Friday, June 8, 2012

User / Group management in Red Hat Linux Enterprise

One of the most common administrative tasks is working with user and group accounts. The commands i use most often are
  • useradd — Creates user login accounts 
The useradd command creates new user accounts and, when invoked with the
-D option, modifies the default values applied to new accounts. As a result, it can
be invoked in two ways. The syntax of the first form is

useradd [-c comment] [-d home_dir] [-e expire_date]
[-f inactive_time] [-g initial_group] [-G group[,...]] [-m [-k skeleton_dir] | -M]
[-p passwd] [-s shell] [-u uid [-o]] [-n] [-r] username

  • userdel — Deletes user login accounts
  • usermod — Modifies user login accounts
  • passwd — Sets or changes account passwords
The  passwd command, generally regarded as  “the password changing utility,”
actually has more capabilities than merely changing passwords. In general, it
updates all of a user’s authentication tokens, of which the login password is only
one. Its syntax is:

passwd [-dkluf] [-S] username

-d removes the password for username, disabling the account. -k causes passwd
to update only expired authentication tokens (passwords, in this case). -l or -u lock
or unlock, respectively, username’s password by placing and removing a ! in front
of username’s password in /etc/shadow. The -S option, finally, displays a short
status message about  username, indicating whether the account is locked or
unlocked, the kind of encryption used, and so forth.
  • chsh — Sets or changes a user’s default shell
chsh [-s shell ] [-l] [username]

-s  shell sets  username’s login shell to  shell. Unless configured otherwise,
shell can be the full pathname of any executable file on the system. One common
way to take advantage of this feature is to disable an account by setting shell to
/bin/false or another command that does not give the user a login prompt. Using
the -l option displays the shells listed in /etc/shells
  • chage — Modifies password expiration information

No comments:

Post a Comment