Adding users and groups
Sometimes you will need to define new users of your system and new groups for those users. For example, you may need to define a user called mqm and a group also called mqm (as well as another group called mqbrkrs when installing the embedded messaging component in WebSphere Application Server), or you may need to create users to administer databases.
If you do not specify a user number, graphical tools will usually assign the next available user number. For Fedora and Red Hat systems, user numbers start at 500, so the user you created when you installed your system is probably user 500. For OpenSUSE and Ubuntu, the numbers start at 1000. If you use the same id on several systems as I do, you will probably find it convenient to use the same id and group numbers on each system too.
For the purpose of this section, we will add a user called
testuser with id 2000 and group 2000.
Usually you will define the group first and then define the users who
will use the group, so that's what we will do here. You can either use
the graphical tools for user administration or enter commands in a
terminal window. We'll give an overview of the graphical process here
using OpenSUSE's system administration tools. Then
we'll tell you where to find the corresponding tools
on a Fedora or Ubuntu system. Finally we'll give you the commands if you really want to do it from the
On an OpenSUSE system with KDE, you access the YaST (Yet Another System Tool) control center using Start->Applications, then select System and scroll down to Administrator Settings as shown in Figure 32.
Figure 32. YaST2 Control Center
Open this application and click Security and users in the left panel to view the tasks shown in the main panel of Figure 33.
Figure 33. YaST2 Control Center
Select User and Group Management. If you have not recently received root authority, you will be prompted for the root password. On the next screen, you will see any existing users. Select the Groups tab, and you will see something like Figure 34.
Figure 34. Group list in YaST2 Control Center
Click the Add button to add a new group. You will see something like Figure 35. Note that there are a number of groups that were created when you installed your system. Enter 'testuser' for the Group Name and '2000' for the Group ID. Click OK to return to the group list display and see the new group listed. At this point your group has not yet been saved to the system, so it will be lost if you cancel.
Figure 35. Adding a group in YaST2 Control Center
Click the Users tab to return to the user display, then click Add to add a new user. Enter 'Test User' for the User's Full Name, 'testuser' for the User Name, then type and retype an initial password for the user. See Figure 36.
Figure 36. Adding a user in YaST2 Control Center
Click on the Details tab and enter '2000' for the User ID (uid), and select 'testuser' from the Default Group drop-down menu. This panel is where you can change the default home directory and default login shell, among other items. You can also select additional groups that this user will be a member of. When you have finished, click OK to return to the list of users where you will see your new user. Click OK, and YaST will process all your changes and save them to the system.
Figure 37. User details in YaST2 Control Center
On GNOME systems, such as our Fedora and Ubuntu systems, you start user management from the System->Administration->Users and Groups menu as shown in Figure 38.
Figure 38. Starting user and group management on GNOME
However, Fedora and Ubuntu have different dialogs once you open the
User and Group management. Fedora starts the
system-config-users application, while
Ubuntu starts the
We'll illustrate the Fedora usage here and then summarize the
differences for Ubuntu.
If you are not logged in or recently authenticated as root, you will need to provide the root password when prompted. You will then see the User Manager screen, opened at the Users tab as in Figure 39. By default, only normal users and groups are shown. To view system users and groups, uncheck the Hide system users and groups checkbox under Edit->Preferences.
Figure 39. Fedora User Manager
We could do as we did above for the OpenSUSE system and define our
groups first. However, the Red Hat User Manager has a convenient feature that
lets you create a private group for a
user with the group name being the same as the user name. So
click the Add User button and fill in the details
testuser user as for
OpenSUSE above. However, this time, check the Specify user
ID manually and Specify group ID
manually check boxes and fill in 2000 for each of these
values. Our screen now looks like Figure 40.
Figure 40. Adding a user in Fedora
After you click OK, you will return to the User Manager. Your new user will already be added to the system, unlike the case for OpenSUSE. Click Add Group to add any additional groups you may need. To make users members of additional groups, you can either select a group and use its properties to add users or select a user and use the properties to add groups. When you are done with properties, click OK to return to User Manager and then File->Quit to close the User Manager.
Now that you are familiar with adding users on both OpenSUSE and
Fedora, you will be able to manage the Ubuntu process. In general,
Ubuntu will lead you through the process of adding a user and set up
the user with a default id and group. Once you have added
testuser in this way, you should see a
screen like Figure 41.
Figure 41. User management in Ubuntu
At this point you will need to use the
Manage Groups button to add the new group
(or you could add it before you add the user). Once you have added the
testuser group, you will need to come back
to the screen of Figure 41, select
testuser id, and click the
Advanced button to change both the id number and
primary group for the user.
You can add or change users and groups from the command line. These tasks require root authority.
Information on groups is stored as a flat file in /etc/group. You may
groupadd command to add a new
group. This is fairly simple. Adding a new user is a little more
complex as there are more parameters, and you will need the numerical
number of the user's group. Let's use the
groupadd command to add our
testuser group, with group id 2000, and
then use the
grep command to search
/etc/group and verify the settings. Note: If you do not provide a
group id, the system will assign the next one that is higher than any
existing group id.
root@pinguino:~# groupadd -g 2000 testuser root@pinguino:~# grep testuser /etc/group testuser:x:2000:
As you see, the
testuser group is 2000. Now
let's use the
useradd command to add the
testuser user. The
-c option allows us to specify a comment
that is usually a user's real name. The
option allows us to specify the numerical id (2000) for the user. The
-d option allows us to specify the home
directory for the user. The
specifies the user's primary group. Here we use 2000, which is the
testuser group we just created. The last
option we use is the
-G option to specify
additional groups for this user. Here we can use the group name. In
this case, we'll add
testuser to the group
Once you have added the user, you can
grep command again, and you will see
testuser has been added to the
groups. At this point you have created a new user, but the user does
not have a password and cannot log on to the system. Some users do not
need to log on, so that would be alright for those users. The root
user has the authority to set (or reset) passwords for other users. To
do this, you use the
passwd command and
give the username as a parameter. You will be prompted for the new
password, and then you will be prompted to retype it for
root@pinguino:~# useradd -c"Test User" -u 2000 -d/home/testuser -g 2000 -G ian \ > testuser root@pinguino:~# grep testuser /etc/group ian:x:1000:testuser testuser:x:2000: root@pinguino:~# passwd testuser Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
Finally, you may need to add users to an existing group. You can use
usermod command to do this, but you
need the list of existing groups for the user as you will replace
the list of additional groups. It is often easier to edit /etc/group
directly. Make a backup copy first, just in case you make a mistake.
To add the editor user to both the ian and testuser groups, edit
/etc/group and update the lines for ian and testuser so they look as
You will find much of the user information is stored in /etc/passwd,
but you should not edit this file yourself. Use the
userdel commands instead. If you are
not a full time system administrator, you will probably find it easier
to do occasional manipulation of users and groups through the