(RHCSA) Manage Users and Groups

This is part of the independent and unofficial RHCSA Exam Study Guide series providing free 🤑 resources to prepare for the exam.

This post covers the objectives under the section:

“MANAGE USERS AND GROUPS”

It contains two main parts:

Resources: with links to learn and practice for each objective.
Cheatsheet: containing some examples of commands and actions performed in each objective (when applied).

last ➡ show a listing of last logged in users.
lastb ➡ show a listing of last unsuccessful log in/outs.
lastlog ➡ reports the most recent login of all users of a given user.
who ➡ show who is logged in.
w ➡ show who is logged in and what they are doing.
id ➡ print real and effective user and group IDs.
getent passwd | grep usr1 ➡ display usr1 definitions from /etc/passwd file.
usermod -G -a db user99 ➡ add db group as a suplementary group to user99 account.
usermod -u 1010 user99 ➡ change user’s UID.
usermod -d /home/user-99-new -m user99 ➡ change user’s home directory.
useradd -s /sbin/nologin user99 ➡ create user99 account with the disability of logging in.
userdel -r user45 ➡ remove user and it’s home directory and mail spool.

passwd user1 ➡ change user’s password.
chage -l usr1 ➡ display account aging information.
chage -m 1 -M 90 usr1 ➡ set minimum and maximum days before password change for usr1.
chage -d 2021-12-15 usr1 ➡ set the date of last password change.
chage -W 10 -I 4 usr1 ➡ usr1 passwd will warn 10 days prior to password expiration, and is set to lock the user 4 days after expiration.
passwd -x 30 -n 4 -w 10 user1 ➡ user 1 password expires in 30 days, cannot change at least 4 days, starts warning 10 days prior to expiration.
usermod -e 2021-12-20 user1, chage -E 2022-12-15 user1 ➡ set password expiration date.
passwd -S user1 ➡ report password status (expiration, etc).
usermod -L user1, passwd -l user1 ➡ lock user1 account (verify the lock at /etc/shadow file, there must be !! prepending the password hash).
Edit PASS_MAX_DAYS 30 in /etc/login.defs file ➡ set default password expiration limit to 30 days for the whole system.

groups ➡ print the groups a user is in.
getent group | grep db ➡ display db group definitions from /etc/group file.
groupadd mkt ➡ create mkt group.
gpasswd -d user1 db ➡ removes user1 from db group.
groupmod -g 10400 mkt ➡ change group’s GID.
groupmod -n newmkt mkt ➡ change group’s name.
groupdel mkt ➡ delete mkt group.

visudo ➡ edit the /etc/sudoers file.
su -l user40 ➡ login as user40.
user1 ALL=(ALL) NOPASSWD: ALL ➡ on sudoers file gives full root access to the system without prompting for password.
usermod -aG wheel user99 ➡ add user99 to whell group which has extended privileges.
sudo -l -U usr1 ➡ verify if user has sudo privileges.

Follow me on Twitter to get more posts like this and other quick tips in your feed.
If you have any doubts or tips about this article, I’d appreciate knowing and discussing it via email.
Do you have any other Linux tips? Would you like to publish that in this blog? Please send an email to all drops.
As English is not my native language, I apologize for the errors. Corrections are welcome.
Contact: contact [@] alldrops [.] info.

This is part of the RHCSA Exam Study Guide series