Friday, 16 November 2018

How to add users to groups in Linux ; How to remove users from groups

How to add users to groups in Linux; How to remove users from groups
From security reasons, the users and groups are very important in Unix and Linux systems. Every OS geek should know how to create users and groups, add users to groups or modify user and group account information.
In this article, I will teach you how to add users to groups in Linux.

How to create users with custom primary and secondary groups:

I will create the groups and set them as primary and secondary groups for the newly created user:
Creating the groups jim, michael, and johnson:
$ sudo groupadd jim
$ sudo groupadd michael
$ sudo groupadd johnson
Verifying if the groups have been created, and finding out their GIDs:
$ tail -3 /etc/group
jim:x:1039:
michael:x:1040:
johnson:x:1041:
Creating the test3 user with jim as a primary group and michael and johnson as secondary groups with useradd:
the -g  parameter is for adding the user to the primary group, and -G for the secondary groups. Only one group can be set as a primary group.
$ sudo useradd -g jim -G michael,johnson test3
$ id test3
uid=1015(test3) gid=1039(jim) groups=1039(jim),1040(michael),1041(johnson)
The GID displayed in the id commands' output is the ID of the primary group.
Creating the test4 user with the same primary and secondary groups as test3, by using the GIDs:
$ sudo useradd -g 1039 -G 1040,1041 test4
$ id test4
uid=1016(test4) gid=1039(jim) groups=1039(jim),1040(michael),1041(johnson)

How to add an existing user to primary and secondary groups:

I will create the user test5 and add him in primary and secondary groups, by using the names and the GIDs.
$ sudo usermod -g group3 -G group4,group5 test5
$ sudo -g 3000 -G 4000,5000 test6
Usermod is used for changing the user account information. The usermod command’s parameters are the same as the useradd parameters: -g for the primary group and -G for secondary groups.

How to remove users from secondary groups:

The gpasswd command is used for working with groups.
How to remove a user from a group with gpasswd: gpasswd -d username groupname.
$ id test4
uid=1016(test4) gid=1039(jim) groups=1039(jim),1040(michael),1041(johnson)
$ sudo gpasswd -d test4 johnson
Removing user test4 from group johnson
$ id test4
uid=1016(test4) gid=1039(jim) groups=1039(jim),1040(michael)
To remove a user’s primary group, set a new group as primary for that user and after that, remove the user from the old primary group.

_______________________________________________________________________________________


5 Useradd Command Examples, With Explanations


Now, I will show you 10 more useradd oneliners, for creating users in all the Linux and Unix systems.
Example 1.The most used useradd command:
$ sudo useradd -m -d /home/mike1 -s /bin/bash -c "the mike1 user" -U mike1
Explanation:
  • -m -d /home/mike1 : the -m argument creates the /home/mike1 homedirectory, specified by the -d argument
  • -s /bin/bash : the -s is used for specifying the user’s default shell, /bin/bash in this case
  • -c “message” : extra information about the user
Example 2:
$ sudo useradd -m -d /home/geeks/mike2 -s /bin/zsh -c "the mike2 user" -u 1099 -g 1050 mike2
Explanation:
  • -m -d /home/geeks/mike2 : the -m argument creates the /home/geeks/mike2 homedirectory, specified by the -d argument . as you can notice, the homedir can be different that /home/user_name
  • -s /bin/zsh : the -s is used for specifing the user’s default shell, /bin/zsh in the case
  • -c “the mike2 user” : extra information about the user
  • -u 1099 : the new user’s UID, in this case 1099
  • -g 1050 : the user belongs to the group with the 1050 GID
Example 3:
$ sudo useradd -m -d /home/mike3 -s /usr/sbin/nologin -c "nologin user" -u 1098 mike3
Explanation:
  • -m -d /home/mike3 : the -m argument creates the /home/mike3 homedirectory, specified by the -d argument
  • -s /usr/sbin/nologin : the -s is used for specifing the user’s default shell, in this case /usr/sbin/nologin . mike3 cannot login to the system with su, but can login by ssh. Read more about the nologin shells here.
  • -c “nologin user” : extra information about the user
  • -u 1098 : the new user’s UID, in this case 1098
Example 4:
$ sudo useradd -m -d /home/mike4 -k /etc/custom.skell -s /bin/tcsh -c "mike4 user" -u 1097 mike4
Explanation:
  • -m -d /home/mike4 : the -m argument creates the /home/mike4 homedirectory, specified by the -d argument
  • -s /bin/tcsh : the -s is used for specifing the user’s default shell, /bin/tcsh in this case
  • -k /etc/custom.skel : another skeleton directory, /etc/custom.skell in this case, different than the default skeleton directory /etc/skel
  • -c “mike4 user” : extra information about the user
  • -u 1097 : the new user’s UID, in this case 1097
Example 5:
$ sudo useradd -M -N -r -s /bin/false -c "system user" sys_user
Explanation:
  • -M : the -M argument tells the system not to create a home directory
  • -N : the -N argument tells the system not to create a group having the user’s name
  • -r : the -r arguments is for creating a system user
  • -s /bin/false : the -s is used for specifing the user’s default shell, /bin/false in this case. The users having /bin/false as the default shell, cannot login to the system. Read more about the nologin shells here.
  • -c “system user” : extra information about the user

1 comment:

  1. Great tips, many thanks for sharing. I have printed and will stick on the wall! I like this blog. FormaciĆ³n oficial de Linux LPI

    ReplyDelete