Managing user accounts is one of the many challenges facing Linux system administrators. Some of the responsibilities of a system administrator are enabling / disabling user accounts, preserving the home directory, setting user permissions, assigning groups / shells to users, and managing password words. past.
Effective user account control is only possible after familiarizing yourself with the basics of Linux account management. Therefore, this article is a stepping stone towards securing user accounts. It shows how to create, delete and modify user accounts and manage predefined settings or files to create the most suitable and secure environment for Linux users.
How to add user accounts in Linux
As a precaution, any user who uses your Linux machine should have a separate user account. A user account allows you to separate your files in a secure space with the ability to customize your home directories, path, environment variables, etc.
Before starting to create a new user, list the available user accounts using the To cut command as follows:
cut -d: -f1 /etc/passwd
The easiest way to create a new user account in Linux is by using useradd. This utility provides various settings to specify additional information when adding a new user. Some of the options are:
- -vs: add a description / a comment to a user account.
useradd -c "John Wise" john
- -D: defines the home directory of the specified user. By default, the useradd command sets it to the username (/ home / john), but you can change it to any directory you want as follows:
useradd -d /mnt/home/john
- -g: used to define the main group of a user. The user will be added to a group by default if you do not add one during the creation process.
- -G: adds the user to several groups.
useradd -G juice,apple,linux,tech john
- -o: Create a new user account using the UID of an existing user.
- -p: Used to add an encrypted password to the account. You can also add your password later using the passwd command.
For example, here’s how you can use the useradd command and some of the above parameters to add a new user:
useradd -g tech -G apple,linux -s /bin/zsh -c "James Adem" adem
In the process of creating the user, the aforementioned command performs several actions:
Change user defaults
The useradd command reads the default values of /etc/login.defs, / etc / useradd, and / etc / default / useradd. You can open the files in your favorite text editor in Linux, make and save the appropriate changes before using the command.
You can see some of the available settings inside login.defs using the following command:
cat /etc/login.defs | grep 'PASS|UID|GID'
Uncommented lines are keywords with values. For example, the PASS_MAX_DAYS keyword sets a maximum of 9999 days for password expiration. Likewise, the PASS_MIN_LEN keyword requires that the length of the password be at least five characters. Finally, the UID and GID keywords allow customization of user and group ID ranges for any new user account.
You can also view / modify the default settings present in the files by using the useradd command with the -D flag.
Note that you are not using the -D flag to create a new account. Instead, it only lets you change the default settings. Additionally, it supports changes to only a few parameters that the useradd command uses to create an account.
|-b||Modifies the default personal directory (/residence) for new user accounts.|
|-g||Modifies the new default primary user group (username) with another default group.|
|-s||Overrides the default / bin / bash shell with another default shell.|
|-e||Changes the default expiration date to deactivate a user account in YYYY-MM-DD format.|
|-F||Allows you to set days of inactivity before the account is deactivated and after the password expires|
For example, the following command changes the default shell to / bin / sh and the personal directory for / home / new:
useradd -D -b /home/new -s /bin/sh
Edit User Groups on Linux
usermod is another simple but straightforward Linux utility for modifying user account details. It supports parameters or indicators similar to those of the useradd command and that is why its use is quite simple.
For example, you can change the default shell of user adem from / bin / sh to / bin / bash as follows:
usermod -s /bin/bash adem
Now to include adm in the Sales group, you will need to use the -aG flag as a simple -G flag will remove the user from previously added additional groups: Apple and linux.
usermod -aG sales adem
cat /etc/group | grep adem
How to delete user accounts on Linux
Linux offers another command line utility userdel to delete any user account. Here is the basic syntax:
However, this will only delete the account details of the / etc / passwd to file. To also delete the user’s home directory, use the -r flag, as follows:
userdel -r username
As a precaution, we recommend that you find all files owned by the user and reassign them to any other existing user account. Use the find command to list all files owned by the user or assigned to a user ID that you have deleted or associated with no user.
find / -user username -ls
find / -uid 504 -ls
find / -nouser -ls
Linux user account management in a nutshell
This article presents examples of creating, deleting, and modifying a Linux user account with tips and tricks for any newbie Linux user who wants to continue system administration and learn user account management.
It also shows how to edit configuration files to set UID and GID ranges and change default settings for user account creation on Linux.
Need to give a family member or friend access to your Linux PC? Here’s how to add a user in Linux and give them their own account.
About the Author