Although Fedora comes with an excellent graphical tool to manage your users (system-config-users), there are times, for example when administering a server through SSH, that user management has to be done from command line.
All operations can be done using the following commands:
id, useradd, usermod, userdel, groupadd, groupdel, groupmod, passwd
These exist in every Linux distribution with slight differences in each command’s supported options. The following info applies to Fedora Core and other Red Had based distros.
The id command prints information for a certain user. Use it like this:
# id username
Create a user
To create a new user:
# useradd -c "My Example User" username # passwd username
The created user is initially in an inactive state. To activate the user you have to assign a password with passwd. Some useful useradd options include the following:
-c : sets a comment for the user.
-s : is used in order to define the user’s default login shell. If not used, then the system’s default shell becomes the user’s default login shell.
-r : creates a user with UID<500 (system account)
-d : sets the user’s home directory. If not used, the default home directory is created (/home/username/)
-M : the home directory is not created. This is useful when the directory already exists.
To create a user that does not have the ability to login to a shell, issue the following commands:
# useradd -c "This user cannot login to a shell" -s /sbin/nologin username # passwd username
Change the user’s password
To change a user’s password:
# passwd username
If it’s used without specifying a username, then the currently logged in user’s password is changed.
Add a user to a group
Usermod is used to modify a user account’s settings. Check the man page for all the available options. One useful use of this command is to add a user to a group:
# usermod -a -G group1 username
The -a option is critical. The user is added to group1 while he continues to be a member of other groups. If it’s not used, then the user is added only to group1 and removed from any other groups. So, take note!
Remove a user from a group
Removing a user from a group is a bit trickier. Unfortunately, there is no direct command, at least not in Fedora or RHEL, that can do that from command line. At first you need to get a list of groups that your user is a member of:
# id -nG username group1 group2 group3 ....
Then you need to put all these groups as a comma-separated list to the usermod -G option, except for the group from which you want the user to be removed. So, to remove the user from group2, issue the command:
# usermod -G group1,group3,... username
Lock and Unlock user accounts
Other common usermod uses are to lock and unlock user accounts. To lock out a user:
# usermod -L username
To unlock the user:
# usermod -U username
Delete a user
Userdel is used to delete a user account. If the -r option is used then the user’s home directory and mail spool are deleted too:
# userdel -r username
Create a new group
To create a new group, issue the command:
# groupadd groupname
The -r option can be used to create a group with GID<500 (system).
Change a group’s name
Groupmod can be used to change a group name:
# groupmod -n newgroupname groupname
Delete a group
Groupdel can delete a group:
# groupdel groupname
In order to delete a user’s primary group (usually this is the group with name equal to the username) the respective user must be deleted previously.
You can find more info in the man pages, but these will do in most cases.
User management from the command line by George Notaras is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
Permissions beyond the scope of this license may be available at Licensing Information.
Copyright © 2005 - Some Rights Reserved