Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
3.4. Managing Users via Command-Line Tools
When managing users via command line, the following commands are used:
useradd, usermod, userdel, or passwd. The files affected include /etc/passwd which stores user accounts information and /etc/shadow, which stores secure user account information.
3.4.1. Creating Users
The
useradd utility creates new users and adds them to the system. Following the short procedure below, you will create a default user account with its UID, automatically create a home directory where default user settings will be stored, /home/username/, and set the default shell to /bin/bash.
- Run the following command at a shell prompt as
rootsubstituting username with the name of your choice:Copy to Clipboard Copied! Toggle word wrap Toggle overflow useradd username
useradd username - By setting a password unlock the account to make it accessible. Type the password twice when the program prompts you to.
Copy to Clipboard Copied! Toggle word wrap Toggle overflow passwd
passwd
Example 3.1. Creating a User with Default Settings
~]# useradd robert ~]# passwd robert Changing password for user robert New password: Re-type new password: passwd: all authentication tokens updated successfully.
~]# useradd robert
~]# passwd robert
Changing password for user robert
New password:
Re-type new password:
passwd: all authentication tokens updated successfully.
Running the
Copy to Clipboard
Copied!
Toggle word wrap
Toggle overflow
useradd robert command creates an account named robert. If you run cat /etc/passwd to view the content of the /etc/passwd file, you can learn more about the new user from the line displayed to you:
robert:x:502:502::/home/robert:/bin/bash
robert:x:502:502::/home/robert:/bin/bashrobert has been assigned a UID of 502, which reflects the rule that the default UID values from 0 to 499 are typically reserved for system accounts. GID, group ID of User Private Group, equals to UID. The home directory is set to /home/robert and login shell to /bin/bash. The letter x signals that shadow passwords are used and that the hashed password is stored in /etc/shadow.
If you want to change the basic default setup for the user while creating the account, you can choose from a list of command-line options modifying the behavior of
useradd (see the useradd(8) man page for the whole list of options). As you can see from the basic syntax of the command, you can add one or more options:
useradd [option(s)] username
useradd [option(s)] username
As a system administrator, you can use the
-c option to specify, for example, the full name of the user when creating them. Use -c followed by a string, which adds a comment to the user:
useradd -c "string" username
useradd -c "string" usernameExample 3.2. Specifying a User's Full Name when Creating a User
~]# useradd -c "Robert Smith" robert ~]# cat /etc/passwd robert:x:502:502:Robert Smith:/home/robert:/bin/bash
~]# useradd -c "Robert Smith" robert
~]# cat /etc/passwd
robert:x:502:502:Robert Smith:/home/robert:/bin/bash
A user account has been created with user name
robert, sometimes called the login name, and full name Robert Smith.
If you do not want to create the default
/home/username/ directory for the user account, set a different one instead of it. Execute the command below:
useradd -d home_directory
useradd -d home_directoryExample 3.3. Adding a User with non-default Home Directory
~]# useradd -d /home/dir_1 robert
~]# useradd -d /home/dir_1 robert
robert's home directory is now not the default /home/robert but /home/dir_1/.
If you do not want to create the home directory for the user at all, you can do so by running
useradd with the -M option. However, when such a user logs into a system that has just booted and their home directory does not exist, their login directory will be the root directory. If such a user logs into a system using the su command, their login directory will be the current directory of the previous user.
useradd -M username
useradd -M username
If you need to copy a directory content to the
/home directory while creating a new user, make use of the -m and -k options together followed by the path.
Example 3.4. Creating a User while Copying Contents to the Home Directory
The following command copies the contents of a directory named
/dir_1 to /home/jane, which is the default home directory of a new user jane:
~]# useradd -m -k /dir_1 jane
~]# useradd -m -k /dir_1 jane
As a system administrator, you may need to create a temporary account. Using the
useradd command, this means creating an account for a certain amount of time only and disabling it at a certain date. This is a particularly useful setting as there is no security risk resulting from forgetting to delete a certain account. For this, the -e option is used with the specified expire_date in the YYYY-MM-DD format.
Note
Do not confuse account expiration and password expiration. Account expiration is a particular date, after which it is impossible to log in to the account in any way, as the account no longer exists. Password expiration, the maximum password age and date of password creation or last password change, is the date, when it is not possible to log in using the password (but other ways exist, such as logging in using an SSH key).
useradd -e YYYY-MM-DD username
useradd -e YYYY-MM-DD usernameExample 3.5. Setting the Account Expiration Date
~]# useradd -e 2015-11-05 emily
~]# useradd -e 2015-11-05 emily
The account
emily will be created now and automatically disabled on 5 November, 2015.
User's login shell defaults to
/bin/bash, but can be changed by the -s option to any other shell different from bash, ksh, csh, tsh, for example.
useradd -s login_shell username
useradd -s login_shell usernameExample 3.6. Adding a User with Non-default Shell
~]# useradd -s /bin/ksh robert
~]# useradd -s /bin/ksh robert
This command creates the user
robert which has the /bin/ksh shell.
The
-r option creates a system account, which is an account for administrative use that has some, but not all, root privileges. Such accounts have a UID lower than the value of UID_MIN defined in /etc/login.defs, typically 500 and above for ordinary users.
useradd -r username
useradd -r username
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}