A group is a set of users to whom a name is assigned. For example, group of ‘students’, ’employees’, ‘actors’, ‘developers’.
A user can be part of one or multiple groups. In unix, all users are part of at least one group, called the user’s primary group.
– /etc/passwd file :-
In unix you will fine the list of the users,their respective IDs,shell etc in /etc/passwd file
# less /etc/passwd root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin bin:x:2:2:bin:/bin:/usr/sbin/nologin sys:x:3:3:sys:/dev:/usr/sbin/nologin sync:x:4:65534:sync:/bin:/bin/sync games:x:5:60:games:/usr/games:/usr/sbin/nologin
– /etc/group file :-
Similar to passwd, the /etc/group file shows the list of existing groups, ids , etc.
# cat /etc/group root:x:0: daemon:x:1: bin:x:2:
– useradd :-
useradd is used to add a new user. Below are few parameters which can be specified :
-u, --uid UID user ID of the new account -m, --create-home create the user's home directory -d, --home-dir HOME_DIR home directory of the new account -g, --gid GROUP name or ID of the primary group of the new account -s, --shell SHELL login shell of the new account -G, --groups GROUPS new list of supplementary GROUPS
# useradd jim # less /etc/passwd | grep-i jim jim:1001:1001::/home/Jay:/bin/sh
– passwd :-
Once the account is created, you need to set a password for the account using passwd command. Actually any new account created in Unix is in locked state. The passwd command unlocks it and sets the password. You would be able to see the information in the /etc/shadow file, which stores the user password in encrypted form.
# passwd jim New password: Retype new password: passwd: password updated successfully # less /etc/shadow | grep -i jim jim:$y$j9T$OeIku5O2gsw/dvsQxk1nU/$5.ovknC7X7T2frTerCCnECQpNtx/gaMNjOKcpAryJm2:19172:0:99999:7:::
Using the passwd command, you can also lock a user’s account. To unlock it back, you need to set the password again :
# passwd -l jim passwd: password expiry information changed.
– groupadd :-
With group add you can create a new group.
# groupadd students # less /etc/group | grep -i students students:x:1002:
– usermod :-
You can manipulate the user’s information using usermod. Here I have added the user to newly created group ‘students’
To check the current details of the user, id command can be used :
# id jim uid=1001(jim) gid=0(root) groups=0(root)
Modified the group details –
# usermod -g root -G students jim # less /etc/passwd | grep -i jim jim:x:1001:0::/home/jim:/bin/sh # id jim uid=1001(jim) gid=0(root) groups=0(root),1002(students) Note : Here '1002' is the group id for the group name 'students'
Similarly, you can assign a new id, directory or shell to existing user with usermod :
Changed the shell to /bin/bash for user jim –
# usermod -s /bin/bash jim # less /etc/passwd | grep -i jim jim:x:1001:0::/home/jim:/bin/bash
Changed the home directory from /home/jim to /jim for user jim –
# usermod -d /jim jim # less /etc/passwd | grep -i jim jim:x:1001:0::/jim:/bin/bash
Changed the user if from 1001 to 1003 for user jim –
# usermod -u 1003 jim # less /etc/passwd | grep -i jim jim:x:1003:0::/jim:/bin/bash
Change the password expiry date for a user jit –
# usermod -e 2022-07-29 jit
You can also lock a user’s account using userrmod –
# usermod -L jit
– chage :-
We can check age/expiry for user account using chage command.
# chage -l jit Last password change : Jun 29, 2022 Password expires : never Password inactive : never Account expires : Jul 29, 2022 Minimum number of days between password change : 0 Maximum number of days between password change : 99999 Number of days of warning before password expires : 7
– userdel :-
It is used to delete an existing user account.
# userdel jim # less /etc/passwd | grep -i jim #
– groupdel :-
You can delete an existing group if it’s no longer needed.
# less /etc/group | grep -i students students:x:1002: # groupdel students # less /etc/group | grep -i students #