Linux with Operating System Concepts

User Accounts
◾
357
• 
useradd –m –d /home/students/foo3
—create new user account foo3 with 
a home directory of /home/students/foo3
• 
useradd –m –s /bin/csh foo4
—create new user account foo4 with a login 
shell of /bin/csh
• 
useradd –m –u 1001 foo5
—create new user account foo5 with UID of 1001
• 
useradd –m –o –u 1001 foo5jr
—create new user account foo5jr who will 
have the same UID as foo5
• 
useradd –m –e 2015-12-31 –l –r backdoor
—interested in creating a 
backdoor account?
• 
useradd –l –M –N –s /sbin/nologin softwaretitle
—create an 
account for softwaretitle that has no group, no login, and no home directory, and is 
not logged in lastlog or faillog log files.
You can examine the defaults set up for useradd with the instruction 
useradd –D
. For 
instance, you might obtain output like
GROUP
=
100
HOME
=
/home
INACTIVE
=
-1
EXPIRE
=
SHELL
=
/bin/bash
SKEL
=
/etc/skel
CREATE_MAIL_SPOOL
=
yes
In this case, we see that the default directory and shell are /home and /bin/bash, respec-
tively, that the user’s home directory will be populated by the items found in /etc/skel (see 
Section 9.6), and that a mail spool file will automatically be created. INACTIVE specifies 
the number of days that must elapse after a user’s password has expired when their account 
becomes inactive. When the INACTIVE value is -1, there is no inactivity date. EXPIRE 
indicates the default by which new user accounts will expire. This might be set to say 12-31-
2015 if you know that all of the accounts you are about to create should expire on that date. 
Finally, GROUP
=
100 indicates that if a user is not given a private group (which will happen 
if you use the -N option in useradd), then the user is added to the group 
users
, which has 
a GID of 100.
You can also use the -D option to alter these defaults. For instance, to change the default 
shell to c-shell, use 
useradd –D –s /bin/csh
or to change the default home direc-
tory to /home/faculty, use 
useradd –D –d /home/faculty
. You can always reset these 
defaults. If you are creating two hundred new users and these users will all have the same 
shell, but not /bin/bash, alter the default to the new shell, create the two hundred new 
accounts, and then reset the default back to /bin/bash.

358
◾
Linux with Operating System Concepts
The 
groupadd
instruction is far simpler than useradd. The basic format is
groupadd 
groupname
The options available for groupadd are limited. Table 9.2 describes the most common 
ones. The primary option you might use is 
-
g to override the default GID. You might, for 
instance, group GIDs based on roles such as classification of group: students, faculty, staff 
having one set of GIDs (e.g., 101, 102, 103) and type of group: programmer, tester, designer, 
marketing using a different set of GIDs (e.g., 201, 202, 203, 204).
Let us consider an example scenario. You want to place any user who is not issued a 
private group account into a group other than 
users
(GID 100). We will call this group 
others
, which we will assign a GID of 205. First, we create the new group:
groupadd –g 205 others
Next, reset the GROUP default from 100 to 205 using
useradd –D –g 205
Note that for the 
-
D 
-
g combination to work, the GID must be an already-existing group 
ID. Now, when we use 
useradd –N 
username
, 
username
is automatically placed in 
the group 205 instead of 100. If we decide later to reset this so that such a user is placed in 
100, we use 
useradd –D –g 100
.
Whenever a new group is created, an entry is added to /etc/group. Since most user 
accounts generate a private group, a new user account will also add an entry to /etc/group. 
And since groups can have passwords, their passwords are placed in the file /etc/gshadow. 
So, any new group or user with private account causes a new entry to be placed into the 
/etc/gshadow file even though most groups do not have passwords.
9.2.3 Creating a Large Number of User Accounts
Both the GUI and the useradd command are simple to use if you can use the default val-
ues. If you are making numerous changes from the default, the GUI is certainly easier to 
use. So why then would anyone use the useradd command? Frankly, it will be less typing 
TABLE 9.2 
Common groupadd Options

Download 5,65 Mb.

Do'stlaringiz bilan baham: