Scribd
Upload
24 views10 pages

02 Managing Local Users

This document is a comprehensive tutorial on creating and managing local users in CentOS 7, covering topics such as user account creation, password management, and user account defaults. It includes commands for creating, modifying, and deleting user accounts, as well as managing password aging and shadow data. The tutorial also features hands-on labs to practice the concepts learned.

Uploaded by

Stephen Efange
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
24 views10 pages

02 Managing Local Users

This document is a comprehensive tutorial on creating and managing local users in CentOS 7, covering topics such as user account creation, password management, and user account defaults. It includes commands for creating, modifying, and deleting user accounts, as well as managing password aging and shadow data. The tutorial also features hands-on labs to practice the concepts learned.

Uploaded by

Stephen Efange
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 10

Creating and Managing Local Users in

CentOS 7
A Comprehensive Tutorial with Labs and Examples

Table of Contents
1. Introduction to User Accounts
2. The id Command
3. Creating User Accounts
4. Managing User Passwords
5. Password Aging and Shadow Data
6. User Account Defaults
7. Modifying and Deleting User Accounts
8. Summary and Key Takeaways
9. Hands-On Labs

1. Introduction to User Accounts


In Linux, every user must have:

 A User ID (UID) – A unique numerical identifier.


 A Group ID (GID) – The primary group for the user.
 Additional secondary groups (optional).

User accounts are stored in:

 /etc/passwd (User details)


 /etc/shadow (Encrypted passwords & aging info)

 /etc/group (Group memberships)

2. The id Command
Displays user and group information.

Basic Usage
bash

Copy
Download
id # Shows current user info
id root # Shows info for root

Useful Options

Option Description Example

-u Display UID id -u

-g Display GID id -g

-G All group IDs id -G

-Gn Group names id -Gn

Example:
bash

Copy
Download
$ id -Gn tux
tux wheel
3. Creating User Accounts
Basic User Creation
bash

Copy
Download
sudo useradd user1 # Creates user1 with default settings
sudo passwd user1 # Sets password for user1

Customizing User Creation

Option Description Example

-m Create home dir useradd -m user2

-N No private group useradd -N user3

-g Primary group useradd -g users user4

-G Secondary groups useradd -G adm,ftp user5

-s Default shell useradd -s /bin/sh user6

Example:
bash

Copy
Download
sudo useradd -m -G adm -s /bin/bash user2

Verifying User Creation


bash

Copy
Download
tail -n 1 /etc/passwd # Shows last created user
ls /home # Checks home directory creation
4. Managing User Passwords
Setting Passwords
bash

Copy
Download
sudo passwd user1 # Interactive password setting

Non-Interactive Password Setting


bash

Copy
Download
echo "user2:Password123" | sudo chpasswd

Locking & Unlocking Accounts


bash

Copy
Download
sudo passwd -l user1 # Locks user1
sudo passwd -u user1 # Unlocks user1

Checking Password Status:


bash

Copy
Download
sudo grep user1 /etc/shadow

 !! = Locked account

 Encrypted hash = Active password

5. Password Aging and Shadow Data


Viewing Password Aging
bash
Copy
Download
sudo chage -l user1

Modifying Password Aging

Option Description Example

-M Max password age (days) sudo chage -M 90 user1

-m Min password age sudo chage -m 7 user1

-W Warning period sudo chage -W 7 user1

Example:
bash

Copy
Download
sudo chage -M 60 -m 7 -W 7 user1

Shadow File Structure


bash

Copy
Download
sudo grep user1 /etc/shadow

 Format: username:password:last_change:min:max:warn:inactive:expire

6. User Account Defaults


Viewing Defaults
bash

Copy
Download
sudo useradd -D
Modifying Defaults

Option Description Example

-b Default home dir sudo useradd -D -b /home/users

-s Default shell sudo useradd -D -s /bin/sh

-g Default group sudo useradd -D -g users

Example:
bash

Copy
Download
sudo useradd -D -s /bin/bash

Configuration Files

 /etc/login.defs → Password & UID/GID defaults

 /etc/default/useradd → Home dir, shell, group

7. Modifying and Deleting User Accounts


Modifying Users (usermod)

Option Description Example

-c
Comment (Full sudo usermod -c "John Doe" user1
Name)

-s Change shell sudo usermod -s /bin/zsh user1

-G Add secondary groups sudo usermod -aG adm user1

Example:
bash
Copy
Download
sudo usermod -aG wheel user1 # Grants sudo access

Deleting Users (userdel)


bash

Copy
Download
sudo userdel user1 # Keeps home directory
sudo userdel -r user1 # Deletes home dir & mail spool

Cleaning Up Files:
bash

Copy
Download
sudo find / -uid 1001 -delete # Removes files owned by UID 1001

8. Summary and Key Takeaways


Task Command

Check user info id, id username

Create user sudo useradd -m username

Set password sudo passwd username

Lock account sudo passwd -l username

Modify aging sudo chage -M 90 username

Modify user sudo usermod -s /bin/bash username

Delete user sudo userdel -r username


9. Hands-On Labs
Lab 1: Create and Configure a User

1. Create a user labuser with a home directory.

bash

Copy

Download

sudo useradd -m labuser

2. Set a password for labuser.


bash

Copy

Download

sudo passwd labuser

3. Add labuser to the wheel group (for sudo access).


bash

Copy

Download

sudo usermod -aG wheel labuser

4. Verify the changes.


bash

Copy

Download

id labuser
grep labuser /etc/group
Lab 2: Password Aging Policies

1. Set labuser to change password every 30 days.

bash

Copy

Download

sudo chage -M 30 labuser

2. Verify the settings.


bash

Copy

Download

sudo chage -l labuser

Lab 3: Delete a User

1. Delete labuser and remove their home directory.

bash

Copy

Download

sudo userdel -r labuser

2. Verify deletion.
bash

Copy

Download

ls /home
grep labuser /etc/passwd
Final Notes

 Always use sudo for administrative tasks.


 Prefer chpasswd for scripting user creation.
 Use -r with userdel to clean up user files.

You might also like