Thursday, 13 September 2018

Linux Commands to manage Local Accounts – useradd, usermod, chage & passwd

User administration is one of the important task of Linux system administrator. Local accounts or users in Linux like operating system is managed by useradd, usermod, userdel, chage and passwd commands.

◈ useradd command is used to create new accounts in Linux
◈ usermod command used to modify the existing accounts in linux
◈ userdel command is used to delete local account in linux
◈ passwd command used assign password to local accounts or users.
◈ chage comamnd is used to view & modify users password expiry information

Syntax of ‘useradd’ command


# useradd <options> <username_or_login>

Options used in useradd command :

Linux Command, LPI Guides, LPI Certification, LPI Learning, LPI Tutorial and Materials

Syntax of usermod command :


# usermod <options> <username_or_login>

Options used in usermod command.

Linux Command, LPI Guides, LPI Certification, LPI Learning, LPI Tutorial and Materials

Syntax of userdel command:


# userdel <options> <username_or_login>

Options used in userdel command :

Linux Command, LPI Guides, LPI Certification, LPI Learning, LPI Tutorial and Materials

Syntax of chage:


# chage <options> <username_or_login>

Options used in chage command :

Linux Command, LPI Guides, LPI Certification, LPI Learning, LPI Tutorial and Materials

Syntax of passwd Command:


# passwd <username_or_login>

In this article we will discuss different examples of user administration on CentOS 7 & RHEL 7.

Example:1 Create a local account & assign password.


User the below syntax to create and assign to the username.

# useradd <username> ; echo -e "<newpassword>\n<newpassword>" | passwd username

Let’s create a username ‘harry’ and assign password.

[root@lpicentral ~]# useradd harry ; echo -e "Roxicant@123#\nRoxicant@123#" | passwd harry
Changing password for user harry.
New password: Retype new password: passwd: all authentication tokens updated successfully.
[root@lpicentral ~]#

Note : When a user is created in Linux followings are updated:

◈ A home directory is created under ‘/home/<username>’
◈ User info is updated in ‘/etc/passwd’ file
◈ Group Information is stored in ‘/etc/group’
◈ password info is updated in ‘/etc/shadow’ file.
◈ File for user’s email is created under ‘/var/spool/mail/<username>’

Example:2 Create a user with customize settings


Let’s create a user with following options :

UID = 2000
GID = 5000
Comments = ‘Admin Account of SAP’
Home Directory = /opt/sap
Shell = /bin/ksh
Username = john
password = xxxxxx

[root@lpicentral ~]# useradd -u 2000 -g 5000 -c "Admin Account of SAP" -d /opt/sap -s /bin/ksh john
[root@lpicentral ~]#
[root@lpicentral ~]# echo -e "Sapcant@123#\nSapcant@123#" | passwd john
Changing password for user john.
New password: Retype new password: passwd: all authentication tokens updated successfully.
[root@lpicentral ~]#

Verify the above settings from /etc/passwd file.

[root@lpicentral ~]# grep john /etc/passwd
john:x:2000:5000:Admin Account of SAP:/opt/sap:/bin/ksh
[root@lpicentral ~]#

Example:3 Modify the Existing User


usermod command is used to modify the existing local accounts in Linux.

Let’s make the existing user “harry” part of Secondary group “sap” and change its home directory from ‘/home/harry’ to ‘/opt/sap’ and login shell from ‘/bin/bash’ to ‘/bin/sh’

[root@lpicentral ~]# usermod -G sap -d /opt/sap -s /bin/sh harry
[root@lpicentral ~]#
[root@lpicentral ~]# grep harry /etc/passwd
harry:x:1000:1000::/opt/sap:/bin/sh
[root@lpicentral ~]#

Example:4 Create a user and force to change the password at first login.


Let’s create a user ‘mark’ with secondary group ‘sap’, home directory as ‘/opt/sap’ and force him to change his password at the first login.

We can force users to change its password at first login by using command ‘chage -d 0 <username>‘.

[root@lpicentral ~]# useradd -c "sap user" -G sap -d /opt/data mark
[root@lpicentral ~]# echo -e "Sapdata@123#\nSapdata@123#" | passwd mark ; chage -d 0 mark
Changing password for user mark.
New password: Retype new password: passwd: all authentication tokens updated successfully.
[root@lpicentral ~]#

Now try to login as mark and see whether user is getting a prompt to change password or not.

Linux Command, LPI Guides, LPI Certification, LPI Learning, LPI Tutorial and Materials

Note: Use ‘chage -l <username>‘ command to view the user’s password expiry info.

Example:5 Delete a User along with its home directory


userdel command is used to delete local accounts or users in Linux. Let’s delete a user lpicentral along with its related its files (home directory).

[root@lpicentral ~]# userdel -r lpicentral
[root@lpicentral ~]# grep lpicentral/etc/passwd
[root@lpicentral ~]#

Related Posts

0 comments:

Post a Comment