User Management Command in Linux with Examples

To set the password for the newly created username

Syntax

passwd < username>

Example

[root@linuxhelp ~]# passwd user1 
Changing password for user user1.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

To change the password

To change the old password of the user that is already created use the following User management command.

Syntax

passwd
The same in root will prompt you to change the root password. The other user' s password can also be changed from the root.

passwd < username>
It will change the specific user' s password and it won’ t ask the old password, since it’ s a root.

Example

[user1@linuxhelp ~]$ passwd 
Changing password for user user1.
Changing password for user1.
(current) UNIX password:
New password:
Retype new password:
passwd: all authentication tokens updated successfully.

To delete a user account

To delete an user account, use the following User management command.

Syntax
userdel -r [username]

Example

[root@linuxhelp ~]# userdel -r user1 

Here, -r option is used to delete user along with the user’ s home directory and mail spool.

/etc/passwd File
The full user account information is stored in /etc/passwd file.The entries in the /etc/passwd file has seven fields.
Syntax:
[username]:[x]:[UID]:[GID]:[Comment]:[Home directory]:[Default shell]

Example

user1:x:500:500::/home/user1:/bin/bash

The 1st field indicates the user name

The 2nd field indicates the link to the /etc/shadow file

The 3rd and 4th field specifies the user id and group id of the user.

The 5th field is the comment about user’ s home directory

The 6th field indicates the path of the user’ s home directory

The 7th field indicates the user’ s parent shell

/etc/shadow file:

user1:$6$n6muZW6t$aBhb40LDQhcjzpMM308ELvJkFE0ZpYZkO2w7oLofEu6YIa.O9lzmxxBkltF1Lm8TYdk5zNn6symdmTkdnUbEu0:16856:0:99999:7:::

The 1st field indicates the user name
The 2nd field denotes the encrypted password of the user account
The 3rd field indicates last password change i.e., the date at which the user changed the password last time
The 4th field denotes the minimum number of days after which a user can change his password
The 5th field contains the password validity information if the password expires for a user then the user needs to change his password
The 6th field indicates the warning before the password expiration, the number of days for the warning alert before expiration is mentioned in this field
The 7th field denotes the number of days, if the user doesn’ t change the password after the expiration within the mentioned days, the account will be disabled
The 8th field indicates the expiry date of a user account

Group-management

There are two types of groups in Linux, they are
1. Primary group
2. Secondary or Supplementary group

Primary group

To add a user to a Primary group, use the following user mod command as root,

Syntax

usermod -g [groupname] [username]

Example

[root@linuxhelp ~]# usermod -g group1 user1 
Before adding the user to group
[root@linuxhelp ~]# id user1 
uid=500(user1) gid=500(user1) groups=500(user1)
After adding the user to group
[root@linuxhelp ~]# id user1  
uid=500(user1) gid=502(group1) groups=502(group1)

Here, If a user is added to a primary group,then the user gets the group id of the group to which it is added.

Secondary Group

A user can be added to a secondary group using the following command.

Syntax

usermod -G [groupname] [username]

Example

[root@linuxhelp ~]# usermod -g group2 user2 
Before adding user to group
[root@linuxhelp ~]# id user2 
uid=501(user2) gid=501(user2) groups=501(user2)
After adding user to group
[root@linuxhelp ~]# id user2 
uid=501(user2) gid=501(user2) groups=501(user2),503(group2)

If the user is added to a secondary group,the user is added to the new group along with default group.

Adding a group

To add a group, run the following User management command

Syntax

groupadd [groupname]

Example

[root@linuxhelp ~]# groupadd group1 

Deleting a group

To delete a group, use the following User management command

Syntax

groupdel [groupname]

Example

[root@linuxhelp ~]# groupdel group2 
/etc./group File:

Syntax:
[Group name]: [Group password]:[GID]:[Group members]

Example

group2: x:503:user

The 1st field indicates the name of the group
The 2nd field specifies the group password
The 3rd field indicates the group id
The 4th field contains the members of the group

User mod commands

After adding the user you can change user’ s information using the user mod commands

Syntax

usermod [options] [username]

Setting expiry date for a user

To set expiry date for an user, use the ' --expiredate' flag and mention the date followed by it.

Syntax

usermod --expiredate [date] [username]

Example

[root@linuxhelp ~]# usermod --expiredate 2016-03-24 user1

Changing user’ s home directory

To change the user’ s default home directory to a different location, use the following User management command.

Syntax

usermod --home [new home directory path] [username]

Example

[root@linuxhelp ~]# usermod --home /home/user1/Desktop/ 

The option -d or --home can be used to change the user’ s home directory.
The option &ndash m automatically creates the new home directory and move the contents there.

Disabling user by locking password

The user account can be disabled by locking the user’ s password.

Syntax

usermod --lock [username]

Example

[root@linuxhelp ~]# usermod --lock user1 

The options -L or --lock can be used to lock the user’ s password.

Unlocking user password

To unlock a user password, use the following User management command.

Syntax

usermod --unlock [username]

Example

[root@linuxhelp ~]# usermod --unlock user1 

The options -u or --unlock can be used to unlock the user’ s password.

Permission Classes

There are three types of permission classes. They are,
User &ndash This class involves the owner of a file
Group- The members of the file' s group belong to this class
Others-The users who doesn’ t belong to user and group classes belong to this class
Read, Write and Execute Permissions:

Read Permission

For a file, read permission allows a user to view the contents of the file and for a directory It allows a user to view the names of the file in the directory.

Write Permission

For a normal file, write permission allows a user to modify and delete the file and for a directory. It allows a user to delete the directory, modify its contents like create, delete, and rename files in it, and modify the contents of files that the user can read.

Execute Permission

The execute permission for a file allows a user to execute a file. User must also have read permission to execute a file. For a directory execute permission allows a user to access the directory and can view information about the directory.

Example

-rw------- : A file that is only accessible by its owner
drwxr-xr-x : A directory that every user on the system can read and access

A hyphen (-) in the above examples indicates that the respective permission is not available for the particular class

Special Permissions

If set UID is set for a file or a folder, the command is executed with the owner of the file or folder’ s permission rather than the user who is executing the command.

Syntax
Symbolic form:
chmod -R u+s [filename]
Numeric form:
chmod -R 4755 [filename]

If Recursive -R is used, the parent directory’ s permission will be applied to all its sub directories.

Example

[user2@linuxhelp ~]$ chmod -R u+s test

After the Set UID is set to a file or folder.it looks like this

[user2@linuxhelp ~]$ ll
drwsrwxr-x 3 user2 user2 4096 Feb 25 13:40 test
[user2@linuxhelp ~]$ cd test
[user2@linuxhelp test]$ ll 
total 4
-rwSrw-r-- 1 user2 user2 0 Feb 25 13:40 1
-rwSrw-r-- 1 user2 user2 0 Feb 25 13:40 2
drwsrwxr-x 2 user2 user2 4096 Feb 25 13:40 new

Set GID

If set GID is set for a file or a folder, a folder or a file created inside the parent directory will have the same group owner as the parent directory.

Syntax
Symbolic form
chmod -R g+s [filename]
Numeric form
chmod -R 2755 [filename]

If Recursive -R is used, the parent directory’ s permission will be applied to all its sub directories.
Example

[user2@linuxhelp ~]$ chmod -R g+s new
[user2@linuxhelp ~]$ ll  
total 8
drwxrwsr-x 3 user2 user2 4096 Feb 25 13:45 new
drwsrwxr-x 3 user2 user2 4096 Feb 25 13:40 test
[user2@linuxhelp ~]$ cd new
[user2@linuxhelp new]$ ll 
total 4
-rw-rwSr-- 1 user2 user2 0 Feb 25 13:44 2
drwxrwsr-x 2 user2 user2 4096 Feb 25 13:45 test

After the Set GID is set to a file or folder.it looks like this,

drwxrwsr-x 3 user2 user2 4096 Feb 25 13:45 new

Sticky Bit

If sticky bit permission is set for a folder, the files or folder created within the parent directory will also get sticky bit on it.
The files or folders with sticky bit permission can be deleted only by root or by the owner of the file or folder, even other users with execute permission also can’ t delete the file or folder.

Syntax
Symbolic form
chmod -R o+t [filename]
Numeric form
chmod -R 1755 [filename]
If Recursive -R is used, the parent directory’ s permission will be applied to all its sub directories.

Example

[user2@linuxhelp ~]$ chmod -R o+t test1 

[root@linuxhelp ~]# useradd -s /sbin/nologin user3