Add New Users
# create user with a home directory and assign to group „users“
useradd newusername -m -G users
Change/Set Password
# command syntax
passwd [Optionen] [BENUTZERNAME]
Optionen: -a, --all Passwort-Status für alle Benutzernamen anzeigen -d, --delete Passwort für den Benutzernamen löschen -e, --expire Ablauf des Passworts für den Benutzernamen erzwingen -h, --help Diese Hilfe anzeigen, sonst nichts -k, --keep-tokens Passwort nur ändern falls abgelaufen -i, --inactive INAKTIV Passwort nach Ablauf von INAKTIV deaktivieren -l, --lock Benutzernamen sperren -n, --mindays MIN_TAGE Minimale Anzahl der Tage vor Passwortänderung auf MIN_TAGE setzen -q, --quiet Nicht so geschwätzig verhalten -r, --repository REPOSITORY Passwort ändern in REPOSITORY -R, --root CHROOT_VERZ Verzeichnis für chroot -S, --status Passwort-Status des Benutzerzugangs anzeigen -u, --unlock Benutzernamen entsperren -w, --warndays WARN_TAGE Anzahl der Tage für Ablaufwarnung auf WARN_TAGE setzen -x, --maxdays MAX_TAGE Maximale Anzahl der Tage vor Passwortänderung auf MAX_TAGE setze
# change own password
passwd
# change password of „root“ user
passwd root
Show Users
# list all users in password file
cut -d : -f 1 /etc/passwd | sort
Show Available Groups
# list all groups
cut -d : -f 1 /etc/group | sort
Delete Users
# command syntax
userdel [Options] username
Options: -f, --force force removal of files, even if not owned by user -h, --help display this help message and exit -r, --remove remove home directory and mail spool -R, --root CHROOT_DIR directory to chroot into -Z, --selinux-user remove any SELinux user mapping for the user
# delete a user, but do not delete his user data
userdel username
# delete a user and remove his home directory and e-mails
userdel -r username
Change User Accounts
# command syntax
usermod [options] USERNAME
Options: -c, --comment COMMENT new value of the GECOS field -d, --home HOME_DIR new home directory for the user account -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE -f, --inactive INACTIVE set password inactive after expiration to INACTIVE -g, --gid GROUP force use GROUP as new primary group -G, --groups GROUPS new list of supplementary GROUPS -a, --append append the user to the supplemental GROUPS mentioned by the -G option without removing him/her from other groups -h, --help display this help message and exit -l, --login NEW_LOGIN new value of the login name -L, --lock lock the user account -m, --move-home move contents of the home directory to the new location (use only with -d) -o, --non-unique allow using duplicate (non-unique) UID -p, --password PASSWORD use encrypted password for the new password -R, --root CHROOT_DIR directory to chroot into -s, --shell SHELL new login shell for the user account -u, --uid UID new UID for the user account -U, --unlock unlock the user account -v, --add-subuids FIRST-LAST add range of subordinate uids -V, --del-subuids FIRST-LAST remvoe range of subordinate uids -w, --add-subgids FIRST-LAST add range of subordinate gids -W, --del-subgids FIRST-LAST remvoe range of subordinate gids -Z, --selinux-user SEUSER new SELinux user mapping for the user account
# lock user account
usermod -L username
# unlock user account
usermod -U username