Types of user account
There are three types of accounts on a Linux system:
Root account: This is also called super user and would have complete and unfettered control of the system. A super user can run any commands without any restriction. This user should be assumed as a system administrator.
System accounts: System accounts are those needed for the operation of system specific components for example mail accounts and the sshd accounts. These accounts are usually needed for some specific function on your system, and any modifications to them could adversely affect the system.
User accounts: User accounts provide interactive access to the system for users and groups of users. General users are typically assigned to these accounts and usually have limited access to critical system files and directories.
Managing Users and Groups
Command | Description |
useradd | Adds accounts to the system. |
usermod | Modifies account attributes. |
userdel | Deletes accounts from the system. |
groupadd | Adds groups to the system. |
groupmod | Modifies group attributes. |
groupdel | Removes groups from the system. |
Create a Group
All the groups listed in /etc/groups file.
All the default groups would be system account specific groups and it is not recommended to use them for ordinary accounts. So following is the syntax to create a new group account:
Syntax: groupadd [-g gid [-o]] [-r] [-f] groupname
Option | Description |
-g GID | The numerical value of the group's ID. |
-o | This option permits to add group with non-unique GID |
-r | This flag instructs groupadd to add a system account |
-f | This option causes to just exit with success status if the specified group already exists. With -g, if specified GID already exists, other |
Groupname | Actaul group name to be created. |
Creating Multiple Group
sudo groupadd developer && sudo groupadd backend
Modify a Group
To modify a group, use the groupmod syntax: $groupmod –n newgroupname oldgroupame
Delete a Group
$groupdel <group_name>
$groupdel networking
Create an Account
To create account we use the following command
$ sudo useradd -d homedir -g groupname -m -s shell -u userid accountname
Option | Description |
- d homedir | Specifies home directory for the account. |
-g groupname | Specifies a group account for this account. |
-m | Creates the home directory if it doesn't exist. |
-s shell | Specifies the default shell for this account. |
-u userid | You can specify a user id for this account. |
accountname | Actual account name to be created |
Adduser and useradd command
$ sudo adduser username
Root account
This is also called superuser and would have complete and unfettered control of the system. A superuser can run any commands without any restriction. This user should be assumed as a system administrator.
System accounts
System accounts are those needed for the operation of system-specific components for example mail accounts and the sshd accounts. These accounts are usually needed for some specific function on your system, and any modifications to them could adversely affect the system.
User accounts
User accounts provide interactive access to the system for users and groups of users. General users are typically assigned to these accounts and usually have limited access to critical system files and directories.
Unix supports a concept of Group Account which logically groups a number of accounts. Every account would be a part of another group account. A Unix group plays important role in handling file permissions and process management.
Managing Users and Groups There are four main user administration files −
/etc/passwd − Keeps the user account and password information. This file holds the majority of information about accounts on the Unix system.
/etc/shadow − Holds the encrypted password of the corresponding account. Not all the systems support this file.
/etc/group − This file contains the group information for each account.
/etc/gshadow − This file contains secure group account information.
useradd:Adds accounts to the system |
usermod:Modifies account attributes |
userdel:Deletes accounts from the system |
groupadd:Adds groups to the system |
groupmod:Modifies group attributes |
groupdel:Removes groups from the system |
Create a Group
We will now understand how to create a group. For this, we need to create groups before creating any account otherwise, we can make use of the existing groups in our system. We have all the groups listed in /etc/groups file.
All the default groups are system account specific groups and it is not recommended to use them for ordinary accounts. So, following is the syntax to create a new group account −
groupadd [-g gid [-o]] [-r] [-f] groupname
The following table lists out the parameters −
g GID: The numerical value of the group's ID
-o:This option permits to add group with non-unique GID
-r:This flag instructs groupadd to add a system account
-f:This option causes to just exit with success status, if the specified group already exists. With -g, if the specified GID already exists, other (unique) GID is chosen.
groupname: Actual groupname to be created
$ groupadd developers
Modify a Group
To modify a group, use the groupmod syntax −
$ groupmod -n new_modified_group_name old_group_name
To change the developers_2 group name to developer, type −
$ groupmod -n developer developer_2
Here is how you will change the financial GID to 545 −
$ groupmod -g 545 developer
Delete a Group
We will now understand how to delete a group. To delete an existing group, all you need is the groupdel command and the group name. To delete the financial group, the command is −
$ groupdel developer
Create an Account
Let us see how to create a new account on your Unix system. Following is the syntax to create a user's account −
useradd -d homedir -g groupname -m -s shell -u userid accountname
-d homedir: Specifies home directory for the account.
-g groupname:Specifies a group account for this account
-m:Creates the home directory if it doesn't exist
-s shell:Specifies the default shell for this account
-u userid:You can specify a user id for this account
Accountname:Actual account name to be created
Following is the example that creates an account mcmohd, setting its home directory to /home/mcmohd and the group as
developers. This user would have Korn Shell assigned to it.
$ useradd -d /home/mcmohd -g developers -s /bin/ksh mcmohd
$ passwd mcmohd20
Changing password for user mcmohd20. New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated successfully.
Modify an Account
The usermod command enables you to make changes to an existing account from the command line. It uses the same arguments as the useradd command, plus the -l argument, which allows you to change the account name.
For example, to change the account name mcmohd to mcmohd20 and to change home directory accordingly, you will need to issue the following command −
$ usermod -d /home/mcmohd20 -m -l mcmohd mcmohd20
Delete an Account
$ userdel -r mcmohd20
Linux shell script to add a user with a password
useradd -m -p EncryptedPasswordHere username