of password.
3. For switch one user account to another user account –
4.For logout from currently login user account-
press “ctrl+d” shortcut key for logout.
5.For delete user account –
With above command we can delete user account but it home directory still remain, for delete user account with home directory we can use following command.
userdel -r ajay
6.For modify existing user account properties –
1.For change user name (user login name)
usermod -l vijay ajay
2.For change user ID
usermod -u 2025 ajay
3.For set comment/fullname to user account
usermod -c “Junior Software Development” ajay
4.For set new home directory
Mkdir -p /india/pune
usermod -d /india/pune ajay
5.For change login shell
usermod -s /sbin/nologin ajay
Note: if set /etc/nologin shell to user account then user can’t login into bash shell
6.For set expiry date to password
usermod -e “2021-12-30” ajay
7.For lock user account password
usermod -L ajay
8.For unlock user account password
usermod -U ajay
If we modify user account directory after the create user account then by default user got bash shell after login, to resolve it we can use following steps:
Resolve issue of user go into bash shell after change default home directory:
grep sara /etc/passwd
For change directory:
mkdir -p /pune/fcroad
usermod -d /pune/fcroad sara
grep sara /etc/passwd
Home directory change but if you login as a sara then user go into bash shell to resolve this use following command
chmod 700 /pune/fcroad
chown sara:sara /pune/fcroad
now copy sara profile hidden file into new directory
cp -rvf /home/sara/.bash* /pune/fcroad
Now try to login with sara user
Group Account Operations:
What is group?
Group is collection of user accounts which is very use full to administrator for manage and apply permission on number of users.
Type of Group:
Group account divided into two types:
- Primary Group
- Secondary Group
- Primary Group
Primary group create and delete with user account operation
- Secondary Group –
Secondary group create and delete by privilege user.
Database file of group account stored in following location
Group Properties – /etc/group
Group Admin Properties – /etc/gshadow
For add group account
For check group account properties:
grep developergrp /etc/group
it show following fields
developergrp – it show name of group account
x – it show mask value
1001 – it show group ID
ajay,vijay,harry – it show name of group members
For add single member in a group
gpasswd -a sara developergrp
For add multiple member in a group
gpasswd -M ajay,vijay,harry developergrp
By default existing group member overwrite if add multiple member into group.
For make/change group admin
gpasswd -A sara developergrp
For remove group admin
gpasswd -A “” developergrp
For check group admin properties
Grep developergrp /etc/gshadow
developergrp – it show group name
❗ – it show group password
sara – it show group admin name
ajay,vijay,harry – it show group member names
For delete group account
For modify group Id
groupmod -g 2556 developergrp
Call the Trainer and Book your free demo Class Call now!!!
| SevenMentor Pvt Ltd.
© Copyright 2021 | Sevenmentor Pvt Ltd.