Management of user accounts in Linux

Linux is a multi-user multi-task time-sharing operating system. any user who wants to use system resources must first apply for an account from the system administrator and then enter the system as the account. User Accounts can help system administrators track users who use the system and control their access to system resources. They can also help users organize files and provide security protection for users. Each user account has a unique user name and password. After you enter the correct user name and password during logon, you can access the system and your home directory.

To manage user accounts, you must do the following:

· Add, delete, and modify user accounts.

· User password management.

· User group management.

The management of user accounts mainly involves adding, modifying, and deleting user accounts. To add a user account is to create a new account in the system, and allocate resources such as user numbers, user groups, home directories, and logon shells to the new account. The newly added account is locked and cannot be used.

1. Add a new user account and use the useradd command. The syntax is as follows:

Useradd option Username

The options are described as follows:

-C comment specifies an annotation description.

-D directory specifies the user's main directory. If this directory does not exist, you can use the-m option to create a main directory.

-G User Group specifies the user group to which the user belongs.

-G user group, which specifies the additional group to which the user belongs.

The-s Shell file specifies the user's logon Shell.

-U user number specifies the user number of a user. If the-o option is available at the same time, the user ID of another user can be used again.

User name specifies the login name of the new account.

2. Example

Example 1:

# useradd –d /usr/sam -m sam

This command creates a user sam,

Here, the-d and-m options are used to generate a main directory/usr/sam/usr for the logon sam as the parent directory of the default user main directory ).

Example 2:

# useradd -s /bin/sh -g group –G adm,root gem

This command creates a new user gem. the user's logon Shell is/bin/sh, which belongs to the group user group and also to the adm and root user groups. The group user group is the main group.

A new group may be created here: # groupadd group and groupadd adm

Adding a user account adds a record to a new user in the/etc/passwd file and updates other system files, such as/etc/shadow and/etc/group.

Linux provides the integrated system management tool userconf, which can be used to manage user accounts in a unified manner.

3. delete an account

If a user's account is no longer in use, it can be deleted from the system. To delete a user account, you must delete the user record in system files such as/etc/passwd. If necessary, delete the user's home directory. Delete an existing user account and use the userdel command. The format is as follows:

Userdel option Username

The commonly used option is-r, which is used to delete the user's home directory together.

For example:

# userdel sam

This command deletes records of user sam in system files, such as/etc/passwd,/etc/shadow,/etc/group, and deletes the user's home directory.

4. Modify an account

Modifying a user account is to change the user's attributes, such as the user ID, main directory, user group, and logon Shell.

Use the usermod command to modify existing user information. The format is as follows:

Usermod option Username

Common options include-c,-d,-m,-g,-G,-s,-u, and-o. These options have the same meaning as those in the useradd command, you can specify a new resource value for the user. In addition, some systems can use the following options:

-L New User Name

This option specifies a new account, changing the original user name to the new user name.

For example:

# usermod -s /bin/ksh -d /home/z –g developer sam

This command changes the logon Shell of user sam to ksh, the main directory to/home/z, and the user group to developer.

5. User Password Management

An important part of user management is the management of user passwords. A user account has no password when it was created, but is locked by the system and cannot be used. It can only be used after a password is specified, even if it is null.

The Shell command used to specify and modify the user password is passwd. Super Users can specify passwords for themselves and other users. Common users can only use them to modify their own passwords. Command Format:

Passwd option User Name

Available options:

-L the password is disabled.

-U password unlock.

-D indicates that the account has no password.

-F forces the user to change the password upon next login.

If the default user name is used, modify the password of the current user.

For example, if the current user is sam, the following command modifies the user's own password:

$ passwdOld password:******New password:*******Re-enter new password:*******

If you are a super user, you can specify the password of any user in the following form:

# passwd samNew password:*******Re-enter new password:*******

When a common user modifies his or her own password, the passwd command First asks for the original password and then asks the user to enter the new password twice. If the two passwords are the same, the original password is not required when the superuser specifies a password for the user.

For the sake of system security, you should select a complicated password. For example, you 'd better use an 8-bit long password, which contains uppercase letters, lowercase letters, and numbers, it should be different from the name and birthday.

When you specify a blank password, run the following commands:

# passwd -d sam

This command deletes the password of the user sam, so that the system will not ask for the password during the next logon.

The passwd command can also use the-l (lock) option to lock a user so that the user cannot log on. For example:

# passwd -l sam