User administration is one of the important task of Linux system administrator. Local accounts or users in Linux like operating system is managed by useradd, usermod, userdel, chage and passwd commands.
- useradd command is used to create new accounts in Linux
- usermod command used to modify the existing accounts in linux
- userdel command is used to delete local account in linux
- passwd command used assign password to local accounts or users.
- chage comamnd is used to view & modify users password expiry information
Syntax of ‘useradd’ command
# useradd <options> <username_or_login>
Options used in useradd command :
Syntax of usermod command :
# usermod <options> <username_or_login>
Options used in usermod command.
Syntax of userdel command:
# userdel <options> <username_or_login>
Options used in userdel command :
Syntax of chage :
# chage <options> <username_or_login>
Options used in chage command :
Syntax of passwd Command :
# passwd <username_or_login>
For more details on passwd command please refer ‘10 passwd command examples in Linux‘
In this article we will discuss different examples of user administration on CentOS & RHEL system.
Example 1) Create a local account & assign password
User the below useradd and passwd command to create and assign password to a user.
# useradd <username> ; echo -e "<newpassword>\n<newpassword>" | passwd username
Let’s create a username ‘harry’ and assign password.
# useradd harry ; echo -e "[email protected]#\[email protected]#" | passwd harry Changing password for user harry. New password: Retype new password: #
Note : When a user is created in Linux followings are updated:
- A home directory is created under ‘/home/<username>’
- User info is updated in ‘/etc/passwd’ file
- Group Information is stored in ‘/etc/group’
- password info is updated in ‘/etc/shadow’ file.
- File for user’s email is created under ‘/var/spool/mail/<username>’
Example 2) Create a user with customize settings
Let’s assume we want to create a user with following options :
UID = 2000
GID = 5000
Comments = ‘Admin Account of SAP’
Home Directory = /opt/sap
Shell = /bin/ksh
Username = john
password = xxxxxx
Run below command,
# useradd -u 2000 -g 5000 -c "Admin Account of SAP" -d /opt/sap -s /bin/ksh john # echo -e "[email protected]#\[email protected]#" | passwd john Changing password for user john. New password: Retype new password: passwd: all authentication tokens\ updated successfully. #
Verify the above settings from /etc/passwd file.
# grep john /etc/passwd john:x:2000:5000:Admin Account of SAP:/opt/sap:/bin/ksh #
Example 3) Modify or Update the Existing User
usermod command is used to modify the existing local users or accounts in Linux.
Let’s make the existing user “harry” part of Secondary group “sap” and change its home directory from ‘/home/harry’ to ‘/opt/sap’ and login shell from ‘/bin/bash’ to ‘/bin/sh’
[[email protected] ~]# usermod -G sap -d /opt/sap -s /bin/sh harry [[email protected] ~]# [[email protected] ~]# grep harry /etc/passwd harry:x:1000:1000::/opt/sap:/bin/sh [[email protected] ~]#
Example 4) Create a user and force to change the password at first login
Let’s create a user ‘mark’ with secondary group ‘sap’, home directory as ‘/opt/sap’ and force him to change his password at the first login.
We can force users to change its password at first login by using command ‘chage -d 0 <username>‘.
# useradd -c "sap user" -G sap -d /opt/data mark # echo -e "[email protected]#\[email protected]#" | passwd mark ; chage -d 0 mark Changing password for user mark. New password: Retype new password: passwd: all authentication tokens \ updated successfully. #
Now try to login as mark and see whether user is getting a prompt to change password or not.
Note : Use ‘chage -l <username>‘ command to view the user’s password expiry info.
Example 5) Delete a User along with its home directory
userdel command is used to delete local accounts or users in Linux. Let’s delete a user linuxtechi along with his home directory. Run below userdel command along with option ‘-r’
# userdel -r linuxtechi # grep linuxtechi /etc/passwd #