Chapter 5. User Information and Administration
Prev     Next

Chapter 5. User Information and Administration

Table of Contents

Introduction
useradd
groupadd
groupmod
groups
usermod
userdel
groupdel
adduser, addgroup, deluser and delgroup
chfn and chsh
Debian and disk quotas:
initial setup
repquota
edquota
quota

Introduction

You'll remember from the Fundamentals course that the user information is stored in the system /etc/passwd and /etc/shadow files, and that additionally, group membership information is stored in the /etc/group file.

While it is possible to edit these files by hand, it is not recommended.

There exist several command line tools, which can be used to manage these files instead:

useradd 

SYNTAX: 
useradd [switches] <username>

This is a powerful command, which lets you easily create new users on the system, with a range of options.

The most common ones are:

Table 5.1. useradd options

-c comment The new user's GECOS information, normally just their full name.
-d homedir The user's home directory. Defaults to "/home/${username}".
-e expire date The date on which this account expires (YYYY-MM-DD format).
-g initial group Group name or number of the user's primary group. Defaults to "1".
-G grp1,grp2,... A list of additional groups, which the user will be made a member of.
-m This option will cause the user's home directory to be created if it does not already exist. Any files and directories which exist in /etc/skel will also be copied into the user's home directory.

The last parameter should be the desired login name for the user.

You can consult man page for the other options, and for further details.

One additional switch worth mentioning is "-D", which controls the defaults for useradd.

Specifying the "-D" switch on its own will simply display the default settings, while specifying -D in conjunction with other switches will change the defaults to those values. 

debian:~# useradd -D
GROUP=100

INACTIVE=-1HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
debian:~# useradd -D -s /bin/sh
debian:~# useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/sh
SKEL=/etc/skel

As you can see, this changes the default shell for created users from "bash" to "sh".

Let's change it back though, and create a test user:

debian:~# useradd -D -s /bin/bash
debian:~# useradd -c &quot;Joe Blogs&quot; -m jblogs
debian:~# finger jblogs
Login: jblogs                           Name: Joe Blogs
Directory: /home/jblogs                 Shell: /bin/bash
Never logged in.
No mail.
No Plan.
debian:~# ls -la /home/jblogs
total 24
drwxr-xr-x    2 jblogs   users        4096 Mar 12 05:58 .
drwxrwsr-x    4 root     staff        4096 Mar 12 05:58 ..
-rw-r--r--    1 jblogs   users         266 Mar 12 05:58 .alias
-rw-r--r--    1 jblogs   users         509 Mar 12 05:58 .bash_profile
-rw-r--r--    1 jblogs   users        1093 Mar 12 05:58 .bashrc
-rw-r--r--    1 jblogs   users         375 Mar 12 05:58 .cshrc

You can see that the user's home directory has been populated with the files from "/etc/skel". Default configuration files (such as .bashrc, .bash_profile) should be kept here, so that new users that you create will be given them automatically. Remember, though, that you can set your system wide defaults in the /etc/profile file.

groupadd 

SYNTAX:
groupadd <groupname>

This command simply creates additional groups.

debian:~# groupadd testing
debian:~# tail -1 /etc/group
testing:x:1001:

groupmod 

SYNTAX:
groupmod -n <newname> <oldname>

This command renames a group, from oldname to newname.

debian:~# tail -1 /etc/group
testing:x:1001:
debian:~# groupmod -n jblogs testing
debian:~# tail -1 /etc/group
jblogs:x:1001:

groups 

SYNTAX:
groups [username]

This simple command displays what groups a user is a member of. It takes the username of user as a parameter. If no username is given, it defaults to the current user. 

debian:~# groups
root
debian:~# groups jblogs
jblogs : users

usermod 

SYNTAX:
usermod [flags] <username>

This command alters account information for users, which already exist. It takes most of the same switches as the useradd command.

So, if we wanted to make user "jblogs"'s primary group also be "jblogs" (the group we renamed above), then we could do something like this: 

debian:~# groups jblogs
jblogs : users
debian:~# usermod -g jblogs jblogs
debian:~# groups jblogs
jblogs : jblogs

The usermod command also allows the system administrator to disable and re-enable accounts. It's usually a good idea to disable accounts which you know aren't being used, or if you suspect malicious activity from that user.

You can disable an account by using the "-L" (lock) switch:

debian:~# usermod -L student

Now when the user "student" attempts to log in, they will be prevented from doing so.

You can then re-enable the account, using the "-U" (unlock) switch:

debian:~# usermod -U student

This will allow "student" to log in again as normal, with the same password as his account had previously.

userdel 

SYNTAX:
userdel [-r] <username>

This command removes a user from the password database. If the "-r" flag is specified, the users home directory and files are also removed. 

debian:~# ls -la ~jblogs
total 24
drwxr-xr-x    2 jblogs   users        4096 Mar 12 05:58 .
drwxrwsr-x    4 root     staff        4096 Mar 12 07:57 ..
-rw-r--r--    1 jblogs   users         266 Mar 12 05:58 .alias
-rw-r--r--    1 jblogs   users         509 Mar 12 05:58 .bash_profile
-rw-r--r--    1 jblogs   users        1093 Mar 12 05:58 .bashrc
-rw-r--r--    1 jblogs   users         375 Mar 12 05:58 .cshrc
debian:~# userdel -r jblogs
debian:~# ls -la ~jblogs
ls: ~jblogs: No such file or directory

groupdel 

SYNTAX:
groupdel <group>

This command removes a group from the group database.

adduser, addgroup, deluser and delgroup

The adduser, addgroup, deluser and delgroup commands are more user- friendly front-ends to the commands explained earlier. They will prompt you interactively instead of requiring command line switches. 

debian:~# adduser 
Enter a username to add: jane
Adding user jane...
Adding new group jane (1001).
Adding new user jane (1001) with group jane.
Creating home directory /home/jane.
Copying files from /etc/skel
Enter new UNIX password: 
Retype new UNIX password: 
passwd: password updated successfully
Changing the user information for jane
Enter the new value, or press return for the default
        Full Name []: Jane Doe
        Room Number []: 
        Work Phone []: 
        Home Phone []: 
        Other []: 
Is the information correct? [y/n] y
debian:~# ls -la ~jane
total 24
drwxr-xr-x    2 jane     jane         4096 Mar 12 08:02 .
drwxrwsr-x    4 root     staff        4096 Mar 12 08:02 ..
-rw-r--r--    1 jane     jane          266 Mar 12 08:02 .alias
-rw-r--r--    1 jane     jane          509 Mar 12 08:02 .bash_profile
-rw-r--r--    1 jane     jane         1093 Mar 12 08:02 .bashrc
-rw-r--r--    1 jane     jane          375 Mar 12 08:02 .cshrc

You'll notice that, by default, the adduser command creates a group with the same name as the username, and makes this group the primary group for that user. This is called a user private group (UPG).

chfn and chsh

While all the commands described above are only available to the root user, the chfn and chsh commands are available to normal users too.

The chfn command allows the user to alter their GECOS information, while the chsh command allows the user to alter their shell. 

jane@debian:~$ chsh
Password: 
Changing the login shell for jane
Enter the new value, or press return for the default
Login Shell [/bin/bash]: /bin/sh
Prev  Up  Next
Roll your own  Home  Debian and disk quotas: