Managing User Accounts

In this section, we will consider the processes of adding, configuring, and removing user accounts on Unix systems.

Adding a New User Account

Adding a new user to the system involves the following tasks:

  • Assign the user a username, a user ID number, and a primary group, and decide which other groups she should be a member of (if any). Enter this data into the system user account configuration files.

  • Assign a password to the new account.

  • Create a home directory for the user.

  • Place initialization files in the user’s home directory.

  • Use chown and/or chgrp to give the new user ownership of his home directory and initialization files.

  • Set other user account parameters appropriate for your system (possibly including password aging, account expiration date, resource limits, and system privileges).

  • Add the user to any other facilities in use as appropriate (e.g., the disk quota system, mail system, and printing system).

  • Grant or deny access to additional system resources as appropriate, using file protections or the resources’ own internal mechanisms (e.g., the /etc/ftpusers file controls access to the ftp facility).

  • Perform any other site-specific initialization tasks.

  • Test the new account.

We will consider each of these steps in detail in this section. This discussion assumes that you’ll be adding a user by hand. Few people actually do this anymore, but it is important to understand the whole process even if you use a tool that automates a lot of it for you. The available tools ...

Get Essential System Administration, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.