Linux Know-How provides a collection of introductory texts on often needed Linux skills.

Management of User Accounts

Command Explanation/Remarks
useradd user_name
passwd user_name
(as root) Create a new account (you must be root). E.g., useradd barbara Don't forget to set up the password for the new user in the next step. The user home directory (which is created) is /home/user_name. You may also use an equivalent command adduser user_name.
ls -l /home/peter
useradd peter -u 503 -g 503
(as root). Create an account to match an existing directory (perhaps from previous installation). If the user ID and the group ID (shown for each file) were both 503, I create an account with a matching user name, the user ID (UID) and the group ID (GID). This avoids the mess with changing the ownership of user files after a system upgrade.
userdel user_name Remove an account (you must be a root). The user's home directory and the undelivered mail must be dealt with separately (manually because you have to decide what to do with the files). There is also groupdel to delete groups.
groupadd group_name (as root) Create a new group on your system. Non-essential on a home machine, but can be very handy even on a home machine with a small number of users.

For example, I could create a group "friends", using groupadd friends then edit the file /etc/group, and add my login name and the names of my friends to the line that lists the group, so that the final line might look like this:


Then, I can change the permissions on a selected file so that the file belongs to me AND the group "friends".

chgrp friends my_file

Thus, the listed members of this group have special access to these files that the rest of the world might not have, for example read and write permission:

chmod g=rw,o= my_file

The alternative would be go give write permission to everybody, which is definitely unsafe even on a home computer.

groups List the groups to which the current user belongs. Or I could use groups john to find to which groups the user john belongs.
(as root) Two command-line utilities to modify user accounts and groups without manual editing of the files /etc/passwd /etc/shadow /etc/group and /etc/gshadow. Normally non-essential.
userconf (as root) Menu-driven user configuration tools (password policy, group modification, adding users, etc). Part of linuxconf package, but can be run separately.
passwd Change the password on your current account. If you are root, you can change the password for any user using: passwd user_name
chfn (="change full name"). Change the information about you (full name, office number, phone number, etc). This information is displayed when the finger command is run on your login_name.
chage -M 100 login_name (= "change age"). Set the password expiry to 100 days for the user named login_name .
quota username
setquota username
quotaon /dev/hda
quotaoff /dev/hda
A set of commands to manage user disk quotas. Normally not used on a home computer. "Disk quota" means per-user limits on the usage of disk space. The commands (respectively) display the user quota, set the user quota, turn the quota system on the for a given file system (/dev/hda in the above example), turn the quota system off, display quota statistics. "Typical" Linux distros I have seen set on default: no limits for all users, and the quota system is off on all file systems.
kuser (as root, in X terminal) Manage users and groups using a GUI. Nice and probably covering most of what you may normally need to manage user accounts.
chmod perm filename (=change mode) Change the file access permission for the files you own (unless you are root in which case you can change any file). See File Access Permissions for details.

chown new_ownername filename

chgrp new_groupname filename

Change the file owner and group. You should use these two commands after you copy a file for use by somebody else. Only the owner of a file can delete it.

lsattr files

List attributes for the file(s). Not very often used because the most interesting attributes are still not implemented. The attributes can be changed using the chattr command. The attributes are: A (=don't update a time when the file is modified), S (=synchronous updates), a (=append only possible to this file), c (=file compressed on the kernel level, not implemented yet), i (=immutable file), d (=no dump), s (=secure deletion), and u (undeletable, not implemented yet). An interesting usage may be to make a file undeletable even by root (until s/he clears the attribute).

sudo /sbin/shutdown -h now

(as a regular user, I will be prompted for my user password) Run the command "shutdown" (or another command which you have been given permission to run by your system administrator). With sudo, the administrator can give selected users the rights to run selected commands, without handing out the root password. The file /etc/sudoers must be configured to contain something like:

my_login_name my_host_computer_name = /sbin/shutdown



(as root, two commands). Verify the integrity of the password and group files.



(as root) Unlikely you need these commands. They convert old-style password and group files to create the more-secure "shadow" files.

Last Update: 2010-12-16