Create Delete And Modify Local User Accounts

General Information

Expect to create some local user accounts and add them to groups on the exam.

User IDs

• 0 = root
• 1-200 = Red Hat assigned system users
• 201-999 = Other system users
• 1000+ = Regular users

User files

• /etc/passwd - user account details
• /etc/shadow - user account's hashed password and password age/expiry details

Useradd default settings:

• /etc/default/useradd

Login default settings

• /etc/login.defs

Add user with default settings

useradd rjones

• Users belong to 1 primary group.
• Users may belong to many other supplementary groups.

Adding a user with a specific UID

useradd -u 5000 rjones

• Creates a user “rjones” with a UID of “5000”

User comment, usually for a full name (also known as the GECOS field)

usermod -c "Robert Jones" rjones

Lock user account password (user cannot login with password)

usermod -L rjones

• Note: This only locks the password from being used. It will not stop passwordless authentication such as public/private keys.
• Use “usermod -e 1 rjones” to immediately disable the account. (-e = expire date; the date the account will be disabled)

Unlock user account

usermod -U rjones

Stop user from logging into a shell

usermod -s /sbin/nologin rjones

Delete user account

userdel rjones

• user cannot be logged in
• -r ⇒ remove user's home directory and all files in it