Managing User and Group Accounts

30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

The ability to manage user accounts and group membership is a crucial tool in any system administrator’s box. In this hands-on lab, we will work with commands like `useradd`, `passwd`, `usermod`, `groupadd`, `groupmod` and `groupdel`. By the time we’re done, we will have a good grasp on how to use these tools for managing user accounts and groups on any Linux system.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create a tester Group in the Reserved Range

Use the groupadd command with the -r option to create the group testers:

groupadd -r tester
Add the test1 User and Make Them a Member of the tester Group. Lock and unlock the test1 User, and Force them to Change their Password

Use the command useradd with the -G option to spection the tester group:

useradd -G tester test1

Set a temporary password (that the user will have to change the first time they log in):

echo Temp@$$ | passwd --stdin test1

We could also set one manually by just running passwd test1 and typing/confirming a password by hand.

Lock and unlock the account using the usermod command.

usermod -L test1
tail -n1 /etc/passwd /etc/shadow
usermod -U test1

We can run tail -n1 /etc/passwd /etc/shadow to see if it got set.

And to make test1 change their password on the next login, run:

chage -d0 test1

Verify the account and groups using the id command.

id test1
Modify cloud_user to Add Secondary Membership in tester Group

Use the usermod command with the -aG options to add cloud_user to the tester group:

usermod -aG tester cloud_user

We can run id cloud_user to check our work and see if the user is in the group now.

Create the /usr/local/test_scripts Directory Owned by cloud_user and Set GID Permission for the testers Group with No Access to Others

Create the directory:

mkdir /usr/local/test_scripts

Make sure it’s owned by cloud_user, and the tester group:

chown cloud_user:tester /usr/local/test_scripts

Give the group write permissions, and revoke any permissions from anyone else:

chmod g+ws,o-rx /usr/local/test_scripts

As a best practice, verify your work. Become the new user, get into the new directory, and create a couple things to look at:

su - test1
cd /usr/local/test_scripts
mkdir dir1
touch file1
ls -l

Additional Resources

Our organization is preparing to create and test some scripts. The lead Administrator has assigned us the task of organizing this information by creating the /usr/local/test_scripts directory, a group named tester, and a user named test1, who is to be a member of the tester group. This directory is to use the setgid permission, so that all files created in this directory will be automatically owned by the tester group.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?