User Account Management in CentOS 7

Key Configuration Files

User and group information in Linux is stored in specific text files within the /etc directory. Understanding these files is crucial for system administration.

  • /etc/passwd: Contains user account information. Each line represents a user with fields separated by colons: username:password:UID:GID:comment:home_directory:login_shell. The password field typically contains an 'x', indicating that the actual encrypted password is stored in the shadow file.
  • /etc/shadow: Stores the encrypted password data and password aging inforamtion. This file is readable only by the root user for security purposes.
  • /etc/group: Defines the groups to which users belong.

Creating User Accounts

The primary command for adding new users is useradd.

useradd new_username

If no specific group is designated using the -g flag, the system creates a private group with the same name as the user and assigns the user to it.

Common Syntax and Options:

useradd [options] login_name
  • -c "Comment": Adds a descriptive comment or the user's full name.
  • -d /path/to/home: Specifies the user's home directory.
  • -m: Creates the home directory if it does not exist (often used with -d).
  • -g group_name: Specifies the primary group (GID must exist).
  • -G group1,group2: Specifies supplementary groups the user should belong to.
  • -s /bin/shell: Defines the user's default login shell (e.g., /bin/bash).
  • -u UID: Manually specifies the User ID number.

Modifying User Properties

The usermod command allows administrators to modify an existing account's attributes.

usermod [options] username

The options generally mirror those used in useradd.

Examples:

To change a user's login shell, home directory, and primary group:

usermod -s /bin/zsh -d /var/www/developer -g webdev developer01

To manage supplementary groups, the -G option replaces existing supplementary groups, while -aG appends to them.

# Overwrite supplementary groups: user 'mike' is now only in 'admin' and 'docker'
usermod -G admin,docker mike

# Append a group: add 'mike' to 'wheel' without removing existing groups
usermod -aG wheel mike

To rename a user account:

usermod -l new_login_name old_login_name

Deleting Users

To remove a user account, use the userdel command.

userdel username

To remove the user along with their home directory and mail spool, use the -r flag:

userdel -r username

Managing Passwords

Accounts are created in a locked state. A password must be set using passwd to activate the account.

passwd [options] username

Root users can manage passwords for any account, while regular users can only change their own.

Key Options:

  • -l: Locks the account (renders the password unusable).
  • -u: Unlocks the account.
  • -d: Deletes the password (makes the account password-less).
  • -e: Forces the user to change their password upon next login.

Password aging and account expiration can also be managed. For instance, to set a maximum password validity period of 90 days:

passwd -x 90 username

To create a user with a specific expiration date during creation:

useradd -e 2025-12-31 temp_contractor

Tags: centos Linux user-management system-administration command-line

Posted on Thu, 07 May 2026 20:00:22 +0000 by davestevens_uk

Hot Tags

©2026 Freaks City