User Management in Linux OS
Managing users is certainly high on the to-do list of system administrators. You might need to add, modify, and delete users from your computer or networks.
/etc/defaults/useradd. This file contains the default settings of a new user. The content of the useradd file is as follows:
# useradd defaults file GROUP=100 HOME=/home INACTIVE=-1 GENERAL ADMINISTRATION Chapter 4 101 EXPIRE= SHELL=/bin/bash SKEL=/etc/skel
/etc/login.defs. This file contains the default logon details for a new user. The content of the login.defs file is as follows:
# *REQUIRED* # Directory where mailboxes reside, _or_ name of file, relative to the # home directory. If you _do_ define both, MAIL_DIR takes precedence. # QMAIL_DIR is for Qmail # #QMAIL_DIR Maildir MAIL_DIR /var/spool/mail #MAIL_FILE .mail # Password aging controls: # # PASS_MAX_DAYS Maximum number of days a password may be used. # PASS_MIN_DAYS Minimum number of days allowed between password changes. # PASS_MIN_LEN Minimum acceptable password length. # PASS_WARN_AGE Number of days warning given before a password expires. # PASS_MAX_DAYS 99999 PASS_MIN_DAYS 0 PASS_MIN_LEN 5 PASS_WARN_AGE 7 # # Min/max values for automatic uid selection in useradd # UID_MIN 500 UID_MAX 60000 # # Min/max values for automatic gid selection in groupadd # GID_MIN 500 GID_MAX 60000 # # If defined, this command is run when removing a user. # It should remove any at/cron/print jobs etc. owned by # the user to be removed (passed as the first argument). # #USERDEL_CMD /usr/sbin/userdel_local # # If useradd should create home directories for users by default # On RH systems, we do. This option is ORed with the -m flag on # useradd command line. # CREATE_HOME yes
/etc/group. This file contains the computer group information for all groups of users.
/home. This directory specifies the home directory for each user.
/etc/skel. This directory forms the blueprint for all new users.Whenever a new user is created, this is the initial directory structure that is created for the user’s home directory.
The commands that help you manage users and groups.
Some of these commands are listed here:
* useradd
* usermod
* userdel
* groupadd
* groupdel
* groupmod
The following sections discuss each of these commands in detail.
useradd
The useradd command is used to create or update new user information. The syntax of the useradd command is as follows:
useradd [-c comment] [-d home_dir] [-e expire_date] [-f inactive_time] [-g initial_group] [-G group[,...]] [-m [-k skeleton_dir] | -M] [-p passwd] [-s shell] [-u uid [ -o]] [-n] [-r] login useradd -D [-g default_group] [-b default_home] [-f default_inactive] [-e default_expire_date] [-s default_shell]
The second syntax uses the –D option.When you execute the useradd command in the second syntax, a new user is created with the values specified with the command.
Some default values are provided by the system. Depending on the command line options, the details of the new user account are entered into the system files as needed, the home directory is created, and initial files are copied. The version of this command that is provided with Red Hat Linux, creates a group for each user added to the system, unless the -n option is given.
An example of the useradd command is given here:
useradd -p user$123 David
This example creates a user named David and sets the user’s password.
usermod
The usermod command is used to modify a user account. The syntax for the usermod command is given here:
usermod [-c comment] [-d home_dir [ -m]] [-e expire_date] [-f inactive_time] [-g initial_group] [-G group[,...]] [-l login_name] [-p passwd] [-s shell] [-u uid [ -o]] [-L|-U] login
Remember that while executing the usermod command, you cannot change the username of the currently logged users. You should also ensure that there is no running process owned by the user whose user account details are being changed.
userdel
The userdel command is used to delete a user account and related files. The syntax for the userdel command is shown here:
userdel [-r] login
The userdel command modifies the system account files and deletes the entries that refer to the given login. The named login must exist.
This command will not allow you to delete an account if the user is currently logged in. You must first kill any running processes that belong to the account you are deleting. If the user to be deleted is an NIS client, you cannot remove any Network Information Service (NIS) attributes of the user from your computer.
This must be performed on the NIS server.
The command to delete the user, David, is given here:
userdel -r David
groupadd
The groupadd command creates a new group. The syntax for the groupadd command is as follows:
groupadd [-g gid [-o]] [-r] [-f] group
When you execute this command, a new group with the details specified with the command is created. The new group will be updated in the system files as needed.
groupdel
The groupdel command is used to delete a group. The syntax for the groupdel command is shown here:
groupdel group
This command modifies the system account files, deleting all entries that refer to that group. You must manually check all file systems to ensure that no files remain with the named group as the file group ID.
groupmod
The groupmod command is used to modify a group. You can modify attributes of a group, such as the group ID and the group name. The syntax for the groupmod command is as follows:
groupmod [-g gid [-o]] [-n group_name ] group
This command modifies the system account files to reflect the changes that are specified on the command line.
You have seen various commands to manage users and groups. The information regarding users is stored in the /etc/skel directory. This directory contains files that determine the user settings.
You can view the content of the /etc/skel directory by executing the following command:
ls –la /etc/skel
The following output is displayed:
total 40 drwxr-xr-x 4 root root 4096 Feb 27 21:27 . drwxr-xr-x 57 root root 4096 May 11 14:55 .. -rw-r—r— 1 root root 24 Aug 22 2000 .bash_logout -rw-r—r— 1 root root 230 Aug 22 2000 .bash_profile -rw-r—r— 1 root root 124 Aug 22 2000 .bashrc -rw-r—r— 1 root root 688 Aug 25 2000 .emacs drwxr-xr-x 3 root root 4096 Feb 27 21:21 .kde -rw-r—r— 1 root root 321 Aug 14 2000 .kderc -rw-r—r— 1 root root 3651 Aug 15 2000 .screenrc drwxr-xr-x 5 root root 4096 Feb 27 21:21 Desktop
The /etc/.bash_profile file stores the local system configuration for bash, which controls the environment variables and programs that are run when bash is executed. These environment variables and functions are specific only to the currently logged on user and they do not affect other users. This file is executed immediately after the global configuration file /etc/profile. Unlike the /etc/profile file, which affects all users except csh derived shells, /etc/.bash_profile affects only the user who is running bash.
The command to view the .bash_profile file is as follows:
cat /etc/skel/.bash_profile
The content of the .bash_profile file is displayed:
# .bash_profile # Get the aliases and functions if [ -f ~/.bashrc ]; then . ~/.bashrc fi # User specific environment and startup programs PATH=$PATH:$HOME/bin BASH_ENV=$HOME/.bashrc USERNAME=”” export USERNAME BASH_ENV PATH
In case of any ©Copyright or missing credits issue please check CopyRights page for faster resolutions.