1. To create user use command useradd.
2. Whenever new user is created without specifying any other values then default values will be taken after creating user. You can check default values for any user creation using following commands.
user chris is created with id 1001 and user private group created named chris with 1001 group id (the group created with same name as user is called user private group).
3. User ID below 1000 are reserved for system use and should not assigned to any user and Group ID below 1000 are stored for system use and should not assigned to any group.
4. Once the user is created by default it is locked until you assign any password to it. After user is created 2 files get modified.
First field is name of user and second field x is indicating that system is using shadow password for this user. Third field is userid and fourth is gid and fifth blank field :: is used for user additional information like full name or phone number and sixth field is home directory and seventh field is home shell for that user.
In this file !! indicates that user is presently locked that means password is not yet assigned to this user.
5. Assign the password to user chris using passwd command.
Once we assign the password to user chris then shadow file entry for user chris gets changed with encrypted password now.
6. Whenever group is created /etc/group file gets updated with new entry.
Here x indicates the system using shadow password for this group.
And ! indicates that this group is locked i.e. not assigned to any password to this group.
7. Once the user’s home directory is created the files form /etc/skel is copied to /home/chris directory. /etc/skel contains all the default user setting files.
8. We can create new group Project using groupadd command.
/etc/group file appended with new group entry.
Here groupid 1002 is by default assigned to this group. We can change to this group id to 2002 using groupmod command.
9. To change the user chris default group from chris to project using usermod commands.
10. If you wanted to add chris into other group as well along with primary project you can do the same using same command usermod but with –aG (append group) command.
11. We can add users into group as well. We are adding users chris and lily into web group using gpasswd command.
12. You can change user ID and add user info using same command.
13. Usermod command is used to change the entries present in /etc/passwd file and to change the attribute from /etc/shadow file we can use change command.
To check default values of any user.
To change the password on next login make Last password change to 0.
To force user to change password within 30 days make max days between password change to 30.
To change warning days time from 7 to 5.
To make account never expire.
This is simple examples to play around managing users and groups in rhel.
One thought on “Manage local Users and Groups in Centos 7/RHEL 7”
excellent way of explanation easy to understand.. thanks a lot