CMPD393 System Administration

Chapter 3:
User Management
 Objectives
• Examine /etc/group and /etc/passwd
• Create, modify, and delete user accounts with
useradd, usermod, and userdel
 Overview

System Allocate User Consists User ID (derives from

Administrator Account actual name of the user)

/etc/group
Where is every user
commonly
represented? /etc/passwd

Commands to view the content: /etc/gshadow

$ cat /etc/group
$ cat /etc/passwd /etc/shadow
 /etc/group
• Contains the group information for each account
• Group database is maintained in /etc/group
– Contains GID; number and name
• A group compromises one or more members
having a separate set of privileges
• A user has one primary group, AND may have
one or more supplementary group
• All the default groups are system account
specific groups and it is not recommended to
use them for ordinary accounts
 /etc/group

Field 1 Field 2 Field 3 Field 4

root::0:root
• Field 1: name GID
• Field 2: blank or x  hardly used today
• Field 3: numeric GID
• Field 4: list of user for which this is their
supplementary group
 /etc/group
root user’s supplementary group
root::0:root Line 1
staff::1: Line 2
bin::2:root,bin,daemon Line 3
sys::3:root,bin,sys,adm Line 4
lp::8:root,lp,adm Line 5

O Line 1: num. GID = 0, name GID = root, supplementary group for root
user
O Line 2: num. GID = 1, name GID = staff, no user has staff as
supplementary group.
O Line 3: [fill in the blank]
O Line 4: [fill in the blank]
O Line 5: [fill in the blank]
 /etc/group
• groupadd command: Adding a group
• Example: create a new group “dba” with a GID
of 241
groupadd –g 241 dba
 /etc/passwd
• Store all user information except password
encryption
• /etc/passwd and /etc/shadow – use by
login and passwd programs - authentication
 /etc/passwd

Numeric Comment or Login

Username UID GCOS shell

dc010101:x:210:241:Surizal Nazeri:/home/dc010101:bin/ksh

Password field Numeric Home Directory

(not used) GID
 /etc/passwd
dc010101:x:210:241:Surizal Nazeri:/home/dc010101:bin/ksh

• Username: name used to log on

• Password: no longer store user password. Replaced
by x
• UID: numerical user identification (unique)
• GID: user’s numerical group identification
• Comment or GCOS: user details
• Home directory: default initial location when logging
in
• Login shell: the first program executed after logging in
 /etc/shadow
• For every line in /etc/passwd, there’s a
corresponding entry in /etc/shadow
• /etc/shadow stores password encryption
dc010101:2u6VExtjjXHFk:12285::::::

Password
Encryption
 /etc/shadow & /etc/gshadow

• /etc/shadow − Holds the encrypted

password of the corresponding account. Not
all the systems support this file.
• /etc/gshadow − This file contains secure
group account information.
 Adding a User
• useradd command: add user to the system
• Also creates user’s mailbox – set MAIL variable
to point to /var/mail or /var/spool/mail

# useradd –u 210 –g dba –c “Surizal Nazeri” \

–d /home/dc010101 –s /bin/ksh –m dc010101

Options: -d: default initial location when logging in

-u: UID -s: Login shell
-g: GID -m: ensure create home directory
-c: Comment or GCOS
 Modifying Users
• usermod command: modify some of the
parameters set with useradd – for example
login shell (/bin/bash)
# usermod –s /bin/bash surizal
 Removing Users
• userdel command: remove user from the system
including data in /etc/passwd and
/etc/group

• Remove user
# userdel dc010101

• Remove user together with their home directory

# userdel –r dc010101
 Adding a group
• groupadd command: add group to the
system

# groupadd -g 123 mygroup

Options:
-g: GID
-f: This option causes to just exit with
-o: This option permits to add
success status, if the specified group
group with non-unique GID
already exists.
-r: This flag instructs groupadd to
g: If the specified GID already exists, other
add a system account
(unique) GID is chosen
 Modifying group

• To modify a group, use the groupmod syntax

# groupmod -n new_groupname old_groupname

• Here is how you will change the mygroup GID to 234

# groupmod -g 234 mygroup
 Removing group

• Delete an existing group, all you need is the

groupdel command and the group name
# groupdel mygroup
 References

1. Das, S. (2012). Your UNIX/LINUX The Ultimate

Guide: Third Edition. McGraw-Hill
2. Hahn, H. (2008). Harley Hahn's Guide to Unix and
Linux. California: McGraw-Hill Higher Education

This teaching material belongs to:

Systems and Networking Department,
College of Computing and Informatics,
Universiti Tenaga Nasional.