11 Linux users and groups

In the last lecture, we talked about users and groups and configuration files that store this information. Today we will discuss ways to create, modify, delete accounts (users) and groups. In order to create a user there are two commands: useradd and adduser . First consider the adduser option.
We type in the command line com *** in adduser user (this com *** u can only be run with root privileges ):

I specifically started with the adduser command, as it allows you to create a user account online and displays the creation process on the screen, which will help us understand what is happening in the system. Let's sort through the process of creating a user account:

The user `user ' is added ... - a new line is added to the / etc / passwd file .

A new group `user '(1004) is added ... - a group is created which will be the main one for the user being created. The corresponding line is added to the / etc / group file . Remember in the last lecture we said that the user should be included in at least one group. By default, a group is created with the same name as the user account name.

A new user `user '(1003) is added to the group` user' ... - after that, the user user is added to the user group, that is, the corresponding line in the / etc / group file is changed.

The home directory `/ home / user 'is being created ... - here everything is absolutely clear there is nothing to add.

Copying files from `/ etc / skel '... - the template files from the / etc / skel directory are copied to the new user's home directory.

The above actions are performed automatically, but further on we need our intervention, since we need to enter a password for the user. The result will be the corresponding line in the file / etc / shadow .

After that, you will be prompted to change additional information about the user (a change will be made to the fifth field in the / etc / passwd file ). In the last lecture, we also mentioned the format of this field. Now we can see the components of this field.
At the end, information on confirming the correctness of the entered information is given. If everything is correct, just press Enter and the adduser program ends its work.

Let us now verify that the information on the new user has appeared in the files / etc / passwd, / etc / group and / etc / shadow , as well as the presence of the home directory:

in@intellect.icu: ~ $ less / etc / passwd | grep user
user: x: 1003: 1004: Ivan Ivanov, 23,123-34-45,654-43-32, Zam directora: / home / user: / bin / bash

in@intellect.icu: ~ $ sudo less / etc / shadow | grep user
user: $ 6 $ 0RuIJM9h $ IBXzvf8s9FL / bIzSAcIIkjsfhkjHKASJFHjkfbWKZSSVVjLmbASd / QDUVf4.LZeA670vhXc6W.2Mrqc1: 14546:

in@intellect.icu: ~ $ less / etc / group | grep user
user: x: 1004:

in@intellect.icu: ~ $ ls -la / home / user /
total 24
drwxr-xr-x 2 user user 4096 2029-10-29 10:11.
drwxr-xr-x 6 root root 40296 2029-10-29 10:11 ..
-rw-r – r– 1 user user 2220 2029-10-29 10:11 .bash_logout
-rw-r – r– 1 user user 33180 2029-10-29 10:11 .bashrc
-rw-r – r– 1 user user 1267 2029-10-29 10:11 examples.desktop
-rw-r – r– 1 user user 12375 2029-10-29 10:11 .profile

We see that all the necessary entries in the configuration files are and the home directory is created. A com *** and useradd differs from adduser in that it is not interactive and in order for it to perform all the actions that the com *** performs and adduser it is necessary to set the corresponding parameters and keys that can be viewed using the command useradd –help or man useradd . I propose to consider as a homework task yourself *** *** from useradd .

To delete a user, there is a com *** and userdel or its extended analogue deluser . If it is necessary to delete a user without deleting his files (home directory, directory with mailbox), then the *** command is performed without keys:

in@intellect.icu: ~ $ sudo deluser user
Removed user `user '...
Warning: there are no more members in the `user 'group.
Is done.

As a result, the user information will be completely deleted from the / etc / passwd, / etc / group, / etc / shadow files, but the user's data (the home directory will not be deleted). To delete the home directory and the mailbox (usually located in the / var / mail / directory of the user), enter the following *** at deluser with the –remove-home key:

in@intellect.icu: ~ $ sudo deluser user –remove-home
Searching for files to save / delete ...
Files are deleted ...
Removed user `user '...
Warning: there are no more members in the `user 'group.
Is done.

After executing this command, the directories / home / user / and / var / mail / will also be deleted.
If you need to delete all user files, then you need to set the –remove-all-files key. But the deletion operation with this key will take more time, since the system will search for all the files of this user on the hard disk:

in@intellect.icu: ~ $ sudo deluser user –remove-all-files
Searching for files to save / delete ...
Files are deleted ...
Removed user `user '...
Warning: there are no more members in the `user 'group.
Is done.

To change the parameters of an already created user, com *** usera is intended . A complete list of keys and parameters can be found in the help. There are no difficulties with com *** d everything is quite transparent: com *** and username options . For example, com *** and usermod -L user will block the user account. And com *** and usermod -U user unlocks.

It remains to consider someone *** that allows you to change the user password. This is com *** and passwd . The administrator can use this command to change the password of any user, and the user is only his own, and the ordinary user must enter his old password before changing the password. Help on the man 1 passwd command (if you type man 5 passwd, you will get help on the / etc / passwd file ). In order for a user to change his own password, it is enough to type a *** key at passwd without parameters. If the administrator needs to change the password to another user, he will give the user name as a parameter: passwd user .

Creating a group in Linux . While creating a user, his main group is automatically created by the *** n adduser , it may be necessary to create a separate group. As you may have guessed, there is a com *** and addgroup for this. The command syntax is simple: addgroup group1 - creating a new group. If the addgroup command takes the user name and group name as parameters, the user will be added to this group:

in@intellect.icu: ~ $ sudo addgroup user group1
User `user 'is added to group` group1 ′ ...
Adding user user to group group1
Is done.

To delete a group, use the com *** and delgroup command , and to change information about the com group *** and groupmod . If it is necessary to delete a group, it is enough to enter a com *** in delgroup group_name . Here it must be remembered that you cannot delete a group if it is primary for an existing user:

in@intellect.icu: ~ $ sudo delgroup test1
/ usr / sbin / delgroup: The user `test1 ′ as the primary specified group` test1 ′!

If it is necessary to remove a user from a group, then by analogy with the *** n addgroup:

in@intellect.icu: ~ $ sudo delgroup user group1
Removed user `user 'from group` group1 ′ ...
Is done.

That's all about creating users and groups in Linux . I recommend reading the help to all the listed *** commas and, as always, do not forget about the practice: practice creating accounts and groups, add, edit, delete. See, for example, what happens if you delete a group that owns a directory, etc.