Chapter 6. Managing users from the command line

You can manage users and groups using the command-line interface (CLI). This enables you to add, remove, and modify users and user groups in Red Hat Enterprise Linux environment.

6.1. Adding a new user from the command line

This section describes how to use the useradd utility to add a new user.

Prerequisites

  • Root access

Procedure

  • To add a new user, use:

    # useradd options username

    Replace options with the command-line options for the useradd command, and replace username with the name of the user.

    Example 6.1. Adding a new user

    To add the user sarah with user ID 5000, use:

    +

    # useradd -u 5000 sarah

Verification steps

  • To verify the new user is added, use the id utility.

    # id sarah

    The output returns:

    uid=5000(sarah) gid=5000(sarah) groups=5000(sarah)

Additional resources

  • useradd man page

6.2. Adding a new group from the command line

This section describes how to use the groupadd utility to add a new group.

Prerequisites

  • Root access

Procedure

  • To add a new group, use:

    # groupadd options group-name

    Replace options with the command-line options for the groupadd command, and replace group-name with the name of the group.

    Example 6.2. Adding a new group

    To add the group sysadmins with group ID 5000, use:

    +

    # groupadd -g 5000 sysadmins

Verification steps

  • To verify the new group is added, use the tail utility.

    # tail /etc/group

    The output returns:

    sysadmins:x:5000:

Additional resources

  • groupadd man page

6.3. Adding a user to a groups from the command line

This section describes how to use the usermod utility to add a group to the supplementary groups of the user.

Prerequisites

  • Root access

Procedure

  • To add a group to the supplementary groups of the user, use:

    # usermod --append -G group-name username

    Replace group-name with the name of the group, and replace username with the name of the user.

    Example 6.3. Adding a user to a group

    To add the user sysadmin to the group system-administrators, use:

    +

    # usermod --append -G system-administrators sysadmin

Verification steps

  • To verify the new groups is added to the supplementary groups of the user sysadmin, use:

    # groups sysadmin

    The output returns:

    sysadmin: sysadmin system-administrators

6.4. Creating a group directory

Under the UPG system configuration, you can apply the set-group identification permission (setgid bit) to a directory. The setgid bit makes managing group projects that share a directory simpler. When you apply the setgid bit to a directory, files created within that directory are automatically assigned to a group that owns the directory. Any user that has the permission to write and execute within this group can now create, modify, and delete files in the directory.

The following section describes how to create group directories.

Prerequisites

  • Root access

Procedure

  1. Create a directory:

    # mkdir directory-name

    Replace directory-name with the name of the directory.

  2. Create a group:

    # groupadd group-name

    Replace group-name with the name of the group.

  3. Add users to the group:

    # usermod --append -G group-name username

    Replace group-name with the name of the group, and replac[role="abstract"]e _username with the name of the user.

  4. Associate the user and group ownership of the directory with the group-name group:

    # chown :group-name directory-name

    Replace group-name with the name of the group, and replace directory-name with the name of the directory.

  5. Set the write permissions to allow the users to create and modify files and directories and set the setgid bit to make this permission be applied within the directory-name directory:

    # chmod g+rwxs directory-name

    Replace directory-name with the name of the directory.

    Now all members of the group-name group can create and edit files in the directory-name directory. Newly created files retain the group ownership of group-name group.

Verification steps

  • To verify the correctness of set permissions, use:

    # ls -ld directory-name

    Replace directory-name with the name of the directory.

    The output returns:

    drwxrwsr-x. 2 root group-name 6 Nov 25 08:45 directory-name