Like Windows OS, Linux sytem having username for each user.
A user can access the system by using username.
Each user on Linux system is assigned a unique user identification number, also known as a UID.
UIDs below 500 are reserved for system users such as the root user. When a user is added, a private user group is created, about group, will be discussed in group chapter.
In order to add a new user, use the useradd command. The basic syntax is useradd username
. After creating user, create password for the user by using
, password creation will unlock the account. Whenever a user is created then a directory of user with same name of user automatically created in /home
# useradd mohit
# passwd mohit
enter unix password *****
You can see all option of useradd by using man
If you create a user mohit open the home directory now you would see a directory mohit
This (mohit) is the home directory of user mohit, user mohit have full permission to read, write
Execute any this in this directory by default.
Super user can change the permission of any user even for his home directory.
Options of useradd
Here are some option of useradd
use for change the location of home directory.
By default, the user's home directory is /home/username (for example, if the login is
game, the home directory would be /home/game). When creating a new user,
the user's home directory gets created along with the user account.
So if you want to change the default to another place, you can specify the new location with this parameter - for example, -d /home/ad/game
change the location of home directory
It is possible for an account to expire after a certain date. By default, accounts never
expire. To specify a date, be sure to place it in MM/DD/YY format (specify 00 for the
year 2000 for this system)-for example, use -e
06/05/2011 for the account to expire
on june 05, 2011.
expire-date of user
This option tells the command not to create the user’s home directory.
not to create the user's home directory
No directory named harsh found in below figure
No home directory is created for harsh
Similar readers you can try
This option allows you to specify additional groups to which the new user will belong.
If you use the -G option, you must specify at least one additional group. You can,
however, specify additional groups by separating them with commas. For example,
to add a user to the project and admin groups, you should specify -G project,admin.
By default, the program will automatically find the next available UID and use it. If for
some reason you need to force a new user's UID to be a particular value, you can use
this option. Remember that UIDs must be unique for all users.
useradd command cannot do anything for existing user
The userdel removes existing users. The userdel command use only one option.
userdel [-r] username
if you use only username with userdel like userdel raj, all of the entries in the /etc/passwd and /etc/shadow files, and
references in the /etc/group file, are automatically removed.
If you use userdel -r raj all of the files owned by the user in his home directory are
removed as well.
Modifying Users with usermod command
command used to modify the options for existing user.
[root@localhost ~]#usermod <options> <username>
Now let us see the command with options
This option lock a user's password. This puts a !
in front of the encrypted password in /etc/shadow
Let us see the figure.
usermode to lock username
Open the /etc/shadow
file it would be like this.
lock user in /etc/shadow
Red circle !
shows the lock user.
-U to unlock the user
This option unlock a user's password. This removes the !
in front of the encrypted password in /etc/shadow
-U to unlock the user
Again open the /etc/shadow
file to know the status of user.
Unlock the user in /etc/shadow
mark here means user is unlock.
-l to change the user name old to new
# usermod -l <new name> <old user name>
But this is not change the old use home directory home directory name remain same.
You can see the effect of command by opening the file /etc/passwd
This option would give you the numerical value of the user's ID. See the below figure.
Shows the UID
You can check in the /etc/passwd
Shows the UID in passwd file
and -c comment
Open the /etc/passwd
Comment in /etc/shadow
The red rectangle is showing the comment field.
Readers must see the man page of usermod command.
And practice more switches or options.
Linux system provides another option chage for password age configuration.
To list current password aging values, use the chage -l <username> command. As shown in figure.
This options sets the minimum amount of time permitted between password changes.
#chage -m 2 <username>
user can change his password for only 2 days.
-M max days
With the -M option, the value of maxdays is the maximum number of days during which a password is valid.
-d Set the number of days since the password was last changed.
-E Set the date the password will expire.
-I Set the number of days of inactivity after the password expires to lock the account.
-m Set the minimum number of days between password changes.
-W Set the number of days before the password expires that a warning message appears.
command give quick and easy way to change just the password for a user.
Any user in
the system can change their own password, but only the root user has power to change someone else's
Change the password
Here wisdom user changed their password just simply by command passwd
. Sometimes it give error if your password is very week, so use strong password.
Consider root(superuser) wants to change the password of normal user say wisdom.
[root@localhost]# passwd <username>
Doesn't need to give old password. This is the power of superuser.
password changed by root
This option is used to lock the specified account and it available to root only.
As shown in figure below.
The root user lock the user mohit.
password locked by root
To verify this open the file /etc/shadow
It would be like this shown in figure below.
password locked by root in passwd file
This is the reverse of -l
option, it unlock the password by removing the the !
How to use, shown in figure below.
password unlocked by root
Consequently effect on /etc/shadow
password unlocked by root in passwd file
Now let us discuss some points about /etc/passwd
- Username: It is used when user logs in. It should be between 1 and 32 characters in length.
- Password: An x character indicates that encrypted password is stored in /etc/shadow file.
- User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root.
- Group ID (GID): The primary group ID. (stored in /etc/group file)
- User ID Info: The comment field. It allow you to add extra information about the users such as user's full name, phone number etc. This field use by finger command.
- Home directory: The absolute path to the directory the user will be in when they log in. If this directory does not exists then users directory becomes /
- Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell.
Now let us discuss some points about /etc/shadow
- User name : It is your login name.
- Password: It your encrypted password. The password should be minimum 6-8 characters long including special characters/digits.
- Last password change (lastchanged): Days since Jan 1, 1970 that password was last changed.
- Minimum: The minimum number of days required between password changes i.e. the number of days left before the user is allowed to change his/her password.
- Maximum: The maximum number of days the password is valid. (after that user is forced to change his/her password)
- Warn : The number of days before password is to expire that user is warned that his/her password must be changed.
- Inactive : The number of days after password expires that account is disabled.
- Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no longer be used.
Viewing login and process information
To view current and past login information
, you can use one of the following commands:
last - Displays historical login information.
who - Displays information about currently logged in users.
w - Displays a user's currently running process.
use man page to know its options
In next page you will see the about Linux group