Here's how to add a user using the ʻuseradd command on * Linux * (* CenOS7 * here). There are ʻuseradd command and ʻadduser command as a method to add a user with * Linux command *, but in * CentOS7 *, ʻadduser is a symbolic link of ʻuseradd`, so it is the same command.
Command reference result
[[email protected] ~]# ls -l /usr/sbin/useradd
-rwxr-xr-x.1 root root 137616 August 9 2019/usr/sbin/useradd
[[email protected] ~]# ls -l /usr/sbin/adduser
lrwxrwxrwx.1 root root 7 October 12 17:04 /usr/sbin/adduser -> useradd
[[email protected] ~]#
CenOS 7 version confirmation result
[[email protected] ~]# cat /etc/redhat-release
CentOS Linux release 7.7.1908 (Core)
[[email protected] ~]#
To add a user, run the following command.
ʻUseradd [username] `
Execution result
[[email protected] ~]# useradd yasushi
[[email protected] ~]#
Set the password with the following command.
passwd [username]
Execution result
[[[email protected] ~]# passwd yasushi
Change password for user yasushi.
new password:
Please re-enter your new password:
passwd:All authentication tokens have been successfully renewed.
[[email protected] ~]#
If there is no option, the user will be added by default.
You can check the default value with the following command.
useradd -D
Execution result
[[email protected] ~]# useradd -D
GROUP=100
HOME=/home
INACTIVE=-1
EXPIRE=
SHELL=/bin/bash
SKEL=/etc/skel
CREATE_MAIL_SPOOL=yes
[[email protected] ~]#
The meaning of each item is as follows.
| item | Contents |
|---|---|
| GROUP | Group to which it belongs if not specified |
| HOME | Home directory creation location |
| INACTIVE | The period from when the password expires until the account becomes invalid ※(-1) has no deadline |
| EXPIRE | Password expiration date |
| SHELL | Login shell |
| SKEL | Location of skeleton files |
| CREATE_MAIL_SPOOL | Setting whether to create a mail spool |
To check the user list, refer to the / etc / passwd file with the following command.
cat /etc/passwd
Execution result
[[email protected] ~]# cat /etc/passwd
root:x:0:0:root:/root:/bin/bash
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:1002::/home/yasushi:/bin/bash
[[email protected] ~]#
/ etc / passwd holds the following information separated by: .
| item | Information created | |
|---|---|---|
| 1 | username | yasushi |
| 2 | Dummy password | x |
| 3 | User ID | 1002 |
| 4 | Group ID | 1002 |
| 5 | comment | (Sky) |
| 6 | Home directory | /home/yasushi |
| 7 | Login shell | /bin/bash |
The / etc / shadow file contains a list of encrypted passwords. Only this file root can be referenced.
cat /etc/shadow
Execution result
[[email protected] ~]# cat /etc/shadow
root:$6$n.LBF.Pi$pGDNeMrJNjOgXlcjQdguA/tZTryDlrDR2LCYgCrlT3KDpAu55nGmoh.4.OHlVL0zDw/YQlpV4HM6zzKCd2hQH.:18307:0:99999:7:::
~~~~~
(abridgement)
~~~~~
yasushi:$6$rwTX74Ir$YhhyryrTsbKdlAIWMKJqRQoQsK1TgelnQmHSpGmCDoXiGWQeQLTDtD73FEGur6tw5wZ50SbBo2QNVKEQUDcpV0:18307:0:99999:7:::
[[email protected] ~]#
/ etc / shadow holds the following information separated by: .
| item | Contents | Information created | |
|---|---|---|---|
| 1 | username | User name | yasushi |
| 2 | password | 暗号化されたpassword | (abridgement) |
| 3 | Last password change date | Date when the password was last changed (displayed as the number of days elapsed since January 1, 1970) | 18307 |
| 4 | Password changeable days | The number of days before the password can be changed again | 0 |
| 5 | Password expiration date | Days before password change is required | 99999 |
| 6 | Password change period Warning notification date | How many days in advance to notify the password expiration warning | 7 |
| 7 | Account invalid days | The number of days until your account becomes unavailable if you do not change your password after the expiration date | (Sky) |
| 8 | Account expiration date | Days until the account becomes unavailable (displayed as the number of days elapsed since January 1, 1970) | (Sky) |
| 9 | Reserved field | unused | (Sky) |
To check the group list, refer to the / etc / group file with the following command.
cat /etc/group
Execution result
[[email protected] ~]# cat /etc/group
root:x:0:
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:
[[email protected] ~]#
/ etc / group holds the following information separated by: .
| item | Information created | |
|---|---|---|
| 1 | group name | yasushi |
| 2 | Dummy password | x |
| 3 | Group ID | 1002 |
| 4 | Users who belong as a subgroup (Comma separated for multiple) |
(Blank) |
To add a user with options, execute the following command.
ʻUseradd [optional] [username] `
The main options are:
| option | Contents |
|---|---|
| -c comment | Set a comment |
| -d home_dir | Specify home directory |
| -e expire_date | The date when the user account becomes unavailable[YYYY-MM-DD]Specified in the format of |
| -f inactive_days | Specify the number of days between the password expiration and the account becoming permanently unavailable 0: This account becomes unusable as soon as the password expires -1: This function is disabled |
| -g initial_group | Specify the group name or group ID of the main group to which the user belongs |
| -G group,[...] | Specify a comma-separated list of auxiliary groups to which the user belongs |
| -m [-k skeleton_dir] | Create home directory if home directory does not exist -If you specify the k option at the same time, skeleton_If the files under dir are not specified/etc/The files under skel are copied to your home directory |
| -o | Allow users to be created with duplicate UIDs |
| -p passwd | Specify a password hashed with crypt |
| -s shell | Specify the user's login shell |
| -u uid | Specify UID |
Create a yasushi02 user with the home directory" / data / test "and the login shell" / bin / sh "with the following command.
useradd -d /data/test -s /bin/sh yasushi02
Execution result
[[email protected] ~]# useradd -d /data/test -s /bin/sh yasushi02
[[email protected] ~]#
Set the password with the following command.
passwd [username]
Execution result
[[email protected] ~]# passwd yasushi02
Change password for user yasushi02.
new password:
Please re-enter your new password:
passwd:All authentication tokens have been successfully renewed.
[[email protected] ~]#
Check the user list (/ etc / passwd)
/etc/passwd
root:x:0:0:root:/root:/bin/bash
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:1002::/home/yasushi:/bin/bash
yasushi02:x:1003:1003::/data/test:/bin/sh
Check the password list (/ etc / shadow)
/etc/shadow
root:$6$n.LBF.Pi$pGDNeMrJNjOgXlcjQdguA/tZTryDlrDR2LCYgCrlT3KDpAu55nGmoh.4.OHlVL0zDw/YQlpV4HM6zzKCd2hQH.:18307:0:99999:7:::
~~~~~
(abridgement)
~~~~~
yasushi:$6$pJe9DpYg$6i9N217uNBwwIAGjuzfavGWffUyZVWMh0PpgaUEm5Ti3PN8T/KdUvEG4fibaBClUq7AzDphHfAqGuVgnEHfWf.:18307:0:99999:7:::
yasushi02:$6$lXu7BN1C$OcFWVxt/weU4Sh2EUNC4YO5s/e5kqeNQ5EEX0PtwLOf1t/Cm86AGmLdbbJr51Qz0xFWWKwZYmHl0.WPJcyqLU1:18307:0:99999:7:::
Check the group list (`` / etc / group')
/etc/group
root:x:0:
~~~~~
(abridgement)
~~~~~
yasushi:x:1002:
yasushi02:x:1003:
If you specify a password, you must specify a crypt-hashed password.
The command to add a user with the user "yasushi03" and password "password03" is as follows. Here, "salt03" is set for salt (the character string added when encrypting the password). You can use any string for salt.
useradd -p $(perl -e 'print crypt("password03", "\$6\$salt03")') yasushi03
Execution result
[[email protected] ~]# useradd -p $(perl -e 'print crypt("password03", "\$6\$salt03")') yasushi03
[[email protected] ~]#
The above command uses perl as the crypt hashed password.
perl -e'print crypt ("[password] "," [hashing method symbol] [salt] ");'
The list of hashing methods is as follows.
| Hashing method symbol | Hashing method |
|---|---|
| $1$ | MD5 |
| $2$ | Blowfish |
| $5$ | SHA-256 |
| $6$ | SHA-512 |
perl -e 'print crypt("password03", "\$6\$salt03")'
Execution result
[[email protected] ~]# perl -e 'print crypt("password03", "\$6\$salt03")'
$6$salt03$/DhkQIuDsIIuvys.ISNOUB.OlWKxzgovMIBdCX2vlwCzEdNuIxMakytppnAGsKwT0hn12BW9XbCBd3KKXBh0/0[[email protected] ~]#
that's all
Recommended Posts