Managing user accounts 

Linux User Management

User management includes everything from creating a user to deleting a user on your system. User management can
be done in three ways on a Linux system.

Graphical tools are easy and suitable for new users, as it makes sure you'll not run into any trouble.

Command line tools includes commands like useradd, userdel, passwd, etc. These are mostly used by the server
administrators.

Third and very rare tool is to edit the local configuration files directly using v

1. /etc/passwd  

The local user database in Linux is /etc/passwd directory.

Look at the above snapshot, it has seven columns separated by a colon. Starting from the left columns denotes
username, an x, user id, primary group id, a description, name of home directory and a login shell.

root
The root user is the superuser and have all the powers for creating a user, deleting a user and can even login with the
other user's account. The root user always has userid 0.
 useradd
With useradd commands you can add a user.

Syntax:

1. useradd -m -d /home/<userName> -c "<userName>" <userName>  

Example:

1. useradd -m -d /home/xyz -c "xyz" xyz  

Look at the above snapshot, we have created a user xyz along with creating a home directory (-m), setting the name
of home directory (-d), and a description (-c).

The 'xyz' received userid as 1004 and primary group id as 1004.

/etc/default/useradd
File /etc/default/useradd contains some user default options. The command useradd -D can be used to display this
file.

Syntax:
1. useradd -D  

userdel
To delete a user account userdel command is used.

Syntax:

1. userdel -r <userName>  

Example:

1. userdel -r xyz  
 Look at the above snapshot, first we have shown the xyz user account with 'tail' command. To delete it,
command "userdel -r xyz" is passed.

To recheck, again 'tail' command is passed and as you can see no xyz user account is displayed.

Hence, it is deleted.

usermod
The command usermod is used to modify the properties of an existing user.

Syntax:

1. usermod -c <'newName'> <oldName>  

Example:

1. usermod -c 'jhonny' john  

Look at the above snapshot, user name john is replaced by the new user name jhonny

/etc/skel/
The /etc/skel/ contains some hidden files which have profile settings and default values for applications. Hence, it
serves as a default home directory and user profile. While using useradd -m option, the /etc/skel/ is copied to the
newly created directory.
 Look at the above snapshot, files of /etc/skel/ is listed.

Deleting Home Directories

By using userdel -r option, you can delete home directory along with user account.

Syntax:

1. userdel -r <userName>  

Example:

1. userdel -r john  

Look at the above snapshot, both home directory as well as user account john is deleted.
 Login Shell
The /etc/passwd file also tells about the login shell for the user.

Look at the above snapshot, user guest will log in with /bin/bash shell and user jtp will log in with /bin/ksh shell.

You can change the shell mode with usermod command for a user.

Syntax:

1. usermod -s <newShell> <userName>  

Example:

1. usermod -s /bin/bash jtp  

Look at the above snapshot, shell of jtp is changed to /bin/bash from /bin/ksh.

chsh
Users can change their login shell with chsh command.

Both the command chsh and chsh -s will work to change the shell.

 Syntax:

1. chsh  

Look at the above snapshot, command chsh has changed the sssit login shell from /bin/sh to /bin/bash.

Syntax:

1. chsh -s <newShell>  

Example:

1. chsh -s /bin/sh  

Look at the above snapshot, login shell is changed into /bin/s.

 shutdown
The shutdown command brings down system in a secure way. All the logged-in users are notified about the system
shutdown.

Signal SIGTERM notifies all the processes that the system is going down, so that processes can be saved and exit
properly.

Command shutdown signals the init process to change the runlevel.

Runlevel 0 halts the system

Runlevel 6 reboots the system

Runlevel 1 is default state.

Five minutes before shutdown sequence starts, file /etc/nologin is created when shutdown is scheduled for future
which does not allow new user logins.

If by any reason, command shutdown is stopped before signalling init, this file is removed. It is also removed to
change runlevel before signalling init.

To run shutdown command root user access is required.

Shutting down system

You can shutdown a system by passing a definite time (in minutes). System will automatically shutdown after specified
minute giving a message and time to save all work.

Syntax:

1. shutdown <time>  

Example:

shutdown 3
 Look at the above snapshot, message is displayed on the terminal.

To immediately shutdown the system, use now option,

Syntax:

1. shutdown now  

System will shutdown immediately.

Rebooting the system

With option r, system will shutdown immediately and automatically reboot.

Syntax:

1. shutdown -r <time>  

Example:

shutdown -r 3
 Look at the above snapshot, system will automatically reboot as shown in the message.

Power-off or halt-off the system

Option h decide whether the system will power-off or halt-off after shutting down.

Syntax:

1. shutdown -h <time>  

Example:

shutdown -h 3

Look at the above snapshot, system decided to halt-off.

power-off the system

To power-off the system option P is used. You don't have to manually power-off your system, this option will
automatically power-off your system.
 Syntax:

1. shutdown -P <time>  

Example:

shutdown -P 3

Printing a message during shutdown

Admin can convey a message to all the logged in users stating reason for sudden shutdown.

Syntax:

1. shutdown <time> <"message">  

Example:

shutdown 3 "message"
 Look at the above snapshot, admin message is displayed in the last line of output.

Halt-off the system

Option H is used to halt-off the system after system is brought down.

Syntax:

1. shutdown -H <time>  

Example:

shutdown -H 3

Cancel shutdown
If due to any reason you want to cancel the shutdown command within the specified time, c option can be used.

Syntax:
1. shutdown -c  

Sending warnings and disabling logins

Option k will not halt or power-off the system, but just sends the warning and disable all the logins.

System will not actually shutdown.

Syntax:

1. shutdown -k <time>  

Example:

shutdown -k 3

Look at the above snapshot, system only sends a warning and does not actually shut down.

Unix / Linux - User Administration

There are three types of accounts on a Unix system −

Root account
This is also called superuser and would have complete and unfettered control of the system. A superuser can run
any commands without any restriction. This user should be assumed as a system administrator.
System accounts
System accounts are those needed for the operation of system-specific components for example mail accounts and
the sshd accounts. These accounts are usually needed for some specific function on your system, and any
modifications to them could adversely affect the system.

User accounts
User accounts provide interactive access to the system for users and groups of users. General users are typically
assigned to these accounts and usually have limited access to critical system files and directories.
Unix supports a concept of Group Account which logically groups a number of accounts. Every account would be a
part of another group account. A Unix group plays important role in handling file permissions and process
management.

Managing Users and Groups

There are four main user administration files −

 /etc/passwd − Keeps the user account and password information. This file holds the majority of information
about accounts on the Unix system.
 /etc/shadow − Holds the encrypted password of the corresponding account. Not all the systems support this
file.
 /etc/group − This file contains the group information for each account.
 /etc/gshadow − This file contains secure group account information.
Check all the above files using the cat command.
The following table lists out commands that are available on majority of Unix systems to create and manage accounts
and groups −

Sr.No. Command & Description

1
useradd
Adds accounts to the system

2
usermod
Modifies account attributes

3
userdel
Deletes accounts from the system

4
groupadd
Adds groups to the system

5
groupmod
Modifies group attributes

6
groupdel
 Removes groups from the system

You can use Manpage Help to check complete syntax for each command mentioned here.

Create a Group

We will now understand how to create a group. For this, we need to create groups before creating any account
otherwise, we can make use of the existing groups in our system. We have all the groups listed in /etc/groups file.
All the default groups are system account specific groups and it is not recommended to use them for ordinary
accounts. So, following is the syntax to create a new group account −
groupadd [-g gid [-o]] [-r] [-f] groupname

The following table lists out the parameters −

Sr.No. Option & Description

1
-g GID
The numerical value of the group's ID

2
-o
This option permits to add group with non-unique GID

3
-r
This flag instructs groupadd to add a system account

4
-f
This option causes to just exit with success status, if the specified group already
exists. With -g, if the specified GID already exists, other (unique) GID is chosen

5
groupname
Actual group name to be created

If you do not specify any parameter, then the system makes use of the default values.
Following example creates a developers group with default values, which is very much acceptable for most of the
administrators.
$ groupadd developers

Modify a Group

To modify a group, use the groupmod syntax −

$ groupmod -n new_modified_group_name old_group_name

To change the developers_2 group name to developer, type −

$ groupmod -n developer developer_2
Here is how you will change the financial GID to 545 −
$ groupmod -g 545 developer

Delete a Group

We will now understand how to delete a group. To delete an existing group, all you need is the groupdel
command and the group name. To delete the financial group, the command is −
$ groupdel developer

This removes only the group, not the files associated with that group. The files are still accessible by their owners.

Create an Account

Let us see how to create a new account on your Unix system. Following is the syntax to create a user's account −
useradd -d homedir -g groupname -m -s shell -u userid accountname

The following table lists out the parameters −

Sr.No. Option & Description

1
-d homedir
Specifies home directory for the account

2
-g groupname
Specifies a group account for this account

3
-m
Creates the home directory if it doesn't exist

4
-s shell
Specifies the default shell for this account

5
-u userid
You can specify a user id for this account

6
accountname
Actual account name to be created

If you do not specify any parameter, then the system makes use of the default values. The useradd command
modifies the /etc/passwd, /etc/shadow, and /etc/group files and creates a home directory.
Following is the example that creates an account mcmohd, setting its home directory to /home/mcmohd and the
group as developers. This user would have Korn Shell assigned to it.
$ useradd -d /home/mcmohd -g developers -s /bin/ksh mcmohd

Before issuing the above command, make sure you already have the developers group created using
the groupadd command.
Once an account is created you can set its password using the passwd command as follows −
$ passwd mcmohd20
Changing password for user mcmohd20.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

When you type passwd accountname, it gives you an option to change the password, provided you are a
superuser. Otherwise, you can change just your password using the same command but without specifying your
account name.

Modify an Account

The usermod command enables you to make changes to an existing account from the command line. It uses the
same arguments as the useradd command, plus the -l argument, which allows you to change the account name.
For example, to change the account name mcmohd to mcmohd20 and to change home directory accordingly, you
will need to issue the following command −
$ usermod -d /home/mcmohd20 -m -l mcmohd mcmohd20

Delete an Account

The userdel command can be used to delete an existing user. This is a very dangerous command if not used with
caution.
There is only one argument or option available for the command .r, for removing the account's home directory and
mail file.
For example, to remove account mcmohd20, issue the following command −
$ userdel -r mcmohd20

If you want to keep the home directory for backup purposes, omit the -r option. You can remove the home directory
as needed at a later time.

Backup Commands in Linux & Unix with

Usage and Examples
Unix and Linux backup and restore can be done using backup commands tar, cpio ufsdump, dump and restore.

Though these commands may be sufficient for small setups in order to take a enterprise backup you have to go in for

some custom backup and restore solutions like Symatic netbackup, EMC networker or Amanda.

Any backup solution using these commands depends on the type of backup you are taking as these backup

commands offers different capabilities.

In this article learn about :

1. backup command tar – How to use tar for backing up unix and linux files

2. backup command cpio – How to use cpio for backing up unix and linux files

3. backup commands ufsdump and restore – For Solaris filesystem

4. backup commands dump and restore – For taking Linux file system backup.

1. Backup Restore using tar command

tar features:

1. tar ( tape  archive ) is used for single or multiple files backup and restore on/from  a tape or file.

2. tar can not backup special character & block device files , shows as 0 byte files with first letter of permissions as b

or c for block or character.

3. tar Works only on mounted file system, it can not access the files on unmounted file system.

Backing up all files in a directory including subdirectories to

a  tape device (/dev/rmt/0) or a file.
Example 1 :

$tar    cvf    /dev/rmt/0   *

In the command above Options are  c -> create ; v -> Verbose ; f->file or archive device   ; * -> all files and directories

. Together the commands means create a tar file on /dev/rmt/0 from all file and directories s in the current directory.

Example 2:

$tar cvf /home/backup *

Create a tar  called backup in home directory , from all file and directories s in the current directory.

Viewing a tar backup on a tape or file

t option is used to see the table of content in a tar file.

$tar    tvf    /dev/rmt/0  ## view files  backed up on a tape device.

$tar tvf  /home/backup  ## view files  backed up inside the  backup

In the command above Options are  c -> create ; v -> Verbose ; f->file or archive device   ; * -> all files and directories

. Together the commands means create a tar file on /dev/rmt/0 from all file and directories s in the current directory.

Extracting tar backup from the tape

x option is used to extract the files from tar file.

$tar xvf /dev/rmt/0       ##extract /  restore files in to current directory.

$tar xvf /home/backup ## extract / restore files in to current directory.

Note : Restoration will go to present directory or original backup path depending on

relative or absolute path names used for backup.

Some of useful tar options. 

Extract & keep the  file permissions (default for superuser)

-p, –preserve-permissions

Filter the archive through gzip

-z, –gzip

Filter the archive through bzip2

-j, –bzip2

Only append files newer than copy in archive

-u, –update

Append files to the end of an archive

-r, –append

Delete from the archive (not on mag tapes!)

–delete
Find differences between archive and file system

-d, –diff, –compare

Test the archive volume label and exit

–test-label

Change to directory DIR

-C, –directory=DIR

Sometimes tar file or tar ball becomes big and it can compressed to copy or store with less space.

Compressing file/s

compress -v file_name

gzip filename

To uncompress a file

uncompress file_name.Z

or

gunzip filename

2. Backup restore using cpio command

cpio features

1. Used for single or multiple files backup .

2. Can backup special character & block device files .

3. Works only on mounted file system.

4. Need a list of files to be backed up .

5. Preserve hard links and time stamps of the files .

Using cpio command to backup all the files in current directory to tape.

find . -depth -print | cpio -ovcB > /dev/rmt/0

cpio expects a list of files and find command provides the list, cpio has to put these file on some destination and a >

sign redirect these files to tape. This can be a file as well .

Viewing cpio files on a tape

cpio -ivtB < /dev/rmt/0    ## Options i -> input ; v->verbose; t-table of content; B-> set I/O block size to 5120 bytes

Restoring a cpio backup

cpio -ivcB < /dev/rmt/0   ## Options i -> input ; v->verbose; t-table of content; B-> set I/O block size to 5120 bytes

Compress/uncompress files :

You may have to compress the files before or after the backup .

click for full options and details of GNU cpio 

3. Backup and Restore linux file system

ext2 ext3 ext4 backup and restore can be easily done with a dump utility which allows you to take full and incremental

file system backup. Backup can be taken on a tape , file or a remote system and restore full or selective files

Dump is available at sourceforge.net http://dump.sourceforge.net/

Here are complete steps to get started with complete linux file system backup and restore

1. Install dump package

Dump package contains dump and restore utilities and it also installs tape device package rmt.

[root@localhost ~]# yum install dump

Installed:

dump.x86_64 1:0.4-0.24.b44.fc20

Dependency Installed:

rmt.x86_64 2:1.5.2-9.fc20

Complete!

[root@localhost ~]#
2. Full file system backup

After installation , dump can be used to take a file system backup

In this example we will take full backup /dev/sda9 backup

Numerical argument as 0 is full backup and susquent number represant the incrementatl backup corresponding to full

back.

Syntax is : dump – < level number > -f < source filesystem device >

-u Update the file /etc/dumpdates

[root@localhost ~]# /sbin/dump -0u -f /dev/st0 /dev/sda9

DUMP: Date of this level 0 dump: Wed Feb 8 22:10:13 2017

DUMP: Dumping /dev/sda9 (/boot) to /dev/st0

DUMP: Writing 10 Kilobyte records

DUMP: mapping (Pass I) [regular files]

DUMP: Volume 1 started with block 1 at: Wed Feb 8 22:10:13 2017

DUMP: dumping (Pass III) [directories]

DUMP: 122150 blocks (119.29MB) on 1 volume(s)

DUMP: Average transfer rate: 61075 kB/s

DUMP: DUMP IS DONE

[root@localhost ~]#

3. Incremental backup

Numerical argument as 2 is Incremental backup and subsequent number represent the incremental backup

corresponding to full back.

-u updates the /etc/dumpdates files

[root@localhost ~]# /sbin/dump -2u -f /dev/st0 /dev/sda9

DUMP: Date of this level 2 dump: Wed Feb 8 22:14:13 2017

DUMP: Date of last level 1 dump: Wed Feb 8 22:13:06 2017

DUMP: Dumping /dev/sda9 (/boot) to /dev/st0

DUMP: Date of this level 2 dump: Wed Feb 8 22:14:13 2017

DUMP: DUMP IS DONE

4. Backup history

[root@localhost ~]# cat /etc/dumpdates

/dev/sda9 0 Wed Feb 8 22:10:13 2017 -0800

/dev/sda9 1 Wed Feb 8 22:13:06 2017 -0800

/dev/sda9 2 Wed Feb 8 22:14:13 2017 -0800

/dev/sda9 3 Wed Feb 8 22:15:27 2017 -0800

/dev/sda9 4 Wed Feb 8 22:15:43 2017 -0800

/dev/sda9 5 Wed Feb 8 22:15:34 2017 -0800

5. Important Files related to backup

/dev/st0

default tape unit to dump to

/etc/dumpdates

dump date records

/etc/fstab

dump table: file systems

/etc/mtab

dump table: mounted file systems

/etc/group

to find group operator

6. Exit Status

Dump exits with zero status on success. Startup errors are indicated with an exit code of 1; abnormal termination is

indicated with an exit code of 3.

4. Solaris File System Backup using ufsdump

ufsdump features

1. Used for complete file system backup .

2. It copies everything from regular files in a file system to special character and block device files.

2. It can work on mounted or unmounted file systems.

Identifying the tape device in Solaris

dmesg | grep st

Checking the status of the tape drive

mt -f /dev/rmt/0 status

Backup restore and disk copy with ufsdump :

Backup file system using ufsdump

ufsdump 0cvf /dev/rmt/0 /dev/rdsk/c0t0d0s0

or

ufsdump 0cvf /dev/rmt/0 /usr

To restore a dump with ufsrestore

ufsrestore rvf /dev/rmt/0

ufsrestore in interactive mode allowing selection of individual files and

directories using add , ls , cd , pwd and extract commands .

ufsrestore -i /dev/rmt/0

Making a copy of a disk slice using ufsdump

ufsdump 0f – /dev/rdsk/c0t0d0s7 |(cd /mnt/backup ;ufsrestore xf -)