How to create user administration on Unix/linux

We will discuss in detail about how to create user administration in Unix/linux.There are three types of accounts on a Unix system โˆ’

Root account

This is also called superuser and would have complete and unfettered control of the system. A superuser can run any commands without any restriction. This user should be assumed as a system administrator.

System accounts

System accounts are those needed for the operation of system-specific components for example mail accounts and the sshd accounts. These accounts are usually needed for some specific function on your system, and any modifications to them could adversely affect the system.

User accounts

User accounts provide interactive access to the system for users and groups of users. General users are typically assigned to these accounts and usually have limited access to critical system files and directories.

Unix supports a concept of Group Account which logically groups a number of accounts. Every account would be a part of another group account. A Unix group plays important role in handling file permissions and process management.

Managing Users and Groups

There are four main user administration files โˆ’

  • /etc/passwd โˆ’ Keeps the user account and password information. This file holds the majority of information about accounts on the Unix system.
  • /etc/shadow โˆ’ Holds the encrypted password of the corresponding account. Not all the systems support this file.
  • /etc/group โˆ’ This file contains the group information for each account.
  • /etc/gshadow โˆ’ This file contains secure group account information.

Check all the above files using the cat command.

The following table lists out commands that are available on majority of Unix systems to create and manage accounts and groups โˆ’

Sr.No.Command & Description
1useraddAdds accounts to the system
2usermodModifies account attributes
3userdelDeletes accounts from the system
4groupaddAdds groups to the system
5groupmodModifies group attributes
6groupdelRemoves groups from the system

Create a Group

We will now understand how to create a group. For this, we need to create groups before creating any account otherwise, we can make use of the existing groups in our system. We have all the groups listed in /etc/groups file.

All the default groups are system account specific groups and it is not recommended to use them for ordinary accounts. So, following is the syntax to create a new group account โˆ’

 groupadd [-g gid [-o]] [-r] [-f] groupname

The following table lists out the parameters โˆ’

Sr.No.Option & Description
1-g GIDThe numerical value of the group’s ID
2-oThis option permits to add group with non-unique GID
3-rThis flag instructs groupadd to add a system account
4-fThis option causes to just exit with success status, if the specified group already exists. With -g, if the specified GID already exists, other (unique) GID is chosen
5groupnameActual group name to be created

If you do not specify any parameter, then the system makes use of the default values.

Following example creates a developers group with default values, which is very much acceptable for most of the administrators.

$ groupadd developers

Modify a Group

To modify a group, use the groupmod syntax โˆ’

$ groupmod -n new_modified_group_name old_group_name

To change the developers_2 group name to developer, type โˆ’

$ groupmod -n developer developer_2

Here is how you will change the financial GID to 545 โˆ’

$ groupmod -g 545 developer

Delete a Group

We will now understand how to delete a group. To delete an existing group, all you need is the groupdel command and the group name. To delete the financial group, the command is โˆ’

$ groupdel developer

This removes only the group, not the files associated with that group. The files are still accessible by their owners.

Create an Account of administration

Let us see how to create user administration in Unix/linux system. Following is the syntax to create a user’s account โˆ’

useradd -d homedir -g groupname -m -s shell -u userid accountname

The following table lists out the parameters โˆ’

Sr.No.Option & Description
1-d homedirSpecifies home directory for the account
2-g groupnameSpecifies a group account for this account
3-mCreates the home directory if it doesn’t exist
4-s shellSpecifies the default shell for this account
5-u useridYou can specify a user id for this account
6accountnameActual account name to be created

If you do not specify any parameter, then the system makes use of the default values. The useradd command modifies the /etc/passwd/etc/shadow, and /etc/group files and creates a home directory.

Following is the example that creates an account mcmohd, setting its home directory to /home/mcmohd and the group as developers. This user would have Korn Shell assigned to it.

$ useradd -d /home/mcmohd -g developers -s /bin/ksh mcmohd

Before issuing the above command, make sure you already have the developers group created using the groupadd command.

Once an account is created you can set its password using the passwd command as follows โˆ’

$ passwd mcmohd20
Changing password for user mcmohd20.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.

When you type passwd accountname, it gives you an option to change the password, provided you are a superuser. Otherwise, you can change just your password using the same command but without specifying your account name.

Modify an Account

The usermod command enables you to make changes to an existing account from the command line. It uses the same arguments as the useradd command, plus the -l argument, which allows you to change the account name.

For example, to change the account name mcmohd to mcmohd20 and to change home directory accordingly, you will need to issue the following command โˆ’

$ usermod -d /home/mcmohd20 -m -l mcmohd mcmohd20

Delete an Account

The userdel command can be used to delete an existing user. This is a very dangerous command if not used with caution.

There is only one argument or option available for the command .r, for removing the account’s home directory and mail file.

For example, to remove account mcmohd20, issue the following command โˆ’

$ userdel -r mcmohd20

If you want to keep the home directory for backup purposes, omit the -r option. You can remove the home directory as needed at a later time.

In this guide we learnt about how to create user administration in Unix/linux.To know more Click Here.

This Post Has One Comment

Leave a Reply