User Management Tools

Ubuntu provides several command-line tools for managing users, but also provides graphical tools for such. Many experienced sysadmins prefer the command-line tools because they are quick and easy to use and they can be included in scripts if the sysadmin desires to script a repetitive task. Here are the most commonly used commands used to manage users:

useradd This command is used to add a new user account to the system. Its options permit the sysadmin to specify the user's home directory and initial group or to create the user with the default home directory and group assignments.

useradd -G This command sets the system defaults for creating the user's home directory, account expiration date, default group, and command shell. See the specific options in man useradd. Used without any arguments, it displays the defaults for the system. The default set of files for a user are found in /etc/skel.

Note

The set of files initially used to populate a new user's home directory are kept in /etc/skel. This is convenient for the system administrator because any special files, links, or directories that need to be universally applied can be placed in /etc/skel and will be duplicated automatically with appropriate permissions for each new user.

drwxr-xr-x 2 root root 4096 2006-04-27 04:18 .

drwxr-xr-x 110 root root 4096 2006-05-31 21:24 ..

-rw-r—r— 1 root root 220 2006-04-21 23:51 .bash_logout

-rw-r—r— 1 root root 414 2006-04-21 23:51 .bash_profile

-rw-r—r— 1 root root 2227 2006-04-21 23:51 .bashrc lrwxrwxrwx 1 root root 26 2006-05-07 15:29 Examples ->\

/usr/share/example-content

Each line provides the file permissions, the number of files housed under that file or directory name, the file owner, the file group, the file size, the creation date, and the filename.

As you can see, root owns every file here, but the adduser command (a symbolic link to the actual command named useradd) copies everything in /etc/skei to the new home directory and resets file ownership and permissions to the new user.

Certain user files might exist that the system administrator doesn't want the user to change; the permissions for those files in /home/username can be reset so that the user can read them but can't write to them.

userdel This command completely removes a user's account (thereby eliminating that user's home directory and all files it contains).

passwd This command updates the "authentication tokens" used by the password management system.

To lock a user out of his account,

# passwd -l username use the following command:

This prepends an ! (exclamation point, also called a bang) to the user's encrypted password; the command to reverse the process uses the -u option. This is a more elegant and preferred solution to the problem than the traditional UNIX way of manually editing the file.

usermod This command changes several user attributes. The most commonly used arguments are -s to change the shell and -u to change the UID. No changes can be made while the user is logged in or running a process.

chsh This command changes the user's default shell. For Ubuntu, the default shell is /bin/bash, known as the Bash, or Bourne Again Shell.

Was this article helpful?

0 0

Post a comment