This is an old revision of the document!
Create Delete And Modify Local User Accounts
General Information
Expect to create some local user accounts and add them to groups on the exam.
User IDs and Files
User IDs
- 0 = root
- 1-200 = Red Hat assigned system users
- 201-999 = Other system users
- 1000+ = Regular users
User files
- /etc/passwd - user account details
- /etc/shadow - user account's hashed password and password age/expiry details
Useradd default settings:
- /etc/default/useradd
Login default settings
- /etc/login.defs
Adding Users
Add user with default settings
useradd rjones
- Users belong to 1 primary group.
- Users may belong to many other supplementary groups.
Adding a user with a specific UID
useradd -u 5000 rjones
- Creates a user “rjones” with a UID of “5000”
Modifying Users
User comment, usually for a full name (also known as the GECOS field)
usermod -c "Robert Jones" rjones
Lock user account (user cannot login)
usermod -L rjones
- Note: This only locks the password from being used. It will not stop passwordless authentication such as public/private keys.
- Use “usermod -e 1 rjones” to immediately disable the account. (-e = expire date; the date the account will be disabled)
Unlock user account
usermod -U rjones
Stop user from logging into a shell
usermod -s /sbin/nologin rjones
Delete user account
userdel rjones
- user cannot be logged in
- -r ⇒ remove user's home directory and all files in it