Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions

  




 

 

NOTE: CentOS Enterprise Linux 5 is built from the Red Hat Enterprise Linux source code. Other than logo and name changes CentOS Enterprise Linux 5 is compatible with the equivalent Red Hat version. This document applies equally to both Red Hat and CentOS Enterprise Linux 5.

Chapter 32. Users and Groups

The control of users and groups is a core element of Red Hat Enterprise Linux system administration.

Users can be either people (meaning accounts tied to physical users) or accounts which exist for specific applications to use.

Groups are logical expressions of organization, tying users together for a common purpose. Users within a group can read, write, or execute files owned by that group.

Each user and group has a unique numerical identification number called a userid (UID) and a groupid (GID), respectively.

A user who creates a file is also the owner and group owner of that file. The file is assigned separate read, write, and execute permissions for the owner, the group, and everyone else. The file owner can be changed only by the root user, and access permissions can be changed by both the root user and file owner.

Red Hat Enterprise Linux also supports access control lists (ACLs) for files and directories which allow permissions for specific users outside of the owner to be set. For more information about ACLs, refer to Chapter 8, Access Control Lists.

32.1. User and Group Configuration

The User Manager allows you to view, modify, add, and delete local users and groups.

To use the User Manager, you must be running the X Window System, have root privileges, and have the system-config-users RPM package installed. To start the User Manager from the desktop, go to System (on the panel) => Administration => Users & Groups. You can also type the command system-config-users at a shell prompt (for example, in an XTerm or a GNOME terminal).

User Manager

Figure 32.1. User Manager

To view a list of local users on the system, click the Users tab. To view a list of local groups on the system, click the Groups tab.

To find a specific user or group, type the first few letters of the name in the Search filter field. Press Enter or click the Apply filter button. The filtered list is displayed.

To sort the users or groups, click on the column name. The users or groups are sorted according to the value of that column.

Red Hat Enterprise Linux reserves user IDs below 500 for system users. By default, User Manager does not display system users. To view all users, including the system users, go to Edit => Preferences and uncheck Hide system users and groups from the dialog box.

32.1.1. Adding a New User

To add a new user, click the Add User button. A window as shown in Figure 32.2, “New User” appears. Type the username and full name for the new user in the appropriate fields. Type the user's password in the Password and Confirm Password fields. The password must be at least six characters.

Tip

It is advisable to use a much longer password, as this makes it more difficult for an intruder to guess it and access the account without permission. It is also recommended that the password not be based on a dictionary term; use a combination of letters, numbers and special characters.

Select a login shell. If you are not sure which shell to select, accept the default value of /bin/bash. The default home directory is /home/<username>/. You can change the home directory that is created for the user, or you can choose not to create the home directory by unselecting Create home directory.

If you select to create the home directory, default configuration files are copied from the /etc/skel/ directory into the new home directory.

Red Hat Enterprise Linux uses a user private group (UPG) scheme. The UPG scheme does not add or change anything in the standard UNIX way of handling groups; it offers a new convention. Whenever you create a new user, by default, a unique group with the same name as the user is created. If you do not want to create this group, unselect Create a private group for the user.

To specify a user ID for the user, select Specify user ID manually. If the option is not selected, the next available user ID above 500 is assigned to the new user. Because Red Hat Enterprise Linux reserves user IDs below 500 for system users, it is not advisable to manually assign user IDs 1-499.

Click OK to create the user.

New User

Figure 32.2. New User

To configure more advanced user properties, such as password expiration, modify the user's properties after adding the user. Refer to Section 32.1.2, “Modifying User Properties” for more information.

32.1.2. Modifying User Properties

To view the properties of an existing user, click on the Users tab, select the user from the user list, and click Properties from the menu (or choose File => Properties from the pulldown menu). A window similar to Figure 32.3, “User Properties” appears.

User Properties

Figure 32.3. User Properties

The User Properties window is divided into multiple tabbed pages:

  • User Data — Shows the basic user information configured when you added the user. Use this tab to change the user's full name, password, home directory, or login shell.

  • Account Info Select Enable account expiration if you want the account to expire on a certain date. Enter the date in the provided fields. Select Local password is locked to lock the user account and prevent the user from logging into the system.

  • Password Info — Displays the date that the user's password last changed. To force the user to change passwords after a certain number of days, select Enable password expiration and enter a desired value in the Days before change required: field. The number of days before the user's password expires, the number of days before the user is warned to change passwords, and days before the account becomes inactive can also be changed.

  • Groups — Allows you to view and configure the Primary Group of the user, as well as other groups that you want the user to be a member of.

32.1.3. Adding a New Group

To add a new user group, click the Add Group button. A window similar to Figure 32.4, “New Group” appears. Type the name of the new group to create. To specify a group ID for the new group, select Specify group ID manually and select the GID. Note that Red Hat Enterprise Linux also reserves group IDs lower than 500 for system groups.

New Group

Figure 32.4. New Group

Click OK to create the group. The new group appears in the group list.

32.1.4. Modifying Group Properties

To view the properties of an existing group, select the group from the group list and click Properties from the menu (or choose File => Properties from the pulldown menu). A window similar to Figure 32.5, “Group Properties” appears.

Group Properties

Figure 32.5. Group Properties

The Group Users tab displays which users are members of the group. Use this tab to add or remove users from the group. Click OK to save your changes.


 
 
  Published under the terms of the GNU General Public License Design by Interspire