Linux Users and Groups

Linux users are stored on /etc/passwd file and its structure might look like this:

lisa:x:1002:1002:IT Department:/home/lisa:/bin/bash, where

  • lisa – is username
  • x – is the password, but stored somewhere else (/etc/shadow file)
  • 1002:1002 is the user id and group id
  • IT Department –  is the GECOS field, usually used to describe the user
  • /home/lisa is the home directory
  • /bin/bash – default shell

Groups are stored on the /etc/group file.

To create a new user, you use useradd command. Example:

useradd -c myuser -e 2015-12-12 -s /bin/tcsh laura

  • -c is for comment, it fills GECOS field
  • -e is expiration date
  • -s default shell
  • laura – is the username

The passwords of the users are stored on /etc/shadow file and it has the following format:

laura:!!:16674:0:99999:7::16781: , where

  • laura – is the username
  • !! – the password, but as this account still does not have a password it shows as !!

If we set laura a password using: passwd laura and check the /etc/shadow file for laura we get this:

laura:$6$Zttbm1hl$flv.RxzU1v1kUSUEHXvOe6ka/wzN5eoSOsAIbezUetYKbMBhc5Rt/KTBi2fNgopO5FKMUSQLfywuIvsJCoA55/:16674:0:99999:7::16781:

Groups

Users by default are members of so called private groups. If we type: id laura, we get:

uid=1003(laura) gid=1003(laura) groups=1003(laura), wehre we see that laura is member of gid=1003 (laura)

You can create a new group by using groupadd command. Example

groupadd account – creates a new group with account group name.

To add a user to a group just edit the /etc/group file and at the end of the group name entry, add the username. Example:

account:x:1004:lisa

adds lisa to the account group.

Another method to add users to a group is using usermod command. Example:

usermod -aG account laura , adds user laura to account group. -aG stands for append to the secondary group.

Configuration files

  • /etc/login.defs is the file where you can specify different configurations for passwords (password age, length, etc) users, groups etc.
  • /etc/default/useradd, you can specify for example whether the newly created user will be disabled or other properties
  • the content of the /etc/skel is copied to the home directory when a new user is created. If you put a file or directory on the skel directory, that will be copied to the home directory when a new user is created.

Passwords

  • passwd is the command to set, lock, unlock, set min/max age, etc. passwords for users.
  • chage use to change password expiry information