Managing users and groups from GUI and the command line
We can add a user to the system using useradd from the command line with a simple command, as follows:
useradd testuser
This creates a user entry in the /etc/passwd file and automatically creates the home directory for the user in /home. The /etc/passwd entry looks like this:
testuser:x:1001:1001::/home/testuser:/bin/bash
But, as we all know, the user is in a locked state and cannot log in to the system unless we add a password for the user using the command:
passwd testuser
This will, in turn, modify the /etc/shadow file, at the same time unlock the user, and the user will be able to log in to the system.
By default, the preceding set of commands will create both a user and a group for the testuser user on the system. What if we want a certain set of users to be a part of a common group? We will use the -g option along with the useradd command to define the group for the user, but we have to make sure that the group already exists. So, to create users such as testuser1, testuser2, and testuser3 and make them part of a common group called testgroup, we will first create the group and then we create the users using the -g or -G switches. So, we will do this:
# To create the group :
groupadd testgroup
# To create the user with the above group and provide password and unlock
user at the same time :
useradd testuser1 -G testgroup
passwd testuser1
useradd testuser2 -g 1002
passwd testuser2
Here, we have used both -g and -G. The difference between them is: with -G, we create the user with its default group and assign the user to the common testgroup as well, but with -g, we create the user as part of the testgroup only. In both cases, we can use either the gid or the group name obtained from the /etc/group file.
There are a couple more options that we can use for an advanced level user creation; for example, for system users with uid less than 500, we have to use the -r option, which will create a user on the system, but the uid will be less than 500. We also can use -u to define a specific uid, which must be unique and greater than 499. Common options that we can use with the useradd command are:
-c: This option is used for comments, generally to define the user's real name, such as-c "John Doe".-d: This option is used to definehome-dir; by default, thehomedirectory is created in/homesuch as-d /var/<user name>.-g: This option is used for the group name or the group number for the user's default group. The group must already have been created earlier.-G: This option is used for additional group names or group numbers, separated by commas, of which the user is a member. Again, these groups must also have been created earlier.-r: This option is used to create a system account with a UID less than 500 and without ahomedirectory.-u: This option is the user ID for the user. It must be unique and greater than 499.
There are few quick options that we use with the passwd command as well. These are:
-l: This option is to lock the password for the user's account-u: This option is to unlock the password for the user's account-e: This option is to expire the password for the user-x: This option is to define the maximum days for the password lifetime-n: This option is to define the minimum days for the password lifetime
