FIGURE 14.1 Use the arrows to add or remove a user to and from a group.
Note that the full set of group commands and options are not available from the graphi-
cal interface, limiting the usefulness of the GUI to a subset of the most frequently used
commands. You learn more about using the Ubuntu User Manager GUI in the next
section of this chapter.
Managing Users
We have mentioned users previously, but in this section we examine how the sysadmin
can manage the users. Users must be created, assigned a UID, provided a home directory,
provided an initial set of files for their home directory, and assigned to groups so that
they can use the system resources securely and efficiently. The system administrator
might elect to restrict a user’s access not only to files, but to the amount of disk space
they use, too.
User Management Tools
Ubuntu provides several command-line tools for managing users, but also provides graph-
ical tools for such. Many experienced sysadmins prefer the command-line tools because
they are quick and easy to use and they can be included in scripts if the sysadmin desires
to script a repetitive task. Here are the most commonly used commands used to manage
useradd—This command is used to add a new user account to the system. Its options
permit the sysadmin to specify the user’s home directory and initial group or to create the
user with the default home directory and group assignments.
CHAPTER 14 Managing Users
useradd -G—This command sets the system defaults for creating the user’s home direc-
tory, account expiration date, default group, and command shell. See the specific options
man useradd. Used without any arguments, it displays the defaults for the system. The
default set of files for a user are found in
The set of files initially used to populate a new user’s home directory are kept in
/etc/skel. This is convenient for the system administrator because any special files,
links, or directories that need to be universally applied can be placed in
and will be duplicated automatically with appropriate permissions for each new user.
$ ls -al /etc/skel
total 20
drwxr-xr-x 2 root root 4096 2006-04-27 04:18 .
drwxr-xr-x 110 root root 4096 2006-05-31 21:24 ..
-rw-r--r-- 1 root root 220 2006-04-21 23:51 .bash_logout
-rw-r--r-- 1 root root 414 2006-04-21 23:51 .bash_profile
-rw-r--r-- 1 root root 2227 2006-04-21 23:51 .bashrc
lrwxrwxrwx 1 root root 26 2006-05-07 15:29 Examples ->\
Each line provides the file permissions, the number of files housed under that file or
directory name, the file owner, the file group, the file size, the creation date, and the
As you can see, root owns every file here, but the adduser command (a symbolic link
to the actual command named
useradd) copies everything in /etc/skel to the new
home directory and resets file ownership and permissions to the new user.
Certain user files might exist that the system administrator doesn’t want the user to
change; the permissions for those files in /home/username can be reset so that the
user can read them but can’t write to them.
userdel—This command completely removes a user’s account (thereby eliminating that
user’s home directory and all files it contains).
passwd—This command updates the “authentication tokens” used by the password
management system.
To lock a user out of his account, use the following command:
# passwd -l username
This prepends an ! (exclamation point, also called a bang) to the user’s encrypted
password; the command to reverse the process uses the
-u option. This is a more
elegant and preferred solution to the problem than the traditional UNIX way of manu-
ally editing the file.
Managing Users

Get Ubuntu Unleashed, Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.