Create Delete And Modify Local User Accounts
General Information
Expect to create some local user accounts and add them to groups on the exam.
User IDs and Files
User IDs
- 0 = root
- 1-200 = Red Hat assigned system users
- 201-999 = Other system users
- 1000+ = Regular users
User files
- /etc/passwd - user account details
- /etc/shadow - user account's hashed password and password age/expiry details
Useradd default settings:
- /etc/default/useradd
Login default settings
- /etc/login.defs
Adding Users
Add user with default settings
useradd rjones
- Users belong to 1 primary group.
- Users may belong to many other supplementary groups.
Adding a user with a specific UID
useradd -u 5000 rjones
- Creates a user “rjones” with a UID of “5000”
Modifying Users
User comment, usually for a full name (also known as the GECOS field)
usermod -c "Robert Jones" rjones
Lock user account password (user cannot login with password)
usermod -L rjones
- Note: This only locks the password from being used. It will not stop passwordless authentication such as public/private keys.
- Use “usermod -e 1 rjones” to immediately disable the account. (-e = expire date; the date the account will be disabled)
Unlock user account
usermod -U rjones
Stop user from logging into a shell
usermod -s /sbin/nologin rjones
Delete user account
userdel rjones
- user cannot be logged in
- -r ⇒ remove user's home directory and all files in it