how to manage linux user on rhel 7
TRANSCRIPT
How To Manage Linux User on RHEL 7
i | P a g e
Table of Contents
Overview ....................................................................................................................................................... 1
Applies To ...................................................................................................................................................... 1
User Management – Insight .......................................................................................................................... 1
User Type and Purpose ............................................................................................................................. 1
User ID and Group ID Range ..................................................................................................................... 1
User Login Shell ......................................................................................................................................... 2
User Add Options ...................................................................................................................................... 2
User Management – USERADD ..................................................................................................................... 3
Create User – No Options ......................................................................................................................... 3
Create User – Set User ID .......................................................................................................................... 3
Create User – Set Group ID ....................................................................................................................... 4
Create User – Set Home Directory ............................................................................................................ 4
Create User – Comment............................................................................................................................ 5
Create User – Login Shell .......................................................................................................................... 5
Create User – Duplicate User ID ............................................................................................................... 6
Create User – Account Expiry Date ........................................................................................................... 6
Create User – No Home Directory ............................................................................................................ 7
Create User – No Shell .............................................................................................................................. 7
User Management – USERMOD.................................................................................................................... 8
Modify User – User ID ............................................................................................................................... 8
Modify User – Primary Group ID ............................................................................................................... 8
Modify User – Append Groups ................................................................................................................. 9
Modify User – Move Home Directory ....................................................................................................... 9
Modify User – Comment ......................................................................................................................... 10
Modify User – Login Name...................................................................................................................... 10
Modify User – Login Shell ....................................................................................................................... 11
Modify User – Lock User ......................................................................................................................... 11
Modify User – Unlock User ..................................................................................................................... 12
User Management – USERDEL .................................................................................................................... 12
How To Manage Linux User on RHEL 7
ii | P a g e
Delete User – Username ......................................................................................................................... 12
Delete User – Home Directory ................................................................................................................ 13
Delete User – Force Removal .................................................................................................................. 13
How To Manage Linux User on RHEL 7
1 | P a g e
Overview
The purpose of this guide is to help us in creating, remove or modify a user account on Linux server. In
this guide we will focus on user add, removal and modifying.
Applies To
Tested on CentOS 7 and RHEL 7
User Management – Insight
In Linux users are managed by useradd, userdel and usermod commands.
There are 3 types of users namely, Super User Account, System User Account, Normal Account
User Type and Purpose
User Type is defined and determined by User ID assigned to the user. Ideally only one super user should
be created.
User User Type User ID Group ID Information
root Super 0 0 Also called root user
apache System 1 1 Apache webserver owner and service account
test.user Normal 500 500 Normal User Account
User ID and Group ID Range
User ID Range and Group ID Range is assigned is determined based on setting in the file “/etc/login.defs”.
User Type UID Range GID Range Information
Super 0 0 root user is always created with UID & GID 0
System 1 to 499 1 to 499 System account can be created within the range
Normal 500 to 60000 500 to 60000 Normal account can be created within the range
Note: Choosing the above UID & GID is advisable because of easier identification of user account type.
cat /etc/login.defs | grep -e 'UID\|GID'
How To Manage Linux User on RHEL 7
2 | P a g e
User Login Shell
User’s Login shell can be assigned to a user as per the list in the file “/etc/shells”. This list is also supported
shells on the servers.
User Add Options
In this section we will create user with few different options. In order to create a user you need provide
mandatory “username” and all other attributes are optional.
Option Purpose
-u User Account’s User ID (number)
-g User Account’s Group ID (number)
-d Create Home Directory in path
-c Comments for the user, typically User’s Full Name or profile
-s User’s Login shell
-o Create User with Existing user ID (duplicate)
Defaults are determined based on the setting in the file “/etc/default/useradd” or execute command
useradd -D.
How To Manage Linux User on RHEL 7
3 | P a g e
User Management – USERADD
In this section we will create users with different options, to create a user execute the command
“useradd” as per the business need pass the optional parameters.
Create User – No Options
To create user account, run the command; once you create the account, user’s login password has to be
set with the command “passwd” as shown below;
useradd test.user1
passwd test.user1
To know the User’s User ID run the command below;
cat /etc/passwd | grep | test.user1 | awk -F":" '{ print "User " $1,"UID is "$3}'
Create User – Set User ID
To create a user account with a specific User ID, run the command;
useradd -u 1500 test.user2
passwd test.user2
How To Manage Linux User on RHEL 7
4 | P a g e
Create User – Set Group ID
To create a user account and assign to a specific Group ID, run the command, this group should already
exists.
useradd -g 100 test.user3
passwd test.user3
Create User – Set Home Directory
To create a user account with a non-default home directory, run the command;
useradd -d /home/appln.user test.user4
passwd test.user4
How To Manage Linux User on RHEL 7
5 | P a g e
Create User – Comment
To create a user account with a comment, run the command;
useradd -c "Test User #5" test.user5
passwd test.user5
Create User – Login Shell
To create a user account with a non-default shell (bash), run the command;
useradd -s /bin/sh test.user6
passwd test.user6
How To Manage Linux User on RHEL 7
6 | P a g e
Create User – Duplicate User ID
To create a user account with non-unique user ID, run the command;
useradd -ou 1500 test.user7
passwd test.user7
Create User – Account Expiry Date
To create a user account with account expiry, run the command; Typically these accounts are created for
a temporary time period.
By default when you create a user without option “-e” user account is expiry date is set to “0”, which
means account never expires.
useradd -u 100 -e 2016-08-31 test.user8
passwd test.user8
chage -l test.user8
How To Manage Linux User on RHEL 7
7 | P a g e
Create User – No Home Directory
To create a user account without home directory, run the command;
useradd -g 100 -M test.user9
passwd test.user9
ls -l /home/test.user9
Create User – No Shell
To create a user account without shell (user is restricted to login), run the command;
useradd -g 100 -s /sbin/nologin test.user10
cat /etc/passwd | grep -E "test.user10| nologin"
How To Manage Linux User on RHEL 7
8 | P a g e
User Management – USERMOD
In this section we will modify user account with different options, to modify a user execute the command
“usermod” as per the business need pass the optional parameters.
Modify User – User ID
At times a user account might have been created with wrong user ID, hence to modify the user ID and
also you don’t want to have duplicate user ID, run the command;
usermod -u 1507 test.user1
Note: Existing User ID can’t be assigned to a user, a new User ID has to be assigned.
Modify User – Primary Group ID
If a user has been changed to a different project and you would like to change the group, run the
command;
usermod -g 1005 test.user2
Note: The existing primary group will be replaced.
How To Manage Linux User on RHEL 7
9 | P a g e
Modify User – Append Groups
If a user has been included to work on more than one project and user has to be appended to new groups.
To include user to additional groups, run the command;
usermod -aG 1003,1004 test.user3
Modify User – Move Home Directory
If you want to move home directory along with existing user files, run the command; give the new home
directory location for the user.
usermod -d /home/test.user4 -m test.user4
How To Manage Linux User on RHEL 7
10 | P a g e
Modify User – Comment
If you want to the change the comment of the exiting user, run the command;
usermod -c "Modified Comment" test.user5
cat /etc/passwd | grep -e "test.user5\|Modified Comment"
Modify User – Login Name
If the user account was created with an wrong username and you intend change the login name, run the
command;
Note: The user's home directory or mail spool should probably be renamed manually to reflect the new
login name, see move home directory command.
usermod -l test.user6 changed.login.user
How To Manage Linux User on RHEL 7
11 | P a g e
Modify User – Login Shell
If you want to change the user’s login shell, run the command;
usermod -s /bin/sh test.user7
Modify User – Lock User
In order to lock a user account, when a user account is locked in “/etc/shadow” file against the user’s
password is prefixed with “!” which signifies that the account is locked.
usermod -L test.user8
How To Manage Linux User on RHEL 7
12 | P a g e
Modify User – Unlock User
In order to unlock a user account, when a user account is locked in “/etc/shadow” file against the user’s
password is prefixed with “!” which signifies that the account is locked. To revoke / unlock it run the
command;
usermod -U test.user8
User Management – USERDEL
In this section we will delete user account with different options, to delete a user execute the command
“userdel” as per the business need pass the optional parameters.
Delete User – Username
To delete a user and retain user’s files (home directory), run the command;
Note: If the user’s group is also primary group of any other user account, other user account will not be
deleted.
userdel test.user1
How To Manage Linux User on RHEL 7
13 | P a g e
Delete User – Home Directory
To delete a user and also user’s files (home directory), run the command;
userdel -r test.user2
Delete User – Force Removal
To delete a user by force, run the command;
userdel -f test.user4
Caution: Be careful when you remove user with force option, if there any processes running with this
account also will be ignored and user would be removed.
To delete a user by force along with user files also, run
userdel -rf test.user4