User Management in Linux
Posted inCloud Computing Cyber Security Linux

User Management in Linux

No Comments

Welcome back with another topic to explore what we have learned during the RHEL courses from alanfi. Our today’s topic is User management and we are going to discuss it in the context of RHEL (specifically to its derivatives like CentOS 6,7, & 8).

User management is an important component for any Linux administrator. It involves creating, modifying, and maintaining user accounts to ensure secure and efficient system operations. This guide builds foundational knowledge, exploring essential commands, file structures, and best practices for user management in Linux

Creating a User

Commands to Create Users:

Create a user:

  useradd <username>

E.g.

  useradd umar

Or you can:

  adduser <username>

E.g.

  adduser usman

Then add a password to the user:

  passwd <username>

E.g.

  passwd umar

Behind the Scenes of useradd:

Well, upon run useradd, the actual modifications that it does to the operating system are about 70 in number. These changes include:

Adding an entry in the database for that user according to properties mentioned in:

  • /etc/login.defs
  • /etc/defaults/useradd

Updatation of below user databases:

  1. /etc/passwd
  2. /etc/shadow
  3. /etc/group
  4. /etc/gshadow

Copies default bash configuration files from the location /etc/skel/.bash* into the home directory of the user.

Validating a User:

To see if a user has been created:

id <username>

Example:

id umar

Fields in Key Configuration Files:

/etc/passwd File:

This file contains the necessary information for any user. The fields are:

  • Username
  • Password placeholder (where ‘x’ usually stands in)
  • UID (User ID)
  • GID (Group ID)
  • Comments (e.g., full name)
  • Home directory
  • Default shell

/etc/shadow File:

This file holds encrypted passwords along with some other information on a password such as:

  • Username
  • Encrypted password
  • Last password change
  • Password expiration details

To Delete a User:

To delete a user:

  userdel <username>

Example:

  userdel umar

Note: This will not delete the user’s home directory.

  • To delete a user and their home directory:
  userdel -r <username>

Example:

bash
userdel -r umar

Managing Users

Modifying a User:

Use usermod to change user details:

Change UID:

  usermod -u <uid> <username>

Change home directory:

  usermod -d <new_home_directory> <username>

Add comments:

  usermod -c "<comments>" <username>

Change default shell:

  usermod -s <shell_path> <username>

Adding Users to Groups:

To add a user to a group:

gpasswd -a <username> <groupname>

Disabling Users

Methods to Disable a User:

  1. Comment out the user’s entry in /etc/passwd.
  2. Modify the second field in /etc/passwd:
    • Remove the x (password placeholder).
    • Leave it blank.
    • Replace it with *.
  3. Set the shell to /sbin/nologin in /etc/passwd.
  4. Modify the /etc/shadow file.

Lock and Unlock a User:

Lock a user:

  passwd -l <username>

Example:

  passwd -l umar

Unlock a user:

  passwd -u <username>

Example:

  passwd -u umar

Disable All Users:

Create an empty /etc/nologin file:

touch /etc/nologin

This will prevent all users from logging in.

Forcing Password Changes

To force a user to change their password on the next login:
bash passwd -e <username>

Mastering user management in Linux is essential for system administration. By understanding how to create, modify, and manage users, you can ensure secure and efficient operations on your Linux systems.

Tags:

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *