Sunday, September 21, 2008

Linux Users and Groups

Linux stores all users and groups configuration data in the following files.
  • /etc/passwd
  • /etc/shadow
  • /etc/group
E.G

geeko:x:1000:100:Geeko Chameleon:/home/geeko:/bin/bash
geeko:$sdfsdf$123$asf234sdfasdf23132:13181:0:9999:7:-1::

The above illustration shows the entry for the user geeko with an encrypted password. Some users such as wwwrun or bin ave an * in the password field. This means that these users can not log in to the system, but are for special applications.

Command to manage the users and groups.
  • useradd -m : automatically generates the home directory for the user. Without this argument, the directory is created under /home/
  • useradd -c : creating a new user with the ext for comment field.
  • useradd -u : specifying the UID of the new account.
  • useradd -g : specifying the primary group of the user.
  • useradd -e : set the expire date.
  • usermod : used to modify the setting. All the options used by usermod is the same as useradd
  • passwd -l : a user can be locked out.
  • passwd -u : a user can be unlocked, or re-activated.
  • if /etc/shadow lists a user account where is the password field is started with !, it means this account had been locked.
  • passwd -S : list the status of a user account.
  • passwd -i : disable an account after the password has been expired for number of days
  • passwd -n : sets the minimum number of days before a password can be changed.
  • passwd -w : warns the user that in number of days his password will expire.
  • passwd -x : sets the maximum number of days a password remains valid. After number of days the password must be changed.
E.G passwd -x 30 -w 5 geeko

When the passwd command is used, the /etc/default/passwd file is checked for the encryption method.

Manage groups from the command line.
  • groupadd -g 200 sports : adding a new group, called sport with gid, 200
  • groupdel sports : deleting a group called sports
  • groupmod -g 201 sports : modifying the gid of sports group to 201
  • groupmod -A geeko : add the user geekp to the group
  • gpasswd : Change password for group accounts.


The standrad configuration information is derived from 2 importants files.
  • /etc/default/useradd
  • /etc/login.defs
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)