Here's how to add a user using the ʻuseradd command on * Linux * (* CenOS7 * here). There are ʻuseradd command and ʻadduser command as a method to add a user with * Linux command *, but in * CentOS7 *, ʻadduser is a symbolic link of ʻuseradd`, so it is the same command.
Command reference result
[root@CENTOS7 ~]# ls -l /usr/sbin/useradd
-rwxr-xr-x.1 root root 137616 August 9 2019/usr/sbin/useradd
[root@CENTOS7 ~]# ls -l /usr/sbin/adduser
lrwxrwxrwx.1 root root 7 October 12 17:04 /usr/sbin/adduser -> useradd
[root@CENTOS7 ~]#
CenOS 7 version confirmation result
[root@CENTOS7 ~]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
[root@CENTOS7 ~]#
To add a user, run the following command.
ʻUseradd [username] `
Execution result
[root@CENTOS7 ~]# useradd yasushi
[root@CENTOS7 ~]#
Set the password with the following command.
passwd [username]
Execution result
[[root@CENTOS7 ~]# passwd yasushi
Change password for user yasushi.
new password:
Please re-enter your new password:
passwd:All authentication tokens have been successfully renewed.
[root@CENTOS7 ~]#
If there is no option, the user will be added by default.
You can check the default value with the following command.
useradd -D
Execution result
[root@CENTOS7 ~]# useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
[root@CENTOS7 ~]#
The meaning of each item is as follows.
| item | Contents |
|---|---|
| GROUP | Group to which it belongs if not specified |
| HOME | Home directory creation location |
| INACTIVE | The period from when the password expires until the account becomes invalid ※(-1) has no deadline |
| EXPIRE | Password expiration date |
| SHELL | Login shell |
| SKEL | Location of skeleton files |
| CREATE_MAIL_SPOOL | Setting whether to create a mail spool |
To check the user list, refer to the / etc / passwd file with the following command.
cat /etc/passwd
Execution result
[root@CENTOS7 ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:1002::/home/yasushi:/bin/bash
[root@CENTOS7 ~]#
/ etc / passwd holds the following information separated by: .
| item | Information created | |
|---|---|---|
| 1 | username | yasushi |
| 2 | Dummy password | x |
| 3 | User ID | 1002 |
| 4 | Group ID | 1002 |
| 5 | comment | (Sky) |
| 6 | Home directory | /home/yasushi |
| 7 | Login shell | /bin/bash |
The / etc / shadow file contains a list of encrypted passwords. Only this file root can be referenced.
cat /etc/shadow
Execution result
[root@CENTOS7 ~]# cat /etc/shadow
root:$6$n.LBF.Pi$pGDNeMrJNjOgXlcjQdguA/tZTryDlrDR2LCYgCrlT3KDpAu55nGmoh.4.OHlVL0zDw/YQlpV4HM6zzKCd2hQH.:18307:0:99999:7:::
~~~~~
(abridgement)
~~~~~
yasushi:$6$rwTX74Ir$YhhyryrTsbKdlAIWMKJqRQoQsK1TgelnQmHSpGmCDoXiGWQeQLTDtD73FEGur6tw5wZ50SbBo2QNVKEQUDcpV0:18307:0:99999:7:::
[root@CENTOS7 ~]#
/ etc / shadow holds the following information separated by: .
| item | Contents | Information created | |
|---|---|---|---|
| 1 | username | User name | yasushi |
| 2 | password | 暗号化されたpassword | (abridgement) |
| 3 | Last password change date | Date when the password was last changed (displayed as the number of days elapsed since January 1, 1970) | 18307 |
| 4 | Password changeable days | The number of days before the password can be changed again | 0 |
| 5 | Password expiration date | Days before password change is required | 99999 |
| 6 | Password change period Warning notification date | How many days in advance to notify the password expiration warning | 7 |
| 7 | Account invalid days | The number of days until your account becomes unavailable if you do not change your password after the expiration date | (Sky) |
| 8 | Account expiration date | Days until the account becomes unavailable (displayed as the number of days elapsed since January 1, 1970) | (Sky) |
| 9 | Reserved field | unused | (Sky) |
To check the group list, refer to the / etc / group file with the following command.
cat /etc/group
Execution result
[root@CENTOS7 ~]# cat /etc/group
root:x:0:
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:
[root@CENTOS7 ~]#
/ etc / group holds the following information separated by: .
| item | Information created | |
|---|---|---|
| 1 | group name | yasushi |
| 2 | Dummy password | x |
| 3 | Group ID | 1002 |
| 4 | Users who belong as a subgroup (Comma separated for multiple) |
(Blank) |
To add a user with options, execute the following command.
ʻUseradd [optional] [username] `
The main options are:
| option | Contents |
|---|---|
| -c comment | Set a comment |
| -d home_dir | Specify home directory |
| -e expire_date | The date when the user account becomes unavailable[YYYY-MM-DD]Specified in the format of |
| -f inactive_days | Specify the number of days between the password expiration and the account becoming permanently unavailable 0: This account becomes unusable as soon as the password expires -1: This function is disabled |
| -g initial_group | Specify the group name or group ID of the main group to which the user belongs |
| -G group,[...] | Specify a comma-separated list of auxiliary groups to which the user belongs |
| -m [-k skeleton_dir] | Create home directory if home directory does not exist -If you specify the k option at the same time, skeleton_If the files under dir are not specified/etc/The files under skel are copied to your home directory |
| -o | Allow users to be created with duplicate UIDs |
| -p passwd | Specify a password hashed with crypt |
| -s shell | Specify the user's login shell |
| -u uid | Specify UID |
Create a yasushi02 user with the home directory" / data / test "and the login shell" / bin / sh "with the following command.
useradd -d /data/test -s /bin/sh yasushi02
Execution result
[root@CENTOS7 ~]# useradd -d /data/test -s /bin/sh yasushi02
[root@CENTOS7 ~]#
Set the password with the following command.
passwd [username]
Execution result
[root@CENTOS7 ~]# passwd yasushi02
Change password for user yasushi02.
new password:
Please re-enter your new password:
passwd:All authentication tokens have been successfully renewed.
[root@CENTOS7 ~]#
Check the user list (/ etc / passwd)
/etc/passwd
root:x:0:0:root:/root:/bin/bash
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:1002::/home/yasushi:/bin/bash
yasushi02:x:1003:1003::/data/test:/bin/sh
Check the password list (/ etc / shadow)
/etc/shadow
root:$6$n.LBF.Pi$pGDNeMrJNjOgXlcjQdguA/tZTryDlrDR2LCYgCrlT3KDpAu55nGmoh.4.OHlVL0zDw/YQlpV4HM6zzKCd2hQH.:18307:0:99999:7:::
~~~~~
(abridgement)
~~~~~
yasushi:$6$pJe9DpYg$6i9N217uNBwwIAGjuzfavGWffUyZVWMh0PpgaUEm5Ti3PN8T/KdUvEG4fibaBClUq7AzDphHfAqGuVgnEHfWf.:18307:0:99999:7:::
yasushi02:$6$lXu7BN1C$OcFWVxt/weU4Sh2EUNC4YO5s/e5kqeNQ5EEX0PtwLOf1t/Cm86AGmLdbbJr51Qz0xFWWKwZYmHl0.WPJcyqLU1:18307:0:99999:7:::
Check the group list (`` / etc / group')
/etc/group
root:x:0:
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:
yasushi02:x:1003:
If you specify a password, you must specify a crypt-hashed password.
The command to add a user with the user "yasushi03" and password "password03" is as follows. Here, "salt03" is set for salt (the character string added when encrypting the password). You can use any string for salt.
useradd -p $(perl -e 'print crypt("password03", "\$6\$salt03")') yasushi03
Execution result
[root@CENTOS7 ~]# useradd -p $(perl -e 'print crypt("password03", "\$6\$salt03")') yasushi03
[root@CENTOS7 ~]#
The above command uses perl as the crypt hashed password.
perl -e'print crypt ("[password] "," [hashing method symbol] [salt] ");'
The list of hashing methods is as follows.
| Hashing method symbol | Hashing method |
|---|---|
| $1$ | MD5 |
| $2$ | Blowfish |
| $5$ | SHA-256 |
| $6$ | SHA-512 |
perl -e 'print crypt("password03", "\$6\$salt03")'
Execution result
[root@CENTOS7 ~]# perl -e 'print crypt("password03", "\$6\$salt03")'
$6$salt03$/DhkQIuDsIIuvys.ISNOUB.OlWKxzgovMIBdCX2vlwCzEdNuIxMakytppnAGsKwT0hn12BW9XbCBd3KKXBh0/0[root@CENTOS7 ~]#
that's all
Recommended Posts