Linux User And Group Management

  • By
  • December 3, 2021
  • Linux

Manage User and Group Accounts in Linux (RHEL 8/ Centos 8) –

The manage user and groups account is the core part of Linux operating system. Each user has distinct login credentials in operating system to manage customize privileges in to user and group account. Each user and group got default unique ID’s add the time of creation, we can manage various permission ton basis of user and group for access any file, directory or commands it important to understand the user and group account management.

Here we use RHEL8/Centos 8 for the steps –

What is User?

  • user is another name of an account capable of logging into a computer.
  • A user is an individual who uses the available hardware and software resources.
  • In RHEL 8 by default 0 – 999 User ID (UID) are reserved for system purpose, when we create user account it got user id from 1000+.

Type of User

  • System User (Privilege/Administrative)
  • Normal User (Non-privilege/Secondary)
  1. System User –
  • It is created by OS automatically.
  • System user account by default have user id between 0 – 999.

        Eg. –

  • Root user account automatically created at the time of Linux OS Installation.
  •  Administrator user account automatically created at the time of windows OS installation.
  1. Normal User –
  • It is created by privilege/Administrator user
  • Normal user account by default got id 1000+
    • Eg
    • Student,Sachin,Ajay

For Free Demo classes Call:7798058777
Registration Link: Click Here!

To manage user account use following commands –

useradd – use to add user account

usermod – use to modify existing user account

userdel – use to delete user account

passwd – use to create or change user account password

Database File of User Account –

All user account database by default stored in following file –

  • User account Properties – /etc/passwd
  • User Password Properties – /etc/shadow

Manage User Account step by step:

  1. For Create user account:

useradd ajay

2.For check user account properties:

grep ajay /etc/passwd

grep search ajay string into passwd file where stored the user account database and display the whole line where match ajay string. Here total 7 filed available each filed separated by : (colon).

ajay:x:1001:1001: :/home/ajay:/bin/bash

 

ajay It show user name ( user login name )

x It show mask password

1001 It show user account ID (UID)

1001 It show user account primary group ID (GID)

:: It show user comment or full name ( by default empty)

/home/ajay It show user home directory

/bin/bash It show user login shell

 

1.For Crate/change user account password – Passwd ajay

Type here password which want to we set, need to re-enter password for the confirmation.

2.For check user password properties:

grep ajay /etc/shadow

User password properties store in following format, each filed is separated by : (colon)

ajay:@s$!1bc25f%:18002:0:99999:7: : :

 

ajay it show user name (login name)

!6$^6ek23u%78 it show user encrypted password

18556 it show number of days since 1969.

0 it show minimum life of password

99999 it show maximum life of password

7 it show warning days before expire password

::: it show password expiry days or inactive period of password.

 

3. For switch one user account to another user account –

su ajay

 

4.For logout from currently login user account-

exit

or

press “ctrl+d” shortcut key for logout.

5.For delete user account –

userdel ajay

With above command we can delete user account but it home directory still remain, for delete user account with home directory we can use following command.

userdel -r ajay

For Free Demo classes Call:7798058777
Registration Link: Click Here!

6.For modify existing user account properties –

1.For change user name (user login name)

usermod -l vijay ajay

 

2.For change user ID

usermod -u 2025 ajay

 

3.For set comment/fullname to user account

usermod -c “Junior Software Development” ajay

 

4.For set new home directory

Mkdir -p /india/pune

usermod -d /india/pune ajay

 

5.For change login shell

usermod -s /sbin/nologin ajay

Note: if set /etc/nologin shell to user account then user can’t login into bash shell

 

6.For set expiry date to password

usermod -e “2021-12-30” ajay

 

7.For lock user account password

usermod             -L ajay

 

8.For unlock user account password

usermod -U ajay

Note:

If we modify user account directory after the create user account then by default user got bash shell after login, to resolve it we can use following steps:

 

Resolve issue of user go into bash shell after change default home directory:

useradd    sara

grep   sara   /etc/passwd

 

For change directory:

mkdir  -p  /pune/fcroad

 

usermod   -d   /pune/fcroad    sara

grep   sara   /etc/passwd  

 

Home directory change but if you login as a sara then user go into bash shell to resolve this use following command

chmod   700   /pune/fcroad

chown    sara:sara    /pune/fcroad

 

now copy sara profile hidden file into new directory

cp  -rvf    /home/sara/.bash*    /pune/fcroad

 

Now try to login with sara user

For Free Demo classes Call:7798058777
Registration Link: Click Here!

Group Account Operations:

What is group?

Group is collection of user accounts which is very use full to administrator for manage and apply permission on number of users.

Type of Group:

Group account divided into two types:

  1. Primary Group
  2. Secondary Group
  1. Primary Group 

Primary group create and delete with user account operation

  1. Secondary Group –

Secondary group create and delete by privilege user.

 

Database file of group account stored in following location

Group Properties – /etc/group

Group Admin Properties – /etc/gshadow

 

For add group account

groupadd developergrp

For check group account properties:

grep developergrp /etc/group

 

it show following fields

developergrp:x:1001:ajay,vijay,hary

 

developergrp it show name of group account

x it show mask value

1001 it show group ID

ajay,vijay,harry it show name of group members

 

For add single member in a group

gpasswd -a sara developergrp

 

For add multiple member in a group

gpasswd -M ajay,vijay,harry developergrp

 

By default existing group member overwrite if add multiple member into group.

 

For make/change group admin

gpasswd -A sara developergrp

 

For remove group admin

gpasswd -A “” developergrp

 

For check group admin properties

Grep developergrp /etc/gshadow

 

developergrp it show group name

it show group password

sara it show group admin name

ajay,vijay,harry it show group member names

 

For delete group account

groupdel developergrp

 

For modify group Id

groupmod -g 2556 developergrp

Author:-

Abhijeet Dahatonde

Call the Trainer and Book your free demo Class  Call now!!!
| SevenMentor Pvt Ltd.

© Copyright 2021 | Sevenmentor Pvt Ltd.

Submit Comment

Your email address will not be published.

*
*