Managing user accounts and groups is an essential responsibility for Linux administrators.
In this tutorial, we will explore a range of Linux commands that enable us to perform fundamental user management tasks. We’ll cover creating new users, creating groups, deleting users, and deleting groups.
By mastering these commands, you’ll gain the skills needed to effectively manage user accounts and groups in a Linux environment. Let’s dive in and discover how to streamline user management on your Linux system.
The following commands can be used to manage users and groups in Linux.
- useradd creates new users.
- groupadd creates new groups.
- userdel deletes users.
- groupdel deletes groups.
- usermod is for making changes to existing users.
- passwd creates and changes passwords.
The following files are related to Linux user management task.
- /etc/login.defs
- /etc/default/useradd
- /etc/passwd
- /etc/group
- /etc/shadow
If you’re new to the world of Linux, you can refer to “Mastering the Linux Command: A Beginner’s Guide.” This in-depth article will be your guiding light, providing you with the foundational knowledge and skills required to navigate and wield the Linux command line interface (CLI) effectively and with assurance.
Useradd – create New Users on Linux
Adding a user in Linux is a fairly simple process. You can add a user by using the useradd command. To add a user, type the following command at the command prompt:
useradd username
This will add the user “username” to the system. The user will be added with a default home directory and a default set of permissions. If you want to add a user with a specific home directory, you can use the -d option. For example:
useradd -m -d /home/username username
This will add the user “username” with the home directory /home/username.
The useradd command is included in most Linux distributions and is configurable to suit our requirements. Now we haven’t set the password for this user. The second column for this user in file /etc/shadow shows !!.
To learn more about useradd command, you can refer to this article: How useradd works in Linux
[root@howtouselinux ~]# useradd test
[root@howtouselinux ~]# su - test
[test@howtouselinux ~]$ ls -lrta
total 20
-rw-r--r-- 1 test test 124 Oct 27 2017 .mkshrc
-rw-r--r-- 1 test test 231 Aug 21 2019 .bashrc
-rw-r--r-- 1 test test 193 Aug 21 2019 .bash_profile
-rw-r--r-- 1 test test 18 Aug 21 2019 .bash_logout
-rw-r--r-- 1 test test 172 Feb 17 2020 .kshrc
drwxr-xr-x. 9 root root 124 Dec 30 12:30 ..
drwx------ 2 test test 91 Dec 30 12:30 .
[test@howtouselinux ~]$ grep test /etc/passwd
test:x:50294:50294::/home/test:/bin/bash
[test@howtouselinux ~]$ id test
uid=50294(test) gid=50294(test) groups=50294(test)
[root@howtouselinux ~]# grep test /etc/shadow
test:!!:18626:7:90:7:30::
Groupadd – create new groups in Linux
Adding a group in Linux is a fairly simple process. You can add a group by using the groupadd command. To add a group, type the following command at the command prompt:
groupadd groupname
This will add the group “groupname” to the system. The group will be added with a default set of permissions. Once you have added a group, you can then add users to the group by using the usermod command.
[test@howtouselinux ~]$ groupadd test
groupadd: group 'test' already exists
[test@howtouselinux ~]$ groupadd testnew
groupadd: Permission denied.
groupadd: cannot lock /etc/group; try again later.
[test@howtouselinux ~]$ exit
[root@howtouselinux ~]# groupadd testnew
[root@howtouselinux ~]# grep test /etc/group
test:x:50294:
testnew:x:50295:
Userdel – delete users in Linux
We can use userdel command to delete users on Linux. With -r option, this will remove the files of this user ( like home directory and mail pool etc). We need to be careful before we run this command.
Otherwise, the files of this user are still on the system. How Userdel Works In Linux
-r, –remove Files in the user’s home directory will be removed along with the home directory itself and the user’s mail spool. Files located in other file systems will have to be searched for and deleted manually.
In the following example, we don’t use -r option. The home directory for this user and file filefortest under /root are still there.
[root@howtouselinux ~]# touch filefortest
[root@howtouselinux ~]# chown test:test filefortest
[root@howtouselinux ~]# ls -lrt filefortest
-rw------- 1 test test 0 Dec 30 13:05 filefortest
[root@howtouselinux ~]# userdel test
[root@howtouselinux ~]# id test
id: test: no such user
[root@howtouselinux ~]# cd /home/test/.
./ ../ .bash_history .bash_logout .bash_profile .bashrc .kshrc .mkshrc
[root@howtouselinux ~]# grep test /etc/passwd
[root@howtouselinux ~]# grep test /etc/group
testnew:x:50295:
[root@howtouselinux ~]# ls -lrt filefortest
-rw------- 1 50294 50294 0 Dec 30 13:05 filefortest
Groupdel – delete groups in Linux
The groupdel command in Linux is used to delete groups from the system. It is typically used when you no longer need a specific group and want to remove it from your Linux system. Here’s how you can use the groupdel command to delete groups:
1. Open a terminal: Launch a terminal on your Linux system. You can usually find the terminal application in your system’s applications or by using the keyboard shortcut (e.g., Ctrl+Alt+T).
2. Check existing groups: Before deleting a group, it’s a good practice to verify the list of existing groups on your system. You can use the cat command to view the contents of the /etc/group file, which stores the group information. For example, you can run the following command to display the group entries:
cat /etc/group
3. Identify the group to delete: From the list of groups displayed, identify the group that you want to delete. Take note of the group name as it will be used in the next step.
4. Delete the group: To delete a group, use the groupdel command followed by the group name. For example, if you want to delete a group named “examplegroup”, you would run the following command:
sudo groupdel examplegroup
Note that the groupdel command requires administrative privileges, so you may need to prefix it with sudo and enter your password when prompted.
5. Verify the group deletion: After executing the groupdel command, the group should be deleted from the system. You can confirm this by checking the /etc/group file again or by running the following command to display a list of groups:
getent group
If the group is no longer listed, it indicates that it has been successfully deleted.
It’s important to note that when you delete a group, the associated group ID (GID) will also be removed. Additionally, any users that were exclusively assigned to the deleted group will no longer be associated with that group.
Exercise caution when using the groupdel command, as deleting a group can affect the permissions and access control of files and directories associated with that group. Make sure you fully understand the implications before removing any groups from your Linux system.
[root@howtouselinux ~]# groupdel testnew
[root@howtouselinux ~]# grep testnew /etc/group
Usermod – make changes to existing users in Linux
The usermod command in Linux is used to make changes to existing user accounts. It allows you to modify various attributes and properties of a user account without having to delete and recreate the user. Here’s how you can use the usermod command to make changes to existing users:
1. Open a terminal: Launch a terminal on your Linux system. You can usually find the terminal application in your system’s applications or by using the keyboard shortcut (e.g., Ctrl+Alt+T).
2. Identify the user to modify: Before using the usermod command, determine the username of the user account you want to make changes to.
3. Make the desired changes: The usermod command supports a variety of options to modify different aspects of a user account. Some common modifications include:
– Change username: To change the username of a user account, use the -l or –login option followed by the new username. For example:
sudo usermod -l newusername oldusername
– Change user ID (UID): To change the numeric user ID of a user account, use the -u or –uid option followed by the new UID. For example:
sudo usermod -u 1001 username
– Change home directory: To change the home directory of a user account, use the -d or –home option followed by the new directory path. For example:
sudo usermod -d /new/home/directory username
– Add user to additional groups: To add a user to one or more additional groups, use the -G or –groups option followed by a comma-separated list of group names. For example:
sudo usermod -G group1,group2 username
– Set expiration date: To set an expiration date for a user account, use the -e or –expiredate option followed by the date in the format YYYY-MM-DD. For example:
sudo usermod -e 2022-12-31 username
These are just a few examples of the modifications you can make using the usermod command. You can explore more options and parameters in the command’s manual page (man usermod).
4. Verify the changes: After executing the usermod command with the desired options, you can verify the changes by checking the user’s account details. You can use the id or grep command to display information about the modified user account. For example:
id username
grep username /etc/passwd
Remember to use the sudo command before usermod to run it with administrative privileges, as some modifications may require superuser permissions.
Exercise caution when making changes to user accounts using the usermod command, as incorrect modifications can potentially disrupt user access and system functionality. Double-check your commands before executing them and ensure you understand the implications of the changes you’re making.
[root@howtouselinux ~]# id test
uid=50294(test) gid=50294(test) groups=50294(test)
[root@howtouselinux ~]# groupadd testnew
[root@howtouselinux ~]# usermod -aG testnew test
[root@howtouselinux ~]# id test
uid=50294(test) gid=50294(test) groups=50294(test),50295(testnew)