Lecture 10 - User Administration
Lecture 10 - User Administration
Root account
This is also called superuser and would have complete and unfettered
control of the system. A superuser can run any commands without any
restriction. This user should be assumed as a system administrator.
System accounts
System accounts are those needed for the operation of system-specific
components for example mail accounts and the sshd accounts. These
accounts are usually needed for some specific function on your system, and
any modifications to them could adversely affect the system.
User accounts
User accounts provide interactive access to the system for users and groups
of users. General users are typically assigned to these accounts and usually
have limited access to critical system files and directories.
/etc/passwd − Keeps the user account and password information. This file
holds the majority of information about accounts on the Unix system.
/etc/shadow − Holds the encrypted password of the corresponding account.
Not all the systems support this file.
/etc/group − This file contains the group information for each account.
/etc/gshadow − This file contains secure group account information.
1 Useradd
2 Usermod
3 Userdel
4 Groupadd
5 groupmod
6 groupdel
You can use Manpage Help to check complete syntax for each command
mentioned here.
Create a Group
We will now understand how to create a group. For this, we need to create
groups before creating any account otherwise, we can make use of the
existing groups in our system. We have all the groups listed
in /etc/groups file.
All the default groups are system account specific groups and it is not
recommended to use them for ordinary accounts. So, following is the
syntax to create a new group account −
groupadd [-g gid [-o]] [-r] [-f] groupname
1 -g GID
2 -o
3 -r
4 -f
This option causes to just exit with success status, if the specified group
already exists. With -g, if the specified GID already exists, other
(unique) GID is chosen
5 groupname
If you do not specify any parameter, then the system makes use of the
default values.
Delete a Group
We will now understand how to delete a group. To delete an existing group,
all you need is the groupdel command and the group name. To delete
the financial group, the command is −
$ groupdel developer
This removes only the group, not the files associated with that group. The
files are still accessible by their owners.
Create an Account
Let us see how to create a new account on your Unix system. Following is
the syntax to create a user's account −
useradd -d homedir -g groupname -m -s shell -u userid accountname
1 -d homedir
2 -g groupname
3 -m
Creates the home directory if it doesn't exist
4 -s shell
5
-u userid
6 accountname
If you do not specify any parameter, then the system makes use of the
default values. The useradd command modifies
the /etc/passwd, /etc/shadow, and /etc/group files and creates a
home directory.
Before issuing the above command, make sure you already have
the developers group created using the groupadd command.
Delete an Account
The userdel command can be used to delete an existing user. This is a
very dangerous command if not used with caution.
There is only one argument or option available for the command .r, for
removing the account's home directory and mail file.
If you want to keep the home directory for backup purposes, omit the -
roption. You can remove the home directory as needed at a later time.