In this recipe, we will learn how to manage your system's users and groups on CentOS 7. Essential user and group managing skills are one of the most important CentOS system administrator fundamentals.
To complete this recipe, you will need a working installation of the CentOS 7 operating system with root privileges and a console-based text editor of your choice.
This recipe shows you how to manage users and groups by learning how to add, delete, and modify them:
- To begin this recipe, we log in as root and type the following command to get a list of all the users known to the system:
cat /etc/passwd. - Now, show the root user ID (UID) and group ID (GID):
id root - Next, we will run the following command to add a new user to the system (exchange
your_new_usernamewith a username of your choice):useradd your_new_username - However, in order to complete this process, you will be expected to provide a suitable password. To do this, type the following command (change
your_new_usernamewith a username of choice) than enter a secure password when prompted:passwd your_new_username - Next, create a new group and give it a special name:
groupadd your_new_group - Then, we add our new user to this new group:
usermod -G your_new_group your_new_username - Finally, let's print the user ID and group IDs of our new user to see what has changed:
id your_new_username
The purpose of this recipe was to create a new user and group and show how to connect them together.
So, what did we learn from this experience?
First, we printed out the content of file /etc/passwd to show all the current users in the system. This list not only contains normal user-accounts that belong to real persons, but also accounts that are used to control and own a specific application or service. Then, we used the id command to display the unique user UID and GID for our existing user root. In Linux, every user can be identified by their UID and GID, and every file in the filesystem has specific permission settings that manage its access for the file owner, group owner, and the rest of the users. For each of those three groups, you can enable or disable read, write, and execute permissions using the command, chmod (use man chmod to learn more, and also check out man chown). The owner and group permissions correspond to a UID and GID that we can display for every file using ls -l.
Next, we issued the useradd command that required us to supply a suitable name for the new user, which in turn will enable the server to establish the new identity with a default set of values and criteria that includes a user ID, home directory, primary group (GID), and also set the default shell to bash. Completing this process is simply a matter of confirming a suitable password. To remove a user, there is the opposite command, userdel, which works similarly but can be given the option -f to remove the home directory instead of leave it on the system. Next, we used the groupadd command, which, as the name implies, will create a new group and associate a new unique GID to it. Afterwards, we made our user in question a member of the new group that we created before using the usermod -G command. As said before, each user has exactly one unique UID and GID. The first group is the primary group and is mandatory; however a user can belong to a number of different groups, which are then called secondary groups. The primary group is needed when creating a new file because it will set the GID and UID of the user creating it. To delete a group, we can use the groupdel command. Finally, we used the id command again on our new user to show its UID, primary GID, and the new secondary GID groups we added to it.
You are now able to fully control your user and groups with just a few commands: useradd, usermod, userdel, groupadd, groupmod, and groupdel.