User account management mainly related to adding user accounts, modify, and delete.
Add user accounts is to create a new account in the system, and then assign users to a new account number, user group, home directory and login Shell and other resources. Just add the account is locked and can not be used.
1, add a new user account using the useradd command, its syntax is as follows:
useradd Options Username
Parameter Description:
Options:
-c comment Specifies the description of a comment.
-d directory Specifies the user's home directory, if this directory does not exist, you can use the -m option, you can create a home directory.
-g group of users specify the user group they belong to.
-G group of users, user groups, specify additional groups the user belongs.
-s Shell file specifies a user's login Shell.
-u user specifies the user number user number, if there are -o option, you can re-use other user identification number.
username:
Specifies the login name of the new account.
Example 1
# useradd –d /home/sam -m sam
This command creates a user sam, where -d and -m option is used to generate a home directory / home / sam (/ home is the parent directory of the default user's home directory is located) for the login name sam.
Example 2
# useradd -s /bin/sh -g group –G adm,root gem
This command creates a GEM user, the user's login Shell is / bin / sh, a user group it belongs to the group, but also belong to the root and adm user groups, the user group is a group wherein the primary group.
There may be a new group: #groupadd group and groupadd adm
Increase user account is in the / etc / passwd file, a record increase for new users, while updating other system files such as / etc / shadow, / etc / group and so on.
Linux provides integrated systems management tools userconf, which can be used for unified management of user accounts.
2, delete account
If a user account is no longer used, can be removed from the system. To delete a user account is / etc / passwd and other system files to delete the user record, if necessary, delete the user's home directory.
Delete an existing user account userdel command using the following format:
userdel username Options
Common option is -r, its role is to delete along with the user's home directory.
E.g:
# userdel -r sam
This command removes the user in a system file sam (mainly / etc / passwd, / etc / shadow, / etc / group, etc.) recording, deleting user's home directory.
3. Modify Account
Modify user account is about to change the attributes of a user based on the actual situation, such as the number of users, home directories, user groups, such as Shell login.
Modify existing user information usermod command using the following format:
usermod options Username
Common options include -c, -d, -m, -g, -G, -s, -u and -o, etc., meaning these options with useradd command options, as you can specify a new value for the resource users.
In addition, some systems can use the options: -l new user name
This option specifies a new account, the original user name soon changed to a new user name.
E.g:
# usermod -s /bin/ksh -d /home/z –g developer sam
This command sets the user's login sam Shell modified to ksh, the main directory to / home / z, the user group to developer.
4, user password management
An important part of user management is user password management. Just create a user account without a password, the system is locked but can not use, you must assign a password before you can use even specify an empty password.
Specify and modify user passwords Shell command is passwd. Superuser can specify a password for yourself and other users, ordinary users can only use it to modify their own password. Format command is:
passwd username option
Options can be used:
-l Lock password, which disables the account.
-u password to unlock.
-d the account without a password.
-f forced to change password when users log in next time.
If the default user name, then modify the current user's password.
For example, assume that the current user is a SAM, the following command to modify the user's own password:
$ passwd
Old password:******
New password:*******
Re-enter new password:*******
If the super user, you can specify any user's password using the following form:
# passwd sam
New password:*******
Re-enter new password:*******
When ordinary users to change their passwords, passwd command will check the original password, and then verify that require users to enter a new password twice, enter the same password twice if, then the password assigned to the user; and the super user to specify a password for the user when you do not need to know the original password.
For reasons of system security, the user should select the more complex the password, for example, preferably using an 8-bit password, the password includes uppercase, lowercase letters and numbers, and should name, birthday, etc. differ.
When you specify an empty password for the user, execute the following command in the form:
# passwd -d sam
This command deletes the user sam's password, this user sam time they log, the system does not allow the user to login.
You can also lock the passwd command with -l (lock) the options for a user, it can not log in, such as:
# passwd -l sam