Users manipulations

Users manipulations#

This section considers ways to configure the list of users of the Linux operating system.

Default shell#

You can specify default shell that will be used by the user. With --shell argument.

The following example shows how to make python the default shell for the user. We need python installed on the system to play with such tricks.

The following cell creates python_user and specifies the path to Python in the --shell argument.

useradd --shell /usr/local/bin/python3 -m python_user

The following cell executes Python code that prints the value of the environment variable SHELL for python_user.

su - python_user -c "import os; print(os.environ['SHELL'])"

/usr/local/bin/python3

The result is a path specified for python path.

Home directory#

By default the useradd command doesn’t add a home directory for the user, but you can force it to do by using the -m option.

The following cell adds the user home_dir_user, and checks if there is a corresponding directory.

useradd home_dir_user
[ -d /home/home_dir_user ] &> /dev/null && echo "directory exists"

userdel home_dir_user

As a result there is no message indicating that the directory exists - so it hasn’t been created. The following code is exactly the same, but it uses the -m option for useradd.

useradd -m home_dir_user
[ -d /home/home_dir_user ] &> /dev/null && echo "directory exists"

userdel home_dir_user && rm -r /home/home_dir_user

directory exists

The folder has been created automatically with useradd.

Specify the password (-p)#

You can specify a password for a user just during creation using -p <password> option.

Note: The argument passed with -p will be literaly write to the corresponding field of the /etc/shadow but password to be walid it have to be hashed

The following cell creates a user and specifies a -p value for it.

id pass_user &> /dev/null && userdel pass_user
useradd pass_user -p test_password
cat /etc/shadow | tail -n 1

pass_user:test_password:20142:0:99999:7:::

As a result, the corresponding line for that user will contain the literal value specified by -p. This is not a valid password, for example following code chpasswd to specify the same password.

echo "pass_user:test_password" | chpasswd
cat /etc/shadow | tail -n 1

pass_user:$y$j9T$zXkpdGLeWECuJJjUWRkWA/$69C8IDy67Fc52nFTCalrscvFp04JrapLnhUnHWWpyAD:20142:0:99999:7:::

The result is a hash value in the place corresponding to the password, as it should be. But you can still specify the hashed password directly. The following cell uses the openssl passwd utility to create a hash for the password, which then used in useradd.

id pass_user &> /dev/null && userdel pass_user
useradd pass_user -p $(openssl passwd -6 "test_password")
cat /etc/shadow | tail -n 1

pass_user:$6$mgDjcLr.bA.WrMfO$PBUc/Q/dqAQbntKhI7MwldjADkE0E.wf4YQDMUXP/.v/k04MzFy3JjGeWYtTM4NN7GvWz3A5UGGjOcCeZUtmI0:20142:0:99999:7:::

And result would be a valid value for password.