Key Concepts, Class 3 – Part 1: Creating and Managing UNIX Account
/etc/passwd – keeps usernames, primary group ids associated
with each user, the user’s default shell (e.g. /bin/bash) and other information
about system users. This file is
readable by every user on the system.
/etc/shadow – actually contains the encrypted password for
each user. This file should only be
readable by the root user.
/etc/group – contains the list of system groups and users
associated with each group.
UNIX account are usually
added with the useradd command line utility. Typing useradd at the command line shows you its usage:
[root@doh chrisjur]#
useradd
usage: useradd [-u uid [-o]] [-g group] [-G group,...]
[-d home] [-s shell] [-c
comment] [-m [-k template]]
[-f inactive] [-e expire ] [-p
passwd] [-n] [-r] name
Some of the most common
command line options include:
-g <group name> - specifies the name of the user’s primary group
-s <shell path> - specifies the path to the user’s default shell
-m – specifies whether useradd should create a home
directory for the user
-d <home
directory> - specifies the path
of the user’s home diretory
The following example
creates a user named ‘chris’ with the primary group ‘iti481staff’, the home
directory ‘/staff/chris’ and the default shell ‘/bin/tcsh’:
useradd -g
iti481staff -d /staff/chris -s /bin/tcsh -m chris
On Linux systems, the home
directory is created by default. On
many other operating system, the home directory is not, so you must use the –d
and –m options.
Linux systems will also
create a default group for that user, which is has the same name as the login
name. This group is set as the default
group for the user unless another primary group name is specified using the –g
option. For example, if we did not user
the ‘-g iti481staff’ argument above, the system would create a new group called
‘chris’, which will be the default group for the new user ‘chris’.
If you do not specify a
default group, shell or home directory, the useradd will use the system
defaults. Therefore, it is possible to
add a user to the system simply by doing:
useradd <username>
The most important thing to remember is that after you create a user, you must assign the user a password. Of course, you do this by using the stanard UNIX passwd utility, e.g.
passwd username
…allows you to set the
password for a user.
Users can be deleted from
the system by using the userdel utility. This is a simple, but powerful utility. It is used like this:
userdel
<username>
userdel will delete all entries from the /etc/passwd,
/etc/group and /etc/shadow files for the user you remove. It will not, however, remove the
user’s home directory or files – you will have to do that by hand (using rm
and rmdir, of course).
Groups can be added to ths
system by using the groupadd utility.
It is used like this:
ugroupadd
<groupname>
groupadd will add the group you specify to the /etc/group
file and assign it an available group id (GID).
Groups can be from the
system by using the groupadd utility.
It is used like this:
groupdel
<groupname>
groupdel will delete the group you specify from the
/etc/group file. groupdel will
not delete user accounts that are associated with the group you remove.
There are two ways a user
can be part of a system group that is listed in the /etc/group file:
You can manually add the
user to the /etc/group file. To do
this, open the /etc/group file with your favorite text editor (pico, vi, emacs,
etc.). Simply add the username to the
line that corresponds to the group you want to add the user to. You can add multiple usernames to the same
group by using a comma-separated list of usernames.
For example, if you have a
group called iti481staff, there will be a line in the /etc/group file that
looks like this:
iti481staff:x:513:
To add the users chris,
john and joe to the iti481 staff group, you need to list them like this:
iti481staff:x:513:chris,john,joe
After saving the changes
you made to the /etc/group file, the users you just added will members of the
iti481 staff group.