Users & Groups
useradd is the low-level tool: add -m to create a home directory and -s to set the login shell. On Debian-based systems, adduser is the friendlier interactive front end. All user and group administration requires root.Plain useradd [name] creates the account without a home directory, which is rarely what you want for a real user.
-r also removes the user's home directory and mail spool.$ usermod -l [newUsername] [oldUsername]
Change a user's shell, home directory, or comment field. $ chsh -s /bin/zsh [name] Lock an account (disables password login) and unlock it again. Force a password change at next login, or inspect password aging.
Create, rename, and delete groups. $ groupmod -n [newGroupname] [oldGroupname] Add an existing user to a group. The -a in -aG is essential: without it, the user is removed from all other supplementary groups. $ usermod -aG [groupName] [userName] $ gpasswd -a [userName] [groupName] Remove a user from a group. $ gpasswd -d [userName] [groupName] Group changes take effect at the next login. Use newgrp [groupName] to activate one in the current shell without logging out.
Membership in the admin group grants sudo rights: the group is sudo on Debian/Ubuntu and wheel on Fedora, RHEL, and Arch. Edit the sudoers file only with visudo , which checks the syntax before saving (a broken sudoers file can lock you out).
getent queries all account databases, including LDAP and other network sources; the /etc files only show local accounts.
Show the current user, their IDs and groups, and the groups of any user. See who is logged in and what they are doing, and the login history.
su - starts a full login shell as another user (root if no name is given); sudo -i opens a root shell via sudo.$ sudo -u [user] [command]
Copied to clipboard
