[linux] Linux creates new users and groups, assigns permissions

1. Involved commands

adduser 用户名

useradd 选项 用户名
usermod 选项 用户名
userdel 选项 用户名

passwd 选项 用户名

groupadd 选项 用户组
groupmod 选项 用户组
groupdel 选项 用户组

2. User account management

2.1 Create a new user account

Note that it is best to use adduser to create a new user. Using useradd, ordinary users will not automatically create a home directory. When the user logs in for the first time, although the user can log in, an error will be reported: Could not chdir
to home directory /home/xxx: No such file or directory
/usr/bin/xauth: error in locking authority file /home/xxx/.Xauthority
and many commands cannot be used, such as ll

Recommended action summary

addgroup groupname1 #作为主组
addgroup groupname2 #作为从组
adduser username #默认操作，主组是username，shell是/bin/bash
usermod -s /bin/bash -g groupname1 -G groupname2 username

2.1.1 adduser

adduser helpdocs

adduser [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
[--firstuid ID] [--lastuid ID] [--gecos GECOS] [--ingroup GROUP | --gid ID]
[--disabled-password] [--disabled-login] [--add_extra_groups]
[--encrypt-home] USER
   Add a normal user

adduser --system [--home DIR] [--shell SHELL] [--no-create-home] [--uid ID]
[--gecos GECOS] [--group | --ingroup GROUP | --gid ID] [--disabled-password]
[--disabled-login] [--add_extra_groups] USER
   Add a system user

adduser --group [--gid ID] GROUP
addgroup [--gid ID] GROUP
   Add a user group

addgroup --system [--gid ID] GROUP
   Add a system group

adduser USER GROUP
   Add an existing user to an existing group

general options:
  --quiet | -q      don't give process information to stdout
  --force-badname   allow usernames which do not match the
                    NAME_REGEX[_SYSTEM] configuration variable
  --extrausers      uses extra users as the database
  --help | -h       usage message
  --version | -v    version number and copyright
  --conf | -c FILE  use FILE as configuration file

create user

adduser username1

The result is as shown below. You need to enter the password and enter it again to confirm. You can enter without filling in the following Full Name and Room Number. Enter is the default value. It is best to enter y to confirm.

Add an existing user to an existing group
Note: Here, groupname is the slave group of username1

adduser username1 groupname

2.1.2 useradd

useradd help documentation

Usage: useradd [options] LOGIN
       useradd -D
       useradd -D [options]

Options:
      --badnames                do not check for bad names
  -b, --base-dir BASE_DIR       base directory for the home directory of the
                                new account
      --btrfs-subvolume-home    use BTRFS subvolume for home directory
  -c, --comment COMMENT         GECOS field of the new account
  -d, --home-dir HOME_DIR       home directory of the new account
  -D, --defaults                print or change default useradd configuration
  -e, --expiredate EXPIRE_DATE  expiration date of the new account
  -f, --inactive INACTIVE       password inactivity period of the new account
  -g, --gid GROUP               name or ID of the primary group of the new
                                account
  -G, --groups GROUPS           list of supplementary groups of the new
                                account
  -h, --help                    display this help message and exit
  -k, --skel SKEL_DIR           use this alternative skeleton directory
  -K, --key KEY=VALUE           override /etc/login.defs defaults
  -l, --no-log-init             do not add the user to the lastlog and
                                faillog databases
  -m, --create-home             create the user's home directory
  -M, --no-create-home          do not create the user's home directory
  -N, --no-user-group           do not create a group with the same name as
                                the user
  -o, --non-unique              allow to create users with duplicate
                                (non-unique) UID
  -p, --password PASSWORD       encrypted password of the new account
  -r, --system                  create a system account
  -R, --root CHROOT_DIR         directory to chroot into
  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files
  -s, --shell SHELL             login shell of the new account
  -u, --uid UID                 user ID of the new account
  -U, --user-group              create a group with the same name as the user
  -Z, --selinux-user SEUSER     use a specific SEUSER for the SELinux user mapping
      --extrausers              Use the extra users database

The simplest, create a new user according to the default operation

useradd username1

Set the new user's home directory. The default directory is /home/username

useradd -d /home/username1 username1

Set the shell for new users to log in. Shell means shell, which is the shell of the Linux system kernel. The default shell for users is /bin/sh. Bash is an enhanced version of sh, and sh is a reduced version of bash. For specific differences, please refer to: sh and bash

useradd -s /bin/bash username1

Set up a new user group, provided that username1 has not been created before. The default grouping is the username itself

useradd -g groupname1 -G groupname2,groupname3 username1

2.2 View user and user group information

2.2.1 View the groups to which the current user belongs

The first one is the current group, the others are optional groups to which they belong.

groups

2.2.1 View all groups

cat /etc/group

2.2.1 View all users

cat /etc/passwd

/etc/passwd is a text file that contains information for each user necessary to log in to the Linux system. It saves the user's useful information and
contains 7 fields: user name, password, user ID, group ID, user ID information, user's home directory and Shell.

Username (magesh): The username of the created user, with a length of 1 to 12 characters.
Password (x): The encrypted password is stored in the `/etc/shadow file.
User ID (506): represents the ID number of the user, and each user must have a unique ID. UID number 0 is reserved for the root user, UID numbers 1 to 99 are reserved for system users, and UID numbers 100-999 are reserved for system accounts and groups.
Group ID (507): It represents the ID number of the group. Each group must have a unique GID, which is stored in the /etc/group file.
User information (2g Admin - Magesh M): Represents the description field, which can be used to describe the user's information (LCTT Annotation: The original text here is suspicious).
Home directory (/home/mageshm): represents the user's home directory.
Shell (/bin/bash): represents the shell type used by the user.

2.3 Modify user account

usermod help documentation

Usage: usermod [options] LOGIN

Options:
  -b, --badnames                allow bad names
  -c, --comment COMMENT         new value of the GECOS field
  -d, --home HOME_DIR           new home directory for the user account
  -e, --expiredate EXPIRE_DATE  set account expiration date to EXPIRE_DATE
  -f, --inactive INACTIVE       set password inactive after expiration
                                to INACTIVE
  -g, --gid GROUP               force use GROUP as new primary group
  -G, --groups GROUPS           new list of supplementary GROUPS
  -a, --append                  append the user to the supplemental GROUPS
                                mentioned by the -G option without removing
                                the user from other groups
  -h, --help                    display this help message and exit
  -l, --login NEW_LOGIN         new value of the login name
  -L, --lock                    lock the user account
  -m, --move-home               move contents of the home directory to the
                                new location (use only with -d)
  -o, --non-unique              allow using duplicate (non-unique) UID
  -p, --password PASSWORD       use encrypted password for the new password
  -R, --root CHROOT_DIR         directory to chroot into
  -P, --prefix PREFIX_DIR       prefix directory where are located the /etc/* files
  -s, --shell SHELL             new login shell for the user account
  -u, --uid UID                 new UID for the user account
  -U, --unlock                  unlock the user account
  -v, --add-subuids FIRST-LAST  add range of subordinate uids
  -V, --del-subuids FIRST-LAST  remove range of subordinate uids
  -w, --add-subgids FIRST-LAST  add range of subordinate gids
  -W, --del-subgids FIRST-LAST  remove range of subordinate gids
  -Z, --selinux-user SEUSER     new SELinux user mapping for the user account

2.3.1 Modify user groups

usermod -g groupname1 -G groupname2,groupname3 username1

2.3.2 Modify user name and account name

usermod -l newusrname username1

2.3.3 Modify user password

修改自己账号密码
passwd
修改别人账号密码，需要sudo或者root
sudo passwd username

2.3.4 Modify user home directory

usermod -d /newhomepath username1

2.4 User groups

2.4.1 Create user group

addgroup groupname
或者
adduser --group groupname
或者
groupadd groupname1

2.4.2 Delete user group

groupdel groupname1

2.4.3 User group switching

If a user belongs to multiple user groups at the same time, the user can switch between user groups to have the permissions of other user groups.
After logging in, the user can use the command newgrp to switch to another user group. The parameter of this command is the destination user group. For example:

newgrp groupname2

This command switches the current user to the groupname2 user group, provided that the groupname2 user group is indeed the user's primary group or additional group.

Reference links:

Linux user and user group management