Management of User Accounts
|(as root) Create a new account (you must be root). E.g., useradd barbara Don't forget to set up the password for the new user in the next step. The user home directory (which is created) is /home/user_name. You may also use an equivalent command adduser user_name.
|ls -l /home/peter
useradd peter -u 503 -g 503
|(as root). Create an account to match an existing directory (perhaps from previous installation). If the user ID and the group ID (shown for each file) were both 503, I create an account with a matching user name, the user ID (UID) and the group ID (GID). This avoids the mess with changing the ownership of user files after a system upgrade.
||Remove an account (you must be a root). The user's home directory and the undelivered mail must be dealt with separately (manually because you have to decide what to do with the files). There is also groupdel to delete groups.
||(as root) Create a new group on your system. Non-essential on a home machine, but can be very handy even on a home
machine with a small number of users.
For example, I could create a group "friends", using groupadd friends then edit the file /etc/group,
and add my login name and the names of my friends to the line that
lists the group, so that the final line might look like this:friends:x:502:stan,pete,marie
Then, I can change the permissions on a selected
file so that the file belongs to me AND the group "friends".
chgrp friends my_file
Thus, the listed members of this group have
special access to these files that the rest of the world might not
have, for example read and write permission:
chmod g=rw,o= my_file
The alternative would be go give write permission
to everybody, which is definitely unsafe even on a home computer.
||List the groups to which the current user belongs.
Or I could use groups john to find to which groups the user john
|(as root) Two command-line utilities to modify
user accounts and groups without manual editing of the files
/etc/shadow /etc/group and /etc/gshadow.
||(as root) Menu-driven user configuration tools
(password policy, group modification, adding users, etc). Part of
package, but can be run separately.
||Change the password on your current account. If
you are root, you can change the password for any user using: passwd
||(="change full name"). Change the
information about you (full name, office number, phone number, etc).
This information is displayed when the finger
command is run on your login_name.
|chage -M 100 login_name
||(= "change age"). Set the password expiry to 100 days for the user named login_name .
|A set of commands to manage user disk quotas.
Normally not used on a home computer. "Disk quota" means
per-user limits on the usage of disk space. The commands
(respectively) display the user quota, set the user quota, turn the
quota system on the for a given file system (/dev/hda
in the above example), turn the quota system off, display quota
statistics. "Typical" Linux distros I have seen set on
default: no limits for all users, and the quota system is off on all
||(as root, in X terminal) Manage users and groups
using a GUI. Nice and probably covering most of what you may
normally need to manage user accounts.
|chmod perm filename
||(=change mode) Change the file access permission
for the files you own (unless you are root in which case you can
change any file). See File Access Permissions for details.
Change the file owner and group. You should use
these two commands after you copy a file for use by somebody else.
Only the owner of a file can delete it.
List attributes for the file(s). Not very often
used because the most interesting attributes are still not
implemented. The attributes can be changed using the chattr
command. The attributes are: A (=don't update a time when the file is
modified), S (=synchronous updates), a (=append only possible to this
file), c (=file compressed on the kernel level, not implemented yet),
i (=immutable file), d (=no dump), s (=secure deletion), and u
(undeletable, not implemented yet). An interesting usage may be to
make a file undeletable even by root (until s/he clears the
/sbin/shutdown -h now
(as a regular user, I will be prompted for my user
password) Run the command "shutdown" (or another command
which you have been given permission to run by your system
administrator). With sudo,
the administrator can give selected users the rights to run selected
commands, without handing out the root password. The file
must be configured to contain something like:
my_host_computer_name = /sbin/shutdown
(as root, two commands). Verify the integrity of
the password and group files.
(as root) Unlikely you need these commands. They
convert old-style password and group files to create the more-secure