User and Group Management

User and Group Management

1. USER:- All linux user have a used ID and a unique numeric identification number called User Id (UID).

Every user of the system is assigned a unique User ID number. User’s name and UID are stored in  /etc/passwd. User are assigned a home directory and a program that is run when they log in (usually called shell). Users can not read, write or execute  each other files and directory without permission.

Types of User                         User ID

1. Superuser                             0

2. System User                         1-499

3. Normal User                         500-60000

2. GROUP:- All Linux users have a group ID and a unique numeric identification number called Group Id (GID). Users are assigned to group with unique Group ID number. GID are stored in /etc/group file. Each user is given their own private group, they can also be added to other groups to gain the additional access  of a particular file or directory. All users in a group can share files that belong to the same group.

When a user is get created in linux its entry is recorded in the following files.

1. /home

2. /etc/passwd

3. /etc/shadow

4. /etc/group

5. /etc/default/useradd

6. /etc/login.defs

1. /home :- this is a user default home directory except root user and the command to view the users from home directory is :-

[root@server1~]# cd  /home              

[root@server1  home]# ll or ls            

2. /etc/passwd :-  user account information is store in this file and it contains 7 filed. And  the command to view the user account information is :-

[root@server1~]# cd /etc                    

[root@server1  etc]# cat   passwd          

1.linus = username

2.  x = password ( its indicate that password is set for a user)

3. 501 = uid

4. 501 = gid

5. : : = user information (GECOS = General  Electronics COmprehensive System)

6. /home/linus = user’s home directory

7. /bin/bash = user’s default  log in shell or shell type

To add user information in GECOS filed the command is :-

[root@server1~]# chfn  username      

Name [] : Linus Torvald                    

Office [] : Vashi Plaza, Navi Mumbai , Setcor-17.                  

Office Phone [] : 022-323646569/70 

Home Phone [] : 022-12345678                     

Figure information changed.

[root@server1~]#cat  passwd

Linus:x:501:501:Linus Torvald, Vashi Plaza,Navi Mumbai,Sector-17,022-323646569/70,022-12345678:/home/linus:/bin/bash        

3. /etc/shadow :- Secure user account information is stored in this file and it contains 9 filed. And the command to view the secure user account information is :-

[root@server1~]# cd /etc                    

[root@server1  etc]# cat   shadow          

 

1. linus = username

2. $78$xgfyryioruo$/df0 = user password in encrypted form (MD5 – Message Daigest)

3. 14763 = Date of last password change

4. 0 = minimum password age

5. 99999 = maximum password age

6. 7= worning before password is expired

7. : : =password inactivity period

8. : : = account expiration date

9. : : = reserved filed

4. /etc/group :- User group account information is stored in this file and it contains 4 filed. Andthe command to view the user group account information is :-

[root@server1~]# cd /etc                    

[root@server1  etc]# cat   group          

1. linus = username or group name log in with

2. x = password ( its indicate that password is set for a user and if it is black no password has been set)

3. 501 = group GID

4.:: = members of the group, if it is blank no member has been added to the group

5. /etc/default/useradd :- Default value or a default log in shell script is store in this file for a new user. You can change the value from it and while changing the value from this file existing users value will not be change. And the command to view the this script is :-

[root@server1~]# cd /etc                    

[root@server1  etc]# cd /default                    

[root@server1 default]# cat  useradd              

# useradd defaults file

GROUP=100

HOME=/home

INACTIVE=-1

EXPIRE=

SHELL=/bin/bash

SKEL=/etc/skel

CREATE_MAIL_SPOOL=yes

1. GROUP=100  = this indicate the user type

2. HOME=/home  = defines the directory where user's home directory is created by default.

3. INACTIVE=-1  =  active user account and allow to user login, if it is 1 user will not able to log in

4. EXPIRE=  user account expires days can be set

5. SHELL=/bin/bash  = default user bash shell

6. SKEL=/etc/skel = defines the path of the director which contains the files and directories which are copied to the users home directory when the user login is created. Here you can place additional files and directories, which you want to be copied to users home directory, when user is created.

7. CREATE_MAIL_SPOOL=yes  = define the directory where user’s mails will get stored by default.

6. /etc/login.defs :- This file defines user password details, uid, gid,  and mail directory location. And the command to view the this script is :-

[root@server1~]# cd /etc                    

[root@server1  etc]# cat login.defs                

User and Group Management Tutorial.

1. To create a user.

[root@server1~]# useradd  username                         

[root@server1~]#cd /etc                                 

[root@server1 etc]#cat passwd                                   

2. To set password for new and existing user.

[root@server1~]# passwd  username                          

Changing password for user username.

New password: * * * * *

BAD PASSWORD: it is based on a directory word

BAD PASSWORD: is too simple

Retype new password:

passwd: all authentication token updated successfully.

3. To create a group.

[root@server1~]# groupadd  groupname        

[root@server1~]#cd /etc                                 

[root@server1 etc]#cat group                         

4.  To add existing user to a group.

[root@server1~]# usermod  -G groupname  username                       

[root@server1~]#cd /etc                                 

[root@server1 etc]#cat group                         

5.  To add new user to a Secodary group.

[root@server1~]# useradd  -G groupname  username                         

[root@server1~]#cd /etc                                 

[root@server1 etc]#cat group                         

6.  To add newly created user to a Primary group.

[root@server1~]# useradd  -g groupname  username              

[root@server1~]#cd /etc                                 

[root@server1 etc]#cat group                         

7.  To remove user from a group.

[root@server1~]# gpasswd  -d  username  groupname                       

Removing user username from group groupname

8.  To remove user password.

[root@server1~]# passwd  -d  username                     

Now login with that user in another console

Press CTRL+ALT+F2

Server1 Login: username                                
username@server1~]$

9. To create user without password.

[root@server1~]# useradd  username             

[root@server1~]# passwd  -d  username                     

Now login with that user in another console

Press CTRL+ALT+F2

Server1 Login: username                                

[username@server1~]$

10. To delete a user.

[root@server1~]# userdel username               

root@server1~]#cd /etc                                              

[root@server1 etc]#cat passwd                                   

11. To delete a user along with its files forcefully.

[root@server1~]# userdel –rf  username                    

root@server1~]#cd /etc                                              

[root@server1 etc]#cat passwd                                   

[root@server1 etc]#cd /home                         

[root@server1 home]#ll                                              

[root@server1 home]#cd /var/spool/mail                    

[root@server1 var]#ll                                     

12. To delete a group.

[root@server1~]# groupdel groupname                      

root@server1~]#cd /etc                                              

[root@server1 etc]#cat group                         

13. To lock user.

[root@server1~]# usermod  -L  username      

Now login with hat user from another console

CTRL+ALT+F2

Server1 Login : username       

Password: ******                  

Login incorrect

14. To unlock user.

[root@server1~]# usermod  -U  username                  

Now login with hat user from another console

CTRL+ALT+F2

Server1 Login : username       

Password: ******                  

[username@server1~]$

15. To change username.

[root@server1~]# cd /etc                    

[root@server1 etc]# cat passwd                      

[root@server1 etc]#usermod  -l      oldusername                   

[root@server1 etc]# cat passwd                      

[root@server1 etc]# cat group            

[root@server1 etc]#id  username        

uid= username  gid= groupname  groups= groupname

16. To change user UID.

[root@server1~]# cd /etc                    

[root@server1 etc]# cat passwd                      

[root@server1 etc]#usermod  -u      username 

[root@server1 etc]# cat passwd                      

[root@server1 etc]# cat group            

[root@server1 etc]#id  username        

uid= username  gid= groupname  groups= groupname

17. To change groupname.

[root@server1~]# cd /etc                    

[root@server1 etc]# cat group            

[root@server1 etc]#groupmod  -n  newgroupnmae   oldgroupname   

[root@server1 etc]# cat group            

18. To change group GID.

[root@server1~]# cd /etc                    

[root@server1 etc]# cat group            

[root@server1 etc]#groupmod  -g      groupname                     

[root@server1 etc]# cat group            

[root@server1 etc]# cat passwd