how to manage linux user on rhel 7

How To Manage Linux User on RHEL 7

i | P a g e

Table of Contents

Overview ....................................................................................................................................................... 1

Applies To ...................................................................................................................................................... 1

User Management – Insight .......................................................................................................................... 1

User Type and Purpose ............................................................................................................................. 1

User ID and Group ID Range ..................................................................................................................... 1

User Login Shell ......................................................................................................................................... 2

User Add Options ...................................................................................................................................... 2

User Management – USERADD ..................................................................................................................... 3

Create User – No Options ......................................................................................................................... 3

Create User – Set User ID .......................................................................................................................... 3

Create User – Set Group ID ....................................................................................................................... 4

Create User – Set Home Directory ............................................................................................................ 4

Create User – Comment............................................................................................................................ 5

Create User – Login Shell .......................................................................................................................... 5

Create User – Duplicate User ID ............................................................................................................... 6

Create User – Account Expiry Date ........................................................................................................... 6

Create User – No Home Directory ............................................................................................................ 7

Create User – No Shell .............................................................................................................................. 7

User Management – USERMOD.................................................................................................................... 8

Modify User – User ID ............................................................................................................................... 8

Modify User – Primary Group ID ............................................................................................................... 8

Modify User – Append Groups ................................................................................................................. 9

Modify User – Move Home Directory ....................................................................................................... 9

Modify User – Comment ......................................................................................................................... 10

Modify User – Login Name...................................................................................................................... 10

Modify User – Login Shell ....................................................................................................................... 11

Modify User – Lock User ......................................................................................................................... 11

Modify User – Unlock User ..................................................................................................................... 12

User Management – USERDEL .................................................................................................................... 12


ii | P a g e

Delete User – Username ......................................................................................................................... 12

Delete User – Home Directory ................................................................................................................ 13

Delete User – Force Removal .................................................................................................................. 13


1 | P a g e

Overview

The purpose of this guide is to help us in creating, remove or modify a user account on Linux server. In

this guide we will focus on user add, removal and modifying.

Applies To

Tested on CentOS 7 and RHEL 7

User Management – Insight

In Linux users are managed by useradd, userdel and usermod commands.

There are 3 types of users namely, Super User Account, System User Account, Normal Account

User Type and Purpose

User Type is defined and determined by User ID assigned to the user. Ideally only one super user should

be created.

User User Type User ID Group ID Information

root Super 0 0 Also called root user

apache System 1 1 Apache webserver owner and service account

test.user Normal 500 500 Normal User Account

User ID and Group ID Range

User ID Range and Group ID Range is assigned is determined based on setting in the file “/etc/login.defs”.

User Type UID Range GID Range Information

Super 0 0 root user is always created with UID & GID 0

System 1 to 499 1 to 499 System account can be created within the range

Normal 500 to 60000 500 to 60000 Normal account can be created within the range

Note: Choosing the above UID & GID is advisable because of easier identification of user account type.

cat /etc/login.defs | grep -e 'UID\|GID'


2 | P a g e

User Login Shell

User’s Login shell can be assigned to a user as per the list in the file “/etc/shells”. This list is also supported

shells on the servers.

User Add Options

In this section we will create user with few different options. In order to create a user you need provide

mandatory “username” and all other attributes are optional.

Option Purpose

-u User Account’s User ID (number)

-g User Account’s Group ID (number)

-d Create Home Directory in path

-c Comments for the user, typically User’s Full Name or profile

-s User’s Login shell

-o Create User with Existing user ID (duplicate)

Defaults are determined based on the setting in the file “/etc/default/useradd” or execute command

useradd -D.


3 | P a g e

User Management – USERADD

In this section we will create users with different options, to create a user execute the command

“useradd” as per the business need pass the optional parameters.

Create User – No Options

To create user account, run the command; once you create the account, user’s login password has to be

set with the command “passwd” as shown below;

useradd test.user1

passwd test.user1

To know the User’s User ID run the command below;

cat /etc/passwd | grep | test.user1 | awk -F":" '{ print "User " $1,"UID is "$3}'

Create User – Set User ID

To create a user account with a specific User ID, run the command;

useradd -u 1500 test.user2

passwd test.user2


4 | P a g e

Create User – Set Group ID

To create a user account and assign to a specific Group ID, run the command, this group should already

exists.

useradd -g 100 test.user3

passwd test.user3

Create User – Set Home Directory

To create a user account with a non-default home directory, run the command;

useradd -d /home/appln.user test.user4

passwd test.user4


5 | P a g e

Create User – Comment

To create a user account with a comment, run the command;

useradd -c "Test User #5" test.user5

passwd test.user5

Create User – Login Shell

To create a user account with a non-default shell (bash), run the command;

useradd -s /bin/sh test.user6

passwd test.user6


6 | P a g e

Create User – Duplicate User ID

To create a user account with non-unique user ID, run the command;

useradd -ou 1500 test.user7

passwd test.user7

Create User – Account Expiry Date

To create a user account with account expiry, run the command; Typically these accounts are created for

a temporary time period.

By default when you create a user without option “-e” user account is expiry date is set to “0”, which

means account never expires.

useradd -u 100 -e 2016-08-31 test.user8

passwd test.user8

chage -l test.user8


7 | P a g e

Create User – No Home Directory

To create a user account without home directory, run the command;

useradd -g 100 -M test.user9

passwd test.user9

ls -l /home/test.user9

Create User – No Shell

To create a user account without shell (user is restricted to login), run the command;

useradd -g 100 -s /sbin/nologin test.user10

cat /etc/passwd | grep -E "test.user10| nologin"


8 | P a g e

User Management – USERMOD

In this section we will modify user account with different options, to modify a user execute the command

“usermod” as per the business need pass the optional parameters.

Modify User – User ID

At times a user account might have been created with wrong user ID, hence to modify the user ID and

also you don’t want to have duplicate user ID, run the command;

usermod -u 1507 test.user1

Note: Existing User ID can’t be assigned to a user, a new User ID has to be assigned.

Modify User – Primary Group ID

If a user has been changed to a different project and you would like to change the group, run the

command;

usermod -g 1005 test.user2

Note: The existing primary group will be replaced.


9 | P a g e

Modify User – Append Groups

If a user has been included to work on more than one project and user has to be appended to new groups.

To include user to additional groups, run the command;

usermod -aG 1003,1004 test.user3

Modify User – Move Home Directory

If you want to move home directory along with existing user files, run the command; give the new home

directory location for the user.

usermod -d /home/test.user4 -m test.user4


10 | P a g e

Modify User – Comment

If you want to the change the comment of the exiting user, run the command;

usermod -c "Modified Comment" test.user5

cat /etc/passwd | grep -e "test.user5\|Modified Comment"

Modify User – Login Name

If the user account was created with an wrong username and you intend change the login name, run the

command;

Note: The user's home directory or mail spool should probably be renamed manually to reflect the new

login name, see move home directory command.

usermod -l test.user6 changed.login.user


11 | P a g e

Modify User – Login Shell

If you want to change the user’s login shell, run the command;

usermod -s /bin/sh test.user7

Modify User – Lock User

In order to lock a user account, when a user account is locked in “/etc/shadow” file against the user’s

password is prefixed with “!” which signifies that the account is locked.

usermod -L test.user8


12 | P a g e

Modify User – Unlock User

In order to unlock a user account, when a user account is locked in “/etc/shadow” file against the user’s

password is prefixed with “!” which signifies that the account is locked. To revoke / unlock it run the

command;

usermod -U test.user8

User Management – USERDEL

In this section we will delete user account with different options, to delete a user execute the command

“userdel” as per the business need pass the optional parameters.

Delete User – Username

To delete a user and retain user’s files (home directory), run the command;

Note: If the user’s group is also primary group of any other user account, other user account will not be

deleted.

userdel test.user1


13 | P a g e

Delete User – Home Directory

To delete a user and also user’s files (home directory), run the command;

userdel -r test.user2

Delete User – Force Removal

To delete a user by force, run the command;

userdel -f test.user4

Caution: Be careful when you remove user with force option, if there any processes running with this

account also will be ignored and user would be removed.

To delete a user by force along with user files also, run

userdel -rf test.user4

how to manage linux user on rhel 7

Technology