User Management

Useradd

• Add user usera with uid 1000 (-u) and belong to groupa (-g) and create home folder (-m): useradd -u 1000 -m -g groupa user

• Add system user usera (-r)): useradd -r -g groupa user

  • System user will have no expiry date and uid chosen from system user ID with maximum number of 999, derived from /etc/login.defs

• Add user usera with home folder /opt/usera: useradd -m -d /opt/usera usera

• Add user usera with primary group usera and secondary group wheel, docker: useradd -g usera -G wheel,docker user

• Add user with specific shell login: useradd -s /usr/bin/zsh usera

• Add user with expiry date (YYYY-MM-DD): useradd -e 2025-01-22 usera

• Change default login shell when adding user: useradd -D -s /bin/bash

• How to Create Users in Linux (useradd Command)

Usermod

• Add comment to user: usermod -c "This is test user" usera

• Change home directory: usermod -d /home/user usera

• Change expiry date: usermod -e 2024-02-24 usera

  • Disable expiry date: usermod -e "" usera

• Change user group: usermod -g groupa usera

• Change user secondary group: usermod -G groupb,groupc usera

• Add user to additional group: usermod -a -G groupb usera: usera will be added to additional secondary groupb

• Lock user: usermod -L usera

• Unlock user: usermod -U usera

• Set unencrypted password: usermod -p test_password usera

• Change shell for user: usermod -s /bin/sh usera

• Change uid of user: usermod -u 1000 usera

• Change username: usermod -l New_user usera

• Usermod Command in Linux

Password Management

• chage -l $user: list password expiry info

• chage -M -1 $user: disable password expiry

Groupadd

• Add group groupa with group id 1000 (-g): groupadd -g 1000 groupa

• Add group groupa with system gid (-r): groupadd -r groupa

• How to create, delete, and modify groups in Linux

Verification

• Check user expiry date: chage -l usera

• View current default useradd option which is defined in /etc/default/useradd: useradd -D

Hide Account from Login Screen

• There are some options depending on which system is running

Using AccountsService (Recommended):

• If your system uses AccountsService, you can’t directly hide a user from the greeter screen by reconfiguring LightDM. Instead, modify AccountsService:

• Create a file named /var/lib/AccountsService/users/USERNAME (replace USERNAME with the actual username).

• Add the following lines to the file:

• If the file already exists, ensure you append the SystemAccount=true line to the [User] section.

• Reload AccountsService for the change to take effect: sudo systemctl restart accounts-daemon.service

• This method works well on various Ubuntu versions and is more reliable than directly modifying LightDM configuration1.

Editing LightDM Configuration:

• First, create a backup of your LightDM config: sudo cp /etc/lightdm/users.conf /etc/lightdm/users.conf.bak

• Edit the config file: sudo nano /etc/lightdm/users.conf

• Look for the section:

• To hide the username “james,” add it to the hidden-users line: hidden-users=nobody nobody4 noaccess james

• Reboot your computer, and the user should no longer appear on the login screen1.

For GNOME Desktop (Ubuntu 20.04+):

• Open the terminal and run the following command as the gdm user: sudo -u gdm gsettings set org.gnome.login-screen disable-user-list true

• After the next boot, you won’t see user accounts listed. Instead, you’ll need to type the username and password to log in2.

Reference

• How to List Groups in Linux

• Managing User and Groups RHCSA RHEL8