Chapter 6. Users and Groups
The control of users and groups is a core element of Red Hat Enterprise Linux system administration.
Users can be either people, meaning accounts tied to physical users, or accounts which exist for specific applications to use.
Groups are logical expressions of organization, tying users together for a common purpose. Users within a group can read, write, or execute files owned by that group.
Each user and group has a unique numerical identification number called a userid (UID) and a groupid (GID) respectively.
A user who creates a file is also the owner and group owner of that file. The file is assigned separate read, write, and execute permissions for the owner, the group, and everyone else. The file owner can be changed only by the root user as well as access permissions can be changed by both the root user and the owner of the file.
Red Hat Enterprise Linux supports access control lists (ACLs) for files and directories which allow permissions for specific users outside of the owner to be set. For more information about using ACLs, refer to the chapter titled Access Control Lists in the System Administrators Guide.
Proper management of users and groups as well as the effective management of file permissions are among the most important tasks a system administrator undertakes. For a detailed look at strategies for managing users and groups, refer to the chapter titled Managing User Accounts and Resource Access in the Red Hat Enterprise Linux Introduction to System Adminitration guide.
6.1. User and Group Management Tools
Managing users and groups can be a tedious task, but Red Hat Enterprise Linux provides tools and conventions to make their management easier.
The easiest way to manage users and groups is through the graphical application, User Manager (
system-config-users
). For more information on User Manager, refer to the chapter titled User and Group Configuration in the System Administrators Guide.
The following command line tools can also be used to manage users and groups:
useradd
,usermod
, anduserdel
— Industry-standard methods of adding, deleting and modifying user accounts.groupadd
,groupmod
, andgroupdel
— Industry-standard methods of adding, deleting, and modifying user groups.gpasswd
— Industry-standard method of administering the/etc/group
file.pwck
,grpck
— Tools used for the verification of the password, group, and associated shadow files.pwconv
,pwunconv
— Tools used for the conversion of passwords to shadow passwords and back to standard passwords.
For an overview of users and group management, refer to the Red Hat Enterprise Linux Introduction to System Adminitration. For a detailed look at command line tools for managing users and groups, see the chapter titled User and Group Configuration in the System Administrators Guide.