Managing Users and Groups in Linux

Updated   Read time 3 min(s) 59 sec(s)   (392 views).  Linux  

This simple article provides a list of command-line utilities (including examples) that can be used to manage users and groups on Linux based operating systems. (commands marked require root privilege, or a user with suitable sudo access rights to run).

useradd

The useradd command is used to create a new user on a Linux system. (man page here)

  • Create a new user "testuser1" using default settings as specified in "/etc/default/useradd" and "/etc/skel". 
    root@host# useradd testuser1
  • List defaults used when creating new users 
    root@host# useradd -D
GROUP=100
HOME=/export/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/sh
SKEL=/etc/skel
CREAT_MAIL_SPOOL=no
  • Create a new user "testuser2" and set their default shell to "/bin/bash" 
    root@host# useradd -m -s /bin/bash testuser2
    The -m is specified to create the home directory
  • Create a new user "testuser3" and specify user id (uid) "1234" 
    root@host# useradd -m -u 1234 testuser3
  • Create a new user "testuser4" and specify group membership 
    root@host# useradd -m -g group1 -G group2,group3 testuser4
  • Create a new user "testuser5" and specify it's home directory 
    root@host# useradd -m -d /users/testuser5 testuser5

usermod

The usermod command is used to modify an existing account on a Linux system. (man page here)

  • Change a users home directory to "/export/home/testuser1" 
    root@host# usermod -d /export/home/testuser1 testuser1
    The original users directory is NOT removed.
  • Add additional groups to an existing user 
    root@host# usermod -a -G group1,group2,group3 testuser2
  • Change an existings users default shell to "/bin/zsh" 
    root@host# usermod -s /bin/zsh testuser3

userdel

The userdel command is used to remove an account on a Linux system. The userdel command will remove any entries for the specified user from "/etc/passwd", "/etc/shadow"/ and "/etc/group". (man page here)

  • Remove user "testuser1" without removing it's home directory 
    root@host# userdel testuser1
    Useful if you want to keep the users files online, or if you are archiving them at a later date.
  • Remove user "testuser2" and it's home directory 
    root@host# userdel -r testuser2
    Make sure you have a backup of the users home directory just in case.

passwd

The passwd command is used to set or change a password for an existing user. The command may also be used for locking and unlocking an account. (man page here)

  • User "testuser1" changes their own password 
    testuser1@host$ passwd
    Any user can change their own password in this way.
  • Change password for "testuser2" 
    root@host# passwd testuser2
    • Only the root user can change another users password (or a user who has elevated privileges using the sudo. For example 
    testuser2@host$ sudo passwd testuser3
  • Lock user "testuser3" account 
    root@host# passwd -l testuser3
  • Unlock user "testuser4" account 
    root@host# passwd -u testuser4
  • Show password status for all users 
    root@host# passwd -a -S
  • Delete user "testuser5" password 
    root@host# passwd -d testuser5

chage

The chage command is used to set or change a users password expiry information. (man page here)

  • Display password expiry for user "testuser1" 
    root@host# chage -l testuser1
  • Change password expiry details interactively for "testuser2" 
    root@host# chage testuser2
  • Force user "testuser3" to change their password at next login 
    root@host# chage -d 0 testuser3

groupadd

The groupadd command is used for creating a new group on a Linux system. (man page here)

  • Add a new group "group1" 
    root@host# groupadd group1
  • Add a new group "group2" with a specific group id (gid) "1234" 
    root@host# groupadd -g 1234 group2

groupmod

The groupmod command is used for modifying a group definition on a Linux system. (man page here)

  • Change the gid of group "group1" 
    root@host# groupmod -g 1234 group1
  • Change the name of existing group "group2" to "group3" 
    root@host# groupmod -n group2 group3

groupdel

The groupdel command is used for deleting a group definition on a Linux system. (man page here)

  • Remove group "group1" 
    root@host# groupdel group1

groups

The groups command is used for displaying group membership of a user on a Linux system. (man page here)

  • User "testuser1" querying which groups the account belongs to 
    testuser1@host$ groups
  • Display groups membership with user "testuser2" 
    root@host# groups testuser2

id

The id command is used for displaying a users UID/GID and group membership on a Linux system. (man page here)

  • User "testuser1" displays their own user and group membership information 
    testuser1@host$ id
  • Display user and group membership information for user "testuser2" 
    root@host# id testuser2

Other utilities

  • pwck, grpck — Utilities that can be used for verification of the password, group and associated shadow files.
  • gpasswd — Utility for administering the "/etc/group" file.
  • pwconv, pwunconv — Utilities that can be used for the conversion of passwords to shadow passwords, or back from shadow passwords to standard passwords.