User Administration Creating Modifying and Deleting RHEL 7

In Linux Terms users are users who utilize system for doing there work effectively. Work means which maybe anything like writing code, designing graphics, Playing games, innovating new things and learning new things. Linux does not have complex user administration, User administration in Linux / Unix platform is very easy of-course very effective as well. In this article we are going to learn User Administration Creating Modifying and Deleting RHEL 7 / Centos 7. Creating modifying user accounts

Three Types of users exists in Linux / Unix

  • Administrator / Super User / Root User / Inbuilt User
  • Service Accounts
  • Normal Users

User Administration Creating Modifying and Deleting RHEL 7

User Administration diagram

1. Root User: root user is an high privileged user which has complete permissions by default. root user id always 0. While installing Operating system root user will be created by default as administrator to install and manage things. Few of the administrator type commands can only be run by root user.

2. Service Accounts: Service accounts are the users which creates automatically whenever we install & start service. .i.e. NFS (nfsnobody), http (apache) .. etc. These service account will have an permissions to manage its related services. Service accounts by default do not have shell access (/sbin/nologin). These user id’s will start from 1 – 999 in New version of Linux such as RHEL 7 / Centos 7.

3. Normal Users: Normal user accounts will be created by administrator (root / Super user),  These user id’s start from 1000 – 65535. Manually we can assign permission based on requirement using sudoers.

Creating Users / Adding Users

Using simple useradd command we can create user in Linux / Unix Operating systems.  You must be an super user / Administrator to create another normal user.

[root@ArkIT-Serv ~]# useradd ravikumar
[root@ArkIT-Serv ~]# cat /etc/passwd |grep ravikumar
ravikumar:x:1000:1000::/home/ravikumar:/bin/bash

When we execute useradd command and passwd command it will do below steps to create user.

  • It will add entry in /etc/passwd file
  • Along with the user primary group with same as user name will be created
  • Group entry will be added in /etc/group
  • By Default user home directory will be created under /home path
  • /etc/skel directory files will be copied to /hom/USERNAME/
  • Encrypted password entry will be updated in /etc/shadow file

Useradd Command Options

While creating an user we can also customize few things like placing user home directory in mentioned path / Custom path. Adding Comment to user, Expiry date and so an.

  • -c   Used to add comment 
  • -d   Used to create custom home path of user
  • -D   Used to change default settings
  • -e   The date on which the user account will be disabled. The date is specified in the format YYYY-MM-DD.
  • -f   User Account will go to disabled after mentioned period expires
  • -g   User will have one primary and remaining secondary groups, instead of creating own primary group we can make another group as primary
  • -G   Adding user to secondary group
  • -k   Copy skel directory files
  • -K  Disable Password Ageing while creating service account
  • -l  Avoid to add user entry in lastlog and faillog list 
  • -m  Create Home Directory for user (Without -m option also by default useradd command will create)
  • -M  Do not Create Home Directory for the user
  • -N Do not create primary group as same as user name instead add user to group name mentioned with -g option
  • -o  Allow to create user with duplicate UID
  • -r Create and System Account
  • -u Specify custom UID for the user

Let’s see few practical examples of options

[root@ArkIT-Serv ~]# useradd -u 3333 -g project1 -c "Ind Administrator" -s /bin/bash -d /opt/ravik -e 2016-12-31 ravik

[root@ArkIT-Serv ~]# cat /etc/passwd |grep ravik
ravik:x:3333:2005:Ind Administrator:/opt/ravik:/bin/bash

Check below is the output to verify user account expiry date

[root@ArkIT-Serv ~]# chage -l ravik
Last password change : Nov 05, 2016
Password expires : never
Password inactive : never
Account expires : Dec 31, 2016
Minimum number of days between password change : 0
Maximum number of days between password change : 99999
Number of days of warning before password expires : 7

Modify existing user values using usermod command

Along with the usermod command we have to use below options to modify required details

  • -c Change Comment
  • -d Change Home Directory Path
  • -e Change Expiry Date
  • -g Primary group change
  • -G Adding to different secondary group
  • -l Login Name change
  • -L Lock User
  • -m Move User home directory content to new path
  • -s Shell Change
  • -u Change User Identification UID
  • -U Unlock Locked user

Let’s see few examples here

Change User Shell from /bin/bash to /bin/csh

[root@ArkIT-Serv ~]# usermod -s /bin/csh ravik
[root@ArkIT-Serv ~]# cat /etc/passwd |grep ravik
ravik:x:3333:2005:Ind Administrator:/opt/ravik:/bin/csh

Change user comment 

[root@ArkIT-Serv ~]# cat /etc/passwd |grep ravik
ravik:x:3333:2005:Ravi Kumar Linux Administrator:/opt/ravik:/bin/csh

Lock and Un-Lock User

[root@ArkIT-Serv ~]# usermod -L ravik

[root@ArkIT-Serv ~]# cat /etc/passwd |grep ravik
ravik:x:3333:2005:Ravi Kumar Linux Administrator:/opt/ravik:/bin/csh

[root@ArkIT-Serv ~]# cat /etc/shadow |grep ravik
ravik:!!:17110:0:99999:7::17166:
[root@ArkIT-Serv ~]# usermod -U ravik

[root@ArkIT-Serv ~]# cat /etc/shadow |grep ravik
ravik:!:17110:0:99999:7::17166:

Deleting User

Deleting exiting user is very simple just we have to run userdel command along with required options, User administration creating, modifying and deleting users.

[root@ArkIT-Serv ~]# userdel ravik
[root@ArkIT-Serv ~]# userdel -r ravikumar
[root@ArkIT-Serv ~]# cd /opt/
[root@ArkIT-Serv opt]# ls
ravik rh
[root@ArkIT-Serv opt]# cd /home/
[root@ArkIT-Serv home]# ls
ravi1

if you delete user without using -r option user home directory will not delete, you have to delete user home path manually. If you use -r option home directory also will delete automatically.

Conclusion

User Administration is very simple and very effective, I hope you understand about user types, Creating, Modifying and Deleting Users from Linux Machine.

Related Articles

Access Control List Explained

What is LVM and How to create LVM

11 rsync commands

RHCSA Certification Video Tutorial

Thanks for your wonderful Support and Encouragement

Ravi Kumar Ankam

My Name is ARK. Expert in grasping any new technology, Interested in Sharing the knowledge. Learn more & Earn More

2 Responses

  1. blank rami reddy says:

    how to restrict users to their home directories

Leave a Reply

Your email address will not be published. Required fields are marked *