Tag Archives: quicknotes.users

Users on Linux

Quick notes on adding users in Linux. As they say,, check the man pages or get a good book on the subject for more detail. One such book, The Linux Cookbook by Carla Schroder, published by OReilly Press.

Adding new user.

To add a new user and have the system automatically generate them a home directory. Example for Sarah.
useradd -m Sarah

To include space for the GECOS data, use the comment option -c. Typically there are 5
fields. If you just want their full name listed, leave the other fields blank by adding
commas:
useradd -m m -c Sarah Johnson,,,, Sarah

Note, her login name will just be Sarah. This must be unique on the system. Once you’ve run this command, you need to set her password with:

passwd Sarah

You’re then prompted to enter and confirm the new password. There are other options with passwd. For example, -e, expire password at first login, forcing the user to choose a new one. –x specify how long the password will be valid for, in days. -w. Specify how many days before expiry the user should get a warning.

Preventing a user having shell access.

For example, if they have an account on the system just to retrieve email with a client. You need to indicate their shell access is:
/bin/nologin

As opposed to.
/bin/bash

or whatever shell you’re generally using.

You can use the usermod command to set this if the user already exists. Example, no shell access for Derek:
usermod -s /bin/nologin derek

If you’re adding a new user called jerry:
useradd -s /bin/nologin jerry

You can also directly edit passwd instead if you really want, however, it’s a good idea to back up files such as that before manually editing. For example.
cp /etc/passwd b/etc/bk.passwd

To suspend a users account, let’s call them Dan, probably the best way is to use:
passwd -l Dan

To rre-enable their account:
# passwd -u Dan

Again, this can also be done by manually editting the passwd file. I.e. putting an “!” mark at the beginning of the password field or replacing the “x” with an “*”.