Key Concepts, Class 3 – Part 1:  Creating and Managing UNIX Account

 

Overview

 

 

/etc/passwd – keeps usernames, primary group ids associated with each user, the user’s default shell (e.g. /bin/bash) and other information about system users.  This file is readable by every user on the system.

 

/etc/shadow – actually contains the encrypted password for each user.  This file should only be readable by the root user.

 

/etc/group – contains the list of system groups and users associated with each group.

 

 


Adding User Accounts to the System

UNIX account are usually added with the useradd command line utility.  Typing useradd at the command line shows you its usage:

 

[root@doh chrisjur]# useradd

usage: useradd  [-u uid [-o]] [-g group] [-G group,...]

                [-d home] [-s shell] [-c comment] [-m [-k template]]

                [-f inactive] [-e expire ] [-p passwd] [-n] [-r] name

 

 

Some of the most common command line options include:

 

-g <group name> - specifies the name of the user’s primary group

-s <shell path> - specifies the path to the user’s default shell

-m – specifies whether useradd should create a home directory for the user

-d <home directory> - specifies the path of the user’s home diretory

 

The following example creates a user named ‘chris’ with the primary group ‘iti481staff’, the home directory ‘/staff/chris’ and the default shell ‘/bin/tcsh’:

 

useradd -g iti481staff -d /staff/chris -s /bin/tcsh -m chris

 

On Linux systems, the home directory is created by default.  On many other operating system, the home directory is not, so you must use the –d and –m options.

 

Linux systems will also create a default group for that user, which is has the same name as the login name.  This group is set as the default group for the user unless another primary group name is specified using the –g option.  For example, if we did not user the ‘-g iti481staff’ argument above, the system would create a new group called ‘chris’, which will be the default group for the new user ‘chris’.

 

If you do not specify a default group, shell or home directory, the useradd will use the system defaults.  Therefore, it is possible to add a user to the system simply by doing:

 

useradd <username>

 

The most important thing to remember is that after you create a user, you must assign the user a password.  Of course, you do this by using the stanard UNIX passwd utility, e.g.

 

passwd username

 

…allows you to set the password for a user.

 

 

 


Deleting User Accounts from the System

Users can be deleted from the system by using the userdel utility.  This is a simple, but powerful utility.  It is used like this:

 

userdel <username>

 

userdel will delete all entries from the /etc/passwd, /etc/group and /etc/shadow files for the user you remove.  It will not, however, remove the user’s home directory or files – you will have to do that by hand (using rm and rmdir, of course).

 

 

 


Adding Groups to the System

Groups can be added to ths system by using the groupadd utility.  It is used like this:

 

ugroupadd <groupname>

 

groupadd will add the group you specify to the /etc/group file and assign it an available group id (GID).

 

 

 

 


Deleting Groups from the System

Groups can be from the system by using the groupadd utility.  It is used like this:

 

groupdel <groupname>

 

groupdel will delete the group you specify from the /etc/group file.  groupdel will not delete user accounts that are associated with the group you remove.


Adding Users to Groups

There are two ways a user can be part of a system group that is listed in the /etc/group file:

 

You can manually add the user to the /etc/group file.  To do this, open the /etc/group file with your favorite text editor (pico, vi, emacs, etc.).  Simply add the username to the line that corresponds to the group you want to add the user to.  You can add multiple usernames to the same group by using a comma-separated list of usernames.

 

For example, if you have a group called iti481staff, there will be a line in the /etc/group file that looks like this:

 

iti481staff:x:513:

 

To add the users chris, john and joe to the iti481 staff group, you need to list them like this:

 

iti481staff:x:513:chris,john,joe

 

After saving the changes you made to the /etc/group file, the users you just added will members of the iti481 staff group.