We need user account to use Linux. In other words, we can use Linux by logging in as a user. This is because the user who logged in has the use authority of Linux system.
By using group, we can handle plural users as one object which has same authority. By defining user accounts and groups appropriately, we can control access authority(readable, writable, executable) for files and directories.
Since the commands which create, change and delete groups and users, are management commands, it is necessary to perform by the root user who is the administrator.
In subsequent chapters, when executing some commands for system management, please perform them by root user. Even if it is performed by a general user by mistake, nothing happens or error message which tells us something appears.
In the example of this textbook, '$' prompt commands can be performed by user authority, but '#' prompt commands should be performed by root authority.
By your environment, you may not be able to become root user. The command which becomes root user is later mentioned in this chapter.
6.1.1 User
In order to exploit various resources, such as memory and a file, you can define user as minimum authority unit.
In addition to the initial users from installation, the system administrator can define users if needed.
A user's definition is described to /etc/passwd file.
In Linux, adding a new user by the useradd command, changing a user's definition by the usermod command, and deleting a user by the userdel command is recommended instead of editing /etc/passwd file directly by an editor.
6.1.2 Create User
The useradd command is used for creating a user newly. The user ID, which is a number, is assigned to the user. A user must belong to a group.
In order to use the new user as a login user, you have to register its password by the passwd command, which will be mentioned later.
Create a new user.
-c comment
Specify comment (character string).
-g group_name
Specify a primary group name. A group name is a group name which the /etc/group file defined.
-G group_name
Specify an auxiliary group.
-d
Specify the user’s home directory
-s
Specify a Shell. There are many distributions which specify /bin/bash by the default, and the user who does not log in specifies nologin.
-u user_ID_number
Specify the user’s ID number
|
Practice: Creating user account |
Let's specify user ID and create a user. First of all, a user ID number investigates whether the user of 1001 is registered into /etc/password file.
Next, make penguin user account, its user ID is 1001 and it belongs to users group.
The penguin user needed to be created by /etc/password file, or please investigate by the grep command.
# grep 1001 /etc/passwd ↵ User ID is unregistered if there is no matched line
# useradd -g users -u 1001 penguin ↵ A user is created
# grep penguin /etc/passwd ↵ Displaying the created user
penguin:x:1001:100::/home/penguin:/bin/bash
|
6.1.3 Modify User Account
The usermod command is used for modifying a user's account.
-
Modification of User Account
Modify a user account.
-c comment
Specify new comment (character string)
-g group_name
Specify new primary group name. The group name should be defined in the /etc/group file.
-G group_name
Specify new auxiliary group
-l user_name
Specify new user name in case of modifying current user name.
-u user_ID_number
Specify a new user ID number.
|
Practice: Modfying the comment of a user account |
Let's specify new comment after checking the penguin-user's comment.
Please check whether the penguin user's comment was added.
# grep penguin /etc/passwd ↵ Display the user account
penguin:x:1001:100::/home/penguin:/bin/bash
# usermod -c "Linux Professional Institute Certification" penguin ↵ Add comment
# grep penguin /etc/passwd ↵ Display the user account again for confirmation
penguin:x:1001:100:Linux Professional Institute Certification:/home/penguin:/bin/bash
#
|
6.1.4 Deleting User Account
The userdel command is used for deleting a user.
Delete a user account.
-r
Delete its home directory
|
Using this mv command, it can move src-file to dst-file.
Practice: Deleting a user account |
Let's delete penguin user after displaying a penguin user's information.
Please check that the penguin user is not registered.
# grep penguin /etc/passwd ↵ Check penguin user's information which is registered
penguin:x:1001:100:Linux Professional Institute Certification:/home/penguin:/bin/bash
# userdel penguin ↵ Delete penguin user
# grep penguin /etc/passwd ↵ Display penguin user’s information
# No line is displayed because the user was deleted
|
6.1.5 Group
A group is used in order to treat two or more users' authority collectively.
A user always belongs to one or more groups, and mainly belonging group is called primary group.
In addition to the defined groups from the beginning, the system administrator can define new group if needed.
The definition of a group is described to a /etc/group file.
In Linux, adding a new group by the groupadd command, changing the definition of a group by the groupmod command, and deleting a group by the groupdel command is recommended instead of editing the /etc/group file directly by an editor.
6.1.6 Creating Group
The groupadd command is used for creating a group newly.
The group ID, which is a number, is assigned to the group.
Since groupadd command is administration command, you need to execute it by root user.
Create a new group.
-g group_ID_number
Specify group ID number
|
Practice: Creating new group |
Let's check whether the group ID 1001 is registered into the /etc/group file.
The lpic group of the group ID 1001 is added.
Please check whether lpic group has been created in the /etc/group file by using grep command.
# grep 1001 /etc/group ↵ Check that group ID is not already used
# groupadd -g 1001 lpic ↵ Create new group named lpic
# grep lpic /etc/group ↵ Display new group which is created now
lpic:x:1001:
#
|
6.1.7 Modifying registered Group's information
The groupmod command is used for modifying the group’s information which is defined already.
-
Modification of registered group information
Modify the registered group information.
-n new_group_name
This is specified, when changing the existing group name.
-g new_group_ID
Modify current group ID. Since it is used by the system, less than 100 group ID cannot be specified.
|
Practice: Changing the current group name |
Display the information of lpic group.
Please check the information on linux group after changing the name of lpic group into linux.
# grep lpic /etc/group ↵ Display the current group
lpic:x:1001:
# groupmod -n linux lpic ↵ Change the group’s name
# grep linux /etc/group ↵ Display the group’s information
linux:x:1001:
#
|
6.1.8 Deleting Group
The groupdel command is used for deleting a group.
The information on the group registered is deleted by the groupdel command.
Only the group to which the user does not belong can be deleted.
Practice: Delete a group which is created |
Let's delete linux group after creating linux group.
Please check that the linux group was deleted.
# grep 1001 /etc/group ↵ Check that 1001 is not used as group ID.
# groupadd -g 1001 linux ↵ Create new group
# grep linux /etc/group ↵ Check the created group
linux:x:1001:
# groupdel linux ↵ Delete the group
# grep 1001 /etc/group ↵ Check that the group was deleted
# Since the group was deleted, nothing is displayed
|
