Unit 3

User and Group management- Creation, Updating, Deletion of user and group, Command –
password, Shadow, user add, user mod, user del, group add, group mod, group del -VBC

User and Group management

User and group management is an important aspect of Linux system administration. In Linux,
users and groups are used to control access to system resources and ensure that each user has
the appropriate permissions to perform the tasks they need.
A user account in Linux consists of a username, a unique user ID (UID), and a password. Users
can belong to one or more groups, which are used to control access to shared resources such as
files and directories.
User and group management commands are used to add, modify, or delete users and groups,
as well as to change their passwords, set permissions, and control access to system resources.
Administrators can also use these commands to grant or revoke permissions for specific users
or groups, and to monitor and track user activity on the system.
Properly managing users and groups is essential for maintaining system security and ensuring
that the system runs smoothly. It is important to follow best practices for user and group
management, such as creating strong passwords, setting appropriate permissions, and
restricting root access to prevent unauthorized access to the system.

Creation, Updating, Deletion of user and group

1. Creating a User: To create a new user in Linux, you can use the `useradd` command
followed by the username. For example, to create a new user with the username "newfile",
you can use the following command:

Ex. sudo useradd newfile

2. Updating a User: To modify an existing user's account, you can use the `usermod` command
followed by the appropriate options. For example, to change the home directory for the
"newfile" user to "/home/newfile", you can use the following command:

Ex. sudo usermod -d /home/newfile newfile

3. Deleting a User: To delete a user from the system, you can use the `userdel` command
followed by the username. For example, to delete the "newfile" user, you can use the
following command:

Ex. sudo userdel newfile

4. Creating a Group: To create a new group in Linux, you can use the `groupadd` command
followed by the group name. For example, to create a new group with the name
"developers", you can use the following command:
Ex. sudo groupadd developers

5. Updating a Group: To modify an existing group, you can use the `groupmod` command
followed by the appropriate options. For example, to change the name of the "developers"
group to "devs", you can use the following command:

Ex. sudo groupmod -n devs developers

6. Deleting a Group: To delete a group from the system, you can use the `groupdel` command
followed by the group name. For example, to delete the "devs" group, you can use the
following command:

Ex. sudo groupdel devs

By properly managing users and groups, administrators can ensure that users have the
necessary access to system resources and that the system is secure from unauthorized access.
It is important to follow best practices for user and group management, such as creating
strong passwords, setting appropriate permissions, and restricting root access.

Command – password Shadow

In Linux, the `passwd` command is used to set and change passwords for user accounts. The
`passwd` command can be used by both users and system administrators to update their own
password or to update the passwords of other users.

Here are some examples of how to use the `passwd` command:

1. To change the password for the current user, type `passwd` in the terminal and press Enter.
You will then be prompted to enter your current password and then your new password
twice.

Ex. passwd

Changing password for user <username>.

Current password:

New password:

Retype new password:

passwd: password updated successfully

2. To change the password for another user, you will need to use the `passwd` command
followed by the username of the user whose password you want to change. For example,
to change the password for the user "johndoe", you can use the following command:

Ex. sudo passwd johndoe

Changing password for user johndoe.

 New password:

Retype new password:

passwd: password updated successfully

3. To force a user to change their password the next time they log in, you can use the `passwd`
command with the `-e` option. For example, to force the user "johndoe" to change their
password at the next login, you can use the following command:

Ex. sudo passwd -e johndoe

Expiring password for user johndoe.

passwd: Success

It is important to use strong and secure passwords, and to change them regularly to ensure the
security of user accounts and the system as a whole.

Shadow

In Linux, the `/etc/shadow` file is a system file that contains the encrypted password
information for all the user accounts on the system. This file is only readable by the root user,
and is used to provide an additional layer of security to the system.

The `/etc/shadow` file is a text file that consists of several fields separated by colons. The fields
in the file are as follows

1. Username: This is the name of the user account.

2. Password: This field contains the encrypted password for the user account. This field is
usually filled with a string of characters that cannot be read or interpreted by humans.

3. Last password change: This field contains the date of the last password change for the
user account.

4. Minimum password age: This field specifies the minimum number of days that must pass
before a user is allowed to change their password again.

5. Maximum password age: This field specifies the maximum number of days that a
password can be used before it must be changed.

6. Password warning period: This field specifies the number of days before a password
expires that the user will receive a warning message.

7. Account inactive period: This field specifies the number of days after which an inactive
account will be disabled.

8. Account expiration date: This field specifies the date on which the user account will
expire.

9. Reserved field: This field is currently unused.

The `/etc/shadow` file is used in conjunction with the `/etc/passwd` file to manage user
accounts on the system. When a user logs in to the system, their encrypted password is
compared to the password stored in the `/etc/shadow` file. If the passwords match, the user is
granted access to the system. If the passwords do not match, the user is denied access.

System administrators can use the `passwd` command to update the password information in
the `/etc/shadow` file for a user account. The `passwd` command updates the encrypted
password for the specified user account in the `/etc/shadow` file.

user add, user mod, user del, group add, group mod, group del
In Linux, there are several commands for adding, modifying, and deleting user accounts and
groups. Here are the basic commands for user and group management:
1. User add: `useradd`
The `useradd` command is used to create a new user account. The command creates a new
entry for the user in the `/etc/passwd` file and sets up the user's home directory and shell.
Here's an example:
Ex. useradd johndoe
This command will create a new user account with the username "johndoe".
2. User mod: `usermod`
The `usermod` command is used to modify an existing user account. You can use this
command to change the user's username, home directory, login shell, or other account
settings. Here's an example:
Ex. usermod -s /bin/bash johndoe
This command will change the login shell of the user "johndoe" to `/bin/bash`.
3. User delete: `userdel`
The `userdel` command is used to delete an existing user account. You can use this
command to remove the user's home directory and mail spool as well. Here's an example:
Ex. userdel johndoe
This command will delete the user account for "johndoe".
4. Group add: `groupadd`
The `groupadd` command is used to create a new group. The command creates a new entry
for the group in the `/etc/group` file. Here's an example:
Ex. groupadd developers
This command will create a new group with the name "developers".
 5. Group mod: `groupmod`
The `groupmod` command is used to modify an existing group. You can use this command
to change the group's name or group ID. Here's an example:
Ex. groupmod -n newdevelopers developers
This command will change the name of the group "developers" to "newdevelopers".
6. Group delete: `groupdel`
The `groupdel` command is used to delete an existing group. Here's an example:
Ex. groupdel developers
This command will delete the group with the name "developers".
Note that these commands require root or sudo privileges to execute, as they involve system-
level changes. It is important to use these commands with caution and ensure that you are
making the correct changes to user and group accounts.