A big part of Linux is managing users and groups. Eventually I will setup and configure LDAP, but until then I am just doing this on the local machine.
I made myself root so that I did not have to constantly type sudo.
# su -
Create three users in CentOS:
# useradd david # useradd christine # useradd ccf
Create a user that is not permitted to log in to the system. (Like when setting up Samba).
# useradd -s /usr/sbin/nologin no_login_test
Set passwords for the users:
# passwd david # passwd ccf # passwd christine
Set an expiration date for a user:
# usermod --expiredate=2015-03-29 ccf
Verify the expiration date:
# chage -l ccf
Creating Groups:
# groupadd test1 # groupadd test2 # groupadd developers
Add a user to a group or groups:
# usermod -G developers -a david # usermod -G test1 - a david
Verify which groups the user is now in:
# groups david david : david test 1 developers
Lock a user account (stops them from being able to login):
# usermod -L ccf
Unlock a user account (permits them to log back into the system):
# usermod -U ccf
Deleting a group:
# groupdel test2
Deleting a user – the -r switch deletes all traces of the user including their home directory.
# userdel -r ccf
Give a user root access
# gpasswd -a david wheel
This adds the user to the wheel group, and gives them sudo access to the system. I suppose no more visudo?
Log In as that user and test it out:
# sudo -l david # sudo yum search chrome
Change a users home directory.
Create/locate the directory you want to use for my experiment I created a new directory:
# mkdir /mnt/fake_home # usermod -d /mnt/fake_home christine
Verify that it worked:
# grep -E --color '/mnt/fake_home' /etc/passwd
christine:x:1002:1002::/mnt/fake_home:/bin/bash
Changing a user’s primary group.
First verify the users current group
# id christine
uid=1002(christine) gid=1002(christine) groups=1002(christine),1006(developer)
Now we will set the primary group to test1
# usermod -g test1 christine
Verify the change
# id christine
# uid=1002(christine) gid=1002(christine) groups=1004(test1),1006(developer)
Set an un-encrypted password for a user
# usermod -p password plinko
View the password:
# cat /etc/shadow | grep plinko
plinko:password:16522:0:99999:7:::
QUESTION: Why would anyone want to create an account with an unencrypted password?