In this recipe, we will learn how to manage your system's users and groups on CentOS 7. Essential user and group managing skills are one of the most important CentOS system administrator fundamentals.
To complete this recipe, you will need a working installation of the CentOS 7 operating system with root privileges and a console-based text editor of your choice.
This recipe shows you how to manage users and groups by learning how to add, delete, and modify them:
cat /etc/passwd
.id root
your_new_username
with a username of your choice):useradd your_new_username
your_new_username
with a username of choice) than enter a secure password when prompted:passwd your_new_username
groupadd your_new_group
usermod -G your_new_group your_new_username
id your_new_username
The purpose of this recipe was to create a new user and group and show how to connect them together.
So, what did we learn from this experience?
First, we printed out the content of file /etc/passwd
to show all the current users in the system. This list not only contains normal user-accounts that belong to real persons, but also accounts that are used to control and own a specific application or service. Then, we used the id
command to display the unique user UID and GID for our existing user root. In Linux, every user can be identified by their UID and GID, and every file in the filesystem has specific permission settings that manage its access for the file owner, group owner, and the rest of the users. For each of those three groups, you can enable or disable read, write, and execute permissions using the command, chmod
(use man chmod
to learn more, and also check out man chown
). The owner and group permissions correspond to a UID and GID that we can display for every file using ls -l
.
Next, we issued the useradd
command that required us to supply a suitable name for the new user, which in turn will enable the server to establish the new identity with a default set of values and criteria that includes a user ID, home directory, primary group (GID), and also set the default shell to bash. Completing this process is simply a matter of confirming a suitable password. To remove a user, there is the opposite command, userdel
, which works similarly but can be given the option -f
to remove the home directory instead of leave it on the system. Next, we used the groupadd
command, which, as the name implies, will create a new group and associate a new unique GID to it. Afterwards, we made our user in question a member of the new group that we created before using the usermod -G
command. As said before, each user has exactly one unique UID and GID. The first group is the primary group and is mandatory; however a user can belong to a number of different groups, which are then called secondary groups. The primary group is needed when creating a new file because it will set the GID and UID of the user creating it. To delete a group, we can use the groupdel
command. Finally, we used the id
command again on our new user to show its UID, primary GID, and the new secondary GID groups we added to it.
You are now able to fully control your user and groups with just a few commands: useradd
, usermod
, userdel
, groupadd
, groupmod
, and groupdel
.