Users and group management

Users and group management.

Three types of users
1> Super users (root)
2> System users : this users are created during system installation.
3> Limited users : these users are created ny root user and they have access to their home directory only.

When we create any new users then by default it create below
i> make entries in /etc/passwd and /etc/shadow
ii> create home directory /home/username
iii> mailbox /var/spool/mail/username

User ::: UID
root     0
system user : 1-499
limited users : 500-onward.

The entry in “/etc/passwd” is look like

alex:x:500:500: :/home/alex:/bin/bash

username:password_enable:UID:GID:comment:home_directory:login_shell

Note : 1> we can change all the entries for user Or set modified value during user creation with help of commands.
2> If we remove “x” value in password_enable/disable field. Then user can login without password.

When we set password to user it make entries in /etc/shadow file as

alex:&6 $ABCD $1——RV——:9999:7

userName:Algo_saltValue_RandomValue:days:password_policy
the entry start from Algo to password_policy is combine called as Hash value

Algorithm for password encryption.
SHA512 in RHEL6 => value $6
MD5 in previous versions => value &1

Extra : there is /etc/passwd- and /etc/shadow- file as backup if you accidently delete original files.

=========================================

1> Add and remove users
graphically

System => administration => add and remove user.

Command lines :
#useradd userName
Or
#adduser UserName

2> change set password
#passwd username
enter password twice

Or
#lpasswd username
it ask for old password

3> Switching users

#su -alex : switch user to alex and goto his home directory

#su alex : switch user to alex and keep same working directory

#su – : switch to root user

4> Modifying user information in passwd

i> change user login name
#usermod -l Newname OldName

ii> change UID
#usermod -u ID username

iii> change comment
#usermod -c “comment” username

iv>change home directory
#usermod -d New_path username

v> change login shell
#usermod -s /sbin/nologin username

Note : you can also pass custom information with useradd command with same (above) option with useradd command during user
creation.

5> Delete user
#userdel username

#userdel -r username : delete user with home directory.

6> Lock / Unlock the user password
Lock
#usermod -L username

Unlock
#usermod -U username

Extra ::
i> check UID and GID of user
#id username

2> check user login info
#pinky username

3> user information
#finger username –install finger package

Change finger information
#chfn username

==========================================================================================

Group management

1> Add group
#groupadd GroupName

It create entries in /etc/group and also has symbolic link /etc/group-

2> set password to group
#gpasswd GroupName
enter password twice

3> lock / unlock group password
Lock
#gpasswd -R grouName

Unlock
#gpasswd -r groupName

4> Modify group information
i> change gid of group
#groupmod -g NewID groupName

ii> change group name
#groupmod -n NewName OldName

5> Delete group
#groupdel groupName

6> Add and remove users in group
Add
#usermod -G group User1 user2
Remove
#gpasswd -d UserName groupName

7> Change primary group of user
#usermod -g Newgroup username

Change secondary (membership) group of user
#usermod -G groupname Username

Change groupship of active user ( user should be login)
#newgrp groupName

Extra ::
i> check active users
#users

ii> check active/login group
#groups
=================================================================
password Policy

In this you can set the password expiry, account expiry, account and password validation limit

1> check user policy
#chage -l UserName

2> change password policy
#chage username

Then it ask for diffent policy information. Enter the require data.
=================================================================

Posted in commands

Leave a Reply