If you administer a Linux server, you very likely will have to create users and groups. Without knowing how to create users, you will find yourself limited in a few crucial ways. First off, new users cannot be added to a system. Second, you might find yourself having to create a user in order to install a piece of software. As for groups: Beyond having to create groups for successful installation of certain software, this is a great way to control user permissions for directories.
Chances are you will also have to do this from the command line. Because of the necessity of this task I want to walk you through the process of:
- Creating users
- Creating groups
- Adding users to groups
Let’s dive in, so you can up your Linux admin game.
For this, we will be making use of the useradd command. This command is pretty flexible and allows you to create users that can login or even users that cannot login (in the case of creating a user for a software installation).
The basic syntax of the command is:
useradd [options] username
Say, you want to create the user olivia such that she has a home directory and can log in. If you were to issue the command:
sudo useradd olivia
The user would be added, without a home directory and be locked out of logging in. Instead of issuing the command without arguments, let’s go with this:
sudo useradd -m olivia
The above command would create the user and also create the user’s home directory to match the username. So if you looked in the /home directory, you would now see olivia.
But what about that lockout issue? There are two ways you can do this. If you’ve already created the user, you could issue the command:
sudo passwd olivia
You will be prompted to enter and verify the new password. At this point, the user account will be unlocked and they can login.
If you want to do this all in a single step, that command would look like this:
sudo useradd -m olivia -p PASSWORD
Where PASSWORD is the password you want to use for the user olivia.
Once the user logs in, they can change their password by using the passwd command, entering their current password, and then entering/verifying their new password.
If you need to create a user that has no home directory and is locked out from logging in, you can do this with the the following commands:
sudo useradd -M USERNAME
âsudo usermod -L USERNAME
Where USERNAME is the name of the user to add.
The first command creates the user without a home directory and the second command locks the user out of logging in.
Creating groups and adding users
Now it’s time to create a group. Let’s create the group editorial. To do this, you would issue the command:
sudo groupadd editorial
Now we want to add our new user, olivia, to the group editorial. For this we will take advantage of the usermod command. This command is quite simple to use.
sudo usermod -a -G editorial olivia
The -a option tells usermod we are appending and the -G option tells usermod we are appending to the group name that follows the option.
How do you know which users are already a member of a group? You can do this the old-fashioned way like so:
grep editorial /etc/group
The above command will list pertinent information about the group (Figure A).
Another method for finding out who is in a group is with the command members. This command isn’t installed on most distributions, but can be installed from the standard repositories. If you’re using a Ubuntu distribution, the command for installation would be:
sudo apt-get install members
Once installed, the command for listing out who is in our editorial group would be:
That’s much more efficient than using grep and will only display the member names for the group (Figure B).
User management made simple
If you were concerned that managing users on Linux would be a challenge, you should now be able to set those concerns aside. Truth be told, user management on Linux is quite simple — you just need to know which commands to work with. For more information about these tools, issue the commands man useradd, man groupadd, man usermod, and man members.